Analysis: Microsoft Forefront Must Overcome Security Stigma Before Businesses Bite

Microsoft's new Forefront lineup of security products demonstrates it knows where the money is in the security market: selling Band-Aids, not cures.
When it comes to the IT ailments that have made security such a big business, there are lots of companies selling Band-Aids but relatively few looking for cures. The Forefront lineup of security products Microsoft introduced Monday indicates that the company knows where the money is in the security market.

Hint: It's in Band-Aids.

What's less certain is how Microsoft will convince businesses that it is the solution to, rather than the source of, their security problems.

In the business world, Microsoft "is known not as a security provider but as a security problem," says Andrew Braunberg, senior information security analyst with Current Analysis. "You've got people asking why they should pay to plug the holes created by the products that Microsoft sells."

And that's just one of the many challenges Microsoft faces as it broadens its horizons beyond the market for consumer PC security. Although the Forefront products will consist of a number of relatively mature technologies that Microsoft gained through acquisition, Microsoft will find itself trying to sell antivirus, anti-spyware, and other security software to companies that have already bought these products from established vendors such as McAfee, Symantec, and Trend Micro.

Another major obstacle in Microsoft's path is its tendency to move at glacial speeds when it comes to delivering new product versions, particularly when it tries to include those new products as features within Windows. "Unfortunately, new security threats won't wait for Vista or Longhorn," says Gartner VP John Pescatore.

As a result of these factors and others, "it'll be a good three years before Microsoft has any large impact on enterprises," Pescatore says. "Businesses don't try the first version of anything, and they wait for version 3 of anything from Microsoft."

Yet Microsoft didn't get to where it is today by accident, and the company will greatly influence how its competitors price and package their wares. Other security vendors will struggle to match Microsoft's ability to bundle security software in with Windows to the point where "we see the standalone security market dying out over the next three-to-four years," Braunberg says. "Enterprises want security moved more into the OS.

Pescatore agrees, "If companies can reduce their spending on AV, this should help them shift their budgets toward more important, emerging technologies like network access control. It's like Wal-Mart moving to town--they kill some vendors while others thrive because they do what Wal-Mart can't."

Symantec appears to have seen the writing on the wall and has diversified its business, most notably in last year acquiring storage software maker Veritas. Symantec wants to be more of a player in the market for storage and security management. McAfee also wants to get more involved with security management, a business the company won't be able to grow if it sticks strictly to the anti-malware software market.

Forefront will unify Microsoft's business security software under a single brand that includes Microsoft Client Protection for business PCs, Antigen for servers, and Internet Security & Acceleration, or ISA, Server for analyzing network traffic. Microsoft OneCare service for consumer Windows XP PC security and maintenance won't be included in Forefront.

The first product that will roll off the Forefront assembly line is Forefront Client Security, which has previously been known as Microsoft Client Protection. Expect a beta program by the end of the year and general availability during the first half of 2007. Two key features included in Forefront Client Security are State Assessment Scan, which helps determine which machines need patches or are configured insecurely, and Single Profile Configuration, designed to simplify security policy implementation.

Forefront Security for Exchange Server and Forefront Security for SharePoint are due later this year. They will be re-branded versions of Microsoft's Antigen software, which came with last year's acquisition of Sybari Software. The products use multiple anti-spam and antivirus engines to detect threats.

After Microsoft releases the next version of its Windows server operating system, code-named Longhorn Server and due in 2007, it plans to release a version of its ISA Server for analyzing network traffic that bears the Forefront name. Shorter term, Microsoft plans to release ISA Server 2006 in September.

"Forefront is the family brand that will bring Microsoft's security products together--client, server, and [network] edge," says Steve Brown, director of product management for Microsoft's security, access, and solutions division.

The question isn't really whether Microsoft will be able to sell a lot of Forefront licenses--it will--but rather whether conforming to the current security market model best serves Microsoft's customers. Perhaps the company's resources would have better spent ensuring that Vista and Longhorn are more secure than their predecessors and that they ship sooner rather than later.

Editor's Choice
Brian T. Horowitz, Contributing Reporter
Samuel Greengard, Contributing Reporter
Nathan Eddy, Freelance Writer
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Cynthia Harvey, Freelance Journalist, InformationWeek
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing