Security appliance vendor Barracuda Networks will take the app firewall technology it got with the NetContinuum acquisition in September downmarket, but says it’s too early to do the same with data leakage prevention (DLP).
The Campbell, California-based vendor’s business model is to identify an area of technology that it sees as ripe for commoditization in order to take it to a broader market than its high-end practitioners are currently doing. It then builds an appliance and markets the device into SMEs that have not been able to afford products from other vendors, or to enterprises that want to broaden their use of the technology.
It started life in anti-spam appliances, then added a content filtering appliance, and IM appliance and, most recently, a load balancer with built-in IPS. Now we have Web application firewalls through the acquisition of NetContinuum, and we’ll be expanding that portfolio, said Paul Thackeray, MD for Barracuda in the UK and VP for EMEA.
DLP is a different scenario, however. There has been a lot of M&A activity in this area over the last year or so, most recently with last week’s $350m acquisition of what was arguably the market leader, Vontu, by Symantec. Barracuda, on the other hand, is in less of a hurry to charge in.
To some extent we’ve been doing DLP for the last couple of years, but not under that name, and as a feature on our boxes rather than a dedicated appliance, said Thackeray. Our Spam Firewall already does outbound checking for keywords and phrases, and indeed, for compliance purposes in sectors like the banks, we even did a specific model only for outbound traffic, which also checks to see that a company’s servers aren’t being hijacked for spamming. We also do outbound inspection on our IM Firewall.
DLP as a dedicated technology, on the other hand, is something that is currently sought by the security elite in big enterprises, whereas in SMB, people ask whether it will cost them time and people, and if so, whether they really need it. That’s not to say it won’t ever go into SMB, he went on. It could do, but it’s too early right now. Watch this space, he concluded.
It’s interesting that the company that has made its name by developing single-function appliances for the SMB space is lukewarm about DLP. Of course the first adopters of such technology are in enterprise, and it is for this reason that Symantec, McAfee, Trend and Websense have all bought into the market by acquiring start-ups. However, at least one company that has an SMB focus, St. Bernard Software, talks of having an offering in 2008, and despite its penchant for hybrid appliance-and-SaaS offerings, recognizes DLP as being essentially an appliance play.