Linked by Thom Holwerda on Thu 19th Aug 2010 17:54 UTC, submitted by poundsmack
Intel Chalk this one up on the 'uh, what?'-list of acquisitions. Intel announced today that it has acquired Mcafee, the security and antivirus company we all know and love. The press release is a bit vague on why, exactly, Intel made this rather odd acquisition.
Thread beginning with comment 437502
To read all comments associated with this story, please click here.
McAfee also does network security
by mbpark on Thu 19th Aug 2010 18:58 UTC
mbpark
Member since:
2005-11-17

One market that Intel has been getting into has been the networking market. They already sell some of the top-performing Gig and 10Gig network cards out there.

They have also been looking at the security market.

McAfee has Safeboot, which is their data at rest encryption solution. They also have IntruShield IDS/IPS, and they also probably still hold patents from their spinoff, Network General, for Sniffer. They also make firewalls and proxy servers for large enterprises.

McAfee also has their own Data Loss Prevention product similar to Symantec Vontu.

When you wrap it all together, you can see that Intel is probably looking at them to provide security at very low levels, and to sell a line of highly accelerated products for proxy servers, data loss prevention, sniffing, and endpoint security. Symantec does not have the luxury of having all of these components, or the ability to customize hardware, in-house.

This makes sense because high-speed DLP or network sniffing requires very tight integration with hardware and software. Linux provides the OS. Intel can provide device drivers and in-depth configuration to make it all work together.

This is not good news for Symantec.

Reply Score: 6

organgtool Member since:
2010-02-25

Your explanation of McAfee's other products makes sense. Though I'm still not sure they're worth the money they got paid because their biggest product (McAfee AntiVirus) sucks. That product has had more false positives than most other antivirus products combined. The worst was when it identified svchost.exe as a virus, removed the file, and sent users' computers into an infinite reboot loop. You couldn't pay me to use their antivirus software.

But perhaps their other software isn't as bad and maybe Intel has big plans for that. In any event, this is definitely a weird purchase and at a surprisingly high price.

Reply Parent Score: 2

Bill Shooter of Bul Member since:
2006-07-14

I would say that you are very correct. their product does indeed suck. However, the company makes a ton of money selling the sucky software, and the company's stock price was pretty low for its profits. So on a purely business value, it makes sense.

Sort of like how I go into fry's looking just for a new thumb drive but end up buying a new Waffle iron. The waffle iron will not store much data and I don't even like waffles that much, but it was a bargain.

Edited 2010-08-19 22:04 UTC

Reply Parent Score: 2

mbpark Member since:
2005-11-17

My thought is that this is about two things:

1. The patents. McAfee has a patent portfolio that includes the following:

http://www.uspto.gov/web/patents/patog/week07/OG/html/1351-3/US0766... - Virus Scanning of a Storage Subsystem

http://www.uspto.gov/web/patents/patog/week42/OG/html/1347-3/US0760...

http://www.uspto.gov/web/patents/patog/week09/OG/html/1352-1/US0767...

http://www.uspto.gov/web/patents/patog/week07/OG/html/1351-3/US0766...

2. Their products for high-speed network scanning and data loss prevention, and their enterprise products. Consumer software is a low-yield investment. I would be surprised if McAfee made a significant amount of money from actual consumer product sales as opposed to bundling.

However, McAfee gets a ton of money from ePolicy Orchestrator, Safeboot, their DLP products, IntruShield, their firewall products, and their server-side products for Microsoft Exchange and SMTP that quietly sit on millions of corporate PCs and ring up consistent dollars in support fees every year.

Symantec, on the other hand, released Endpoint Protection for the enterprise, which had major deployment and adoption issues because it was the integration of the Symantec AV software with the Sygate personal firewall software they acquired, and they did not go well together. They also bought Vontu for their DLP software, which is still top of the class despite their best efforts.

IBM just introduced ISS for VMWare. It's an excellent product that provides IDS/IPS for virtual machines at the hypervisor level.

Intel is probably going to go after Symantec by tightly integrating the McAfee engine into the AV, DLP, and encryption products, and having one tool that allows AV, IDS, IPS, DLP, and Safeboot updates in ePolicy Orchestrator, as opposed to the travesty known as LiveUpdate. The fact that everything will be integrated and work with Intel CPUs will also help significantly, as Intel can control the entire software/hardware stack in ways that only two other companies can, Oracle and IBM. Oracle doesn't have much interest in endpoint security these days, and IBM has ISS. Intel will make their software work better with their chips and chipsets for the products that quietly sell for 6 figures a pop to large companies, and Safeboot, which is bought by the truckload. Any company selling full disk encryption software really needs to worry right now!

Secondly, I expect Intel/McAfee to announce virtual machine security products to directly compete with IBM ISS's SiteProtector, but that will work cross-platform (VMWare, Xen, KVM, SWSoft Virtuozzo/Parallels) and at a very low level.

Third, I expect Intel to start integrating hooks for security products into the lowest level of their device drivers for their networking products, which are actually quite good. Remember that a lot of systems administrators will use the Intel cards and turn off the OEM Broadcom cards on Dell or HP servers because they don't have bad drivers. This is going to provide for offload of security products onto the card, which will be a big help with 10G and 100G network scanning. This is something that you would only ever hear about Cisco pulling off, and they don't have the skills at making chips that Intel does. Cisco still depends on Freescale for the chips they need for their routers. Do not be surprised if more Intel chips show up in Cisco products, or if Intel re-invigorates McAfee's network-based IDS/IPS tools to work better with 10/100G Ethernet with customized appliances capable of scanning that much data, and beats them to market with better tools.

I think there was a bidding war. I think that one of the other players was Cisco, and another was IBM. I think Cisco wanted the patents and to integrate their network-based IDS/IPS tools into their product line, as did IBM (who did spend $1B+ on ISS).

Intel just made a big announcement to the world that they're going to start playing more heavily in network-based security, and that they think that the integration of their knowledge of microprocessor and network processor design with relatively good network scanning software and the required patents is going to allow them to build better products that are going to let them stand up against Symantec, m86 Security, Cisco, and IBM.

Reply Parent Score: 6