Antivirus, once the mainstay of security infrastructure alongside firewalls, is commoditizing rapidly, even though the volume and potency of new malware continues to increase at a rapid pace. This is causing some analysts and solution providers to question whether it’s worth selling and supporting antivirus. And, they’re questioning whether market leaders Symantec and McAfee should even stay in the antivirus business.
The death of antivirus is a topic that resurfaces every few years. Antivirus is a product that everyone uses, but is never really satisfied with. The core signature-based method for detecting and eradicating viruses, worms and Trojans was never foolproof; and even the addition of heuristics, black listing and sandboxing have only incrementally improved performance.
Worse for antivirus vendors, each additional process added to the antivirus engine impedes performance. Symantec, for instances, is still trying to shake off the reputation hit it took with the release of Symantec Endpoint Protection 11, which was widely known as a resource hog that bogged down PCs. No matter how efficient an antivirus engine is, it comes with processing overhead and performance hits.
Despite antivirus technology limitations, products often sell well because they do a good job of eliminating most of the malware threat and reducing the clutter computer users and servers collect by being connected to the Internet. Antivirus is readily available and, thus, becoming more of a commodity bought on price. Although performance is often noted as a differentiator, the difference between products is often unnoticeable to the average user.
An inability to distinguish quality, over-distribution and the increasing availability of free product is driving the monetary value out of antivirus products, which is causing some analysts to advocate for Symantec and McAfee to move on from this technology and focus on higher value products and systems.
Sure enough, Symantec and McAfee are increasingly less about antivirus and more about advanced security technologies.
Symantec, which is currently undergoing its “Symantec 4.0” restructuring, is setting up to focus on systems management, stored data protection, identity management and infrastructure security. Symantec paid more than $1.2 billion for VeriSign’s digital certificate and identity management business, and has yet to do much with it.
McAfee, owned by Intel for the last two years, is more focused on mobility, security information management and data loss prevention. It’s more of an enterprise security player, with much of its channel wrapped around enterprise and midmarket security engagements.
Trend Micro, third among the top security software vendors, is a substantial player in antivirus, but is increasingly focused on virtualization and cloud security, as well as protecting Internet users from malware and hacking threats through reputational analysis.
Increasingly, the battle for the antivirus future is between Sophos and Kaspersky Lab.
Kaspersky, the Russian security software company that has built a formidable channel network, is building upon its consumer and small business antivirus roots with the release of Kaspersky Internet Security, a full function suite with a management console suitable for midmarket and small enterprise customers.
Sophos, on the other hand, has traditionally been an enterprise security company that addresses threats on the network layer. Lately Sophos has been pushing down into the midmarket, as it consolidates products and capabilities around antivirus, data loss prevention and unified threat management.
On the periphery, Avast and Microsoft are stealing market share in consumers and small business with their freeware. AVG Technologies is recasting itself from a consumer company to a small business security services leader with its CloudCare platform. And FireEye, now headed by former McAfee CEO Dave DeWalt, is getting exceedingly aggressive against antivirus market leaders with its new malware detection technology.
Chances are Symantec and McAfee will not give up their antivirus business, as it represents hundreds of millions of dollars of their annual revenue. Solution providers, though they see less return on their antivirus sales, will likely stay in the game, as antivirus still completes the total security package. And antivirus will remain a necessity, as no other technology has emerged to replace it.
Yet, the pressure on antivirus is similar to the pressure placed on conventional firewalls. The average firewall actually does very little to secure a network; it’s mostly there to squelch the background noise of the Internet. But, vendors and solution providers continue to sell firewall and customers continue to buy them because they are a foundational level of security. It’s just their value – technologically and monetarily – have long since passed.
4 Responses to “The Age of Antivirus Nears End”
Leave a Reply