RealTime IT News

Matt Medeiros, President, CEO, SonicWall

Matt Medeiros Network security requires more than just a firewall. This is a fact not lost on networking security vendor SonicWall and its President and CEO Matt Medeiros.

Since its creation in 1991, SonicWall has moved beyond firewalls to address the modern needs of remote access with SSL-VPNs, secure backups and content. Traditionally the company has positioned itself as a player in the SMB space, but that's not to say it can't play with the big boys of the enterprise space, as well.

Internetnews.com recently chatted with Medeiros about where SonicWall is, where it's heading and if one day one magic box could theoretically do it all.

Q: What are some of the myths or misconceptions about what SonicWall actually does or doesn't do?

I think the biggest myth is that people still see us for the first product that we introduced, which was an inexpensive small business firewall.

Today we are a comprehensive security solution, not only for data, but for voice and video. Today we're far beyond the firewall; we're a leader in unified threat management, security appliances, SSL-VPN and content management.

We are very focused on SMB as we were when the company was founded, and that's not because we can only sell to SMB. It's because that's where the growth is.

Q: What are the barriers to adoption for SonicWall in rolling out its content security management solution, especially considering the "myth" of SonicWall more as a VPN and firewall provider?

Within the area of content security management, the biggest hurdle is education and training. There is probably more at risk internal to your network than there is external.

One of the bigger myths that we have to overcome about content security management is that it can just be a policy on a VPN or firewall. We already had deep-packet inspection on our firewalls as a way to stop Trojans worms and viruses.

We just took that same technology and inverted it. Those same signatures that "say stop this virus" can be used to say "stop sending certain confidential information out."

Q: Has SSL-VPN reached the tipping point yet? Is there still growth to be had in that sector?

We certainly think that there is still tremendous opportunity and that we haven't hit a saturation point yet by any stretch of the imagination. I would say that we're just at the tipping point.

The reason why is that whether you're a large or small company the whole nature of a home office just doesn't make sense anymore. We often look at SonicWall and say we're an ambient company. We're wherever life is at.

Our network should sense where I am and it should provide me with the same level of security. That's what SSL-VPN is allowing me to do. It's allowing me to access my information from anywhere in the world.

What we did when we introduced our first SSL-VPN was disruptive by making it affordable relative to our peer group in the SSL-VPN market.

Q: Do you see NAC and the need for NAC helping to drive and grow your business?

We do have a network access control for things today like our clients. By way of example we sell McAfee antivirus for all of the clients that are attached to our gateways. We do a thing which is basically a network access control. Before you can get on the network you must be at the current revision of the antivirus software and you must have a clean system. We do that for both remote work and LAN attached workers.

So we've actually been doing NAC long before the industry sort of cloned it and claimed it. In fact we've got some pretty interesting patents on our NAC capabilities, specifically in the area of security.

Q: SonicWall has been in business since 1991. You've been with the company since 2003. In that time what do you think has been the most "surprising" changes in the marketplace?

The nature of the threats have changed substantially in just three-and-a-half years. Viruses are just nuisance-type threats from today's perspective.

Today people are literally stealing from us. This is all about real grand theft happening with a faceless grinch thief. I can tell you that we've had countless customer engagement where I ask why they are upgrading or installing new security. More often than not it's because of some level of corporate identity theft or some level of hard economic theft that has gone on.

The viciousness of these threats and the economic effect of the threats have definitely changed.

The other significant change is that people are now looking for security companies to take more responsibility for their overall security needs. They don't want the separate solutions; they want a unified solution and that's one of the reasons why we've done well with unified threat management. It's also why continuous data protection (CDP) has picked up for us. People want us to provide security around the stored data.

Q: What is the biggest challenge that you face?

We grew in 2005 our software business 44 percent over 2004. In 2006 we're growing our overall business at 33 percent over 2005. With that growth there is the constant need to attain and retain the top talent.

My No. 1 concern is top talent retention and recruitment. With the kind of growth rates that we're experiencing, we've become a target and we're growing.

The picture of the economy is changing so rapidly. Our economic stability is changing as rapidly as companies are releasing earnings. The macro-economy is concerning to me.

Q: What's next? Is it more of the same? Or will there be a "magic box" that can do everything for everyone?

There will be a continued volley of threats. We will get to the unified magic box, the panacea will be achieved but probably only for a nanosecond.

That's because we've got to realize that this game that we're playing is a game of chess. The moment that I think that I've got the predators in checkmate, they'll prove me wrong. For every code writer that I have there are 10,000 hackers out there. This is no longer for the benefit of hackers saying, "I cause this virus or that Trojan"; it's a business where money is being made and lost.

The future in our business looks very good. We know that spam has already increased four-fold since 2005, we know that spam is so sophisticated that zombies are repopulating other zombies so to find these computers is becoming nearly impossible.

Unfortunately the future is to a certain degree more of the same. The security business is going to be a big business. This whole notion of a single unified box will be accomplished for a nanosecond. The people that we're truly fighting will find their way around it.