Network security requires more than just a firewall. This is a fact not
lost on networking security vendor SonicWall and its President and CEO Matt Medeiros.
Since its creation in 1991, SonicWall has moved beyond firewalls to
address the modern needs of remote access with SSL-VPNs, secure backups
and content. Traditionally the company has positioned itself as a player in
the SMB space, but that’s not to say it can’t play with the big boys of the
enterprise space, as well.
Internetnews.com recently chatted with Medeiros about where SonicWall
is, where it’s heading and if one day one magic box could theoretically
do it all.
Q: What are some of the myths or misconceptions about what SonicWall
actually does or doesn’t do?
I think the biggest myth is that people still see us for the first
product that we introduced, which was an inexpensive small business firewall.
Today we are a comprehensive security solution, not only for data, but for
voice and video. Today we’re far beyond the firewall; we’re a leader in
unified threat management, security appliances, SSL-VPN and content
management.
We are very focused on SMB as we were when the company was founded, and
that’s not because we can only sell to SMB. It’s because that’s where the
growth is.
Q: What are the barriers to adoption for SonicWall in rolling out its
content security management solution, especially considering the “myth” of
SonicWall more as a VPN and firewall provider?
Within the area of content security management, the biggest hurdle is education and training. There is probably more at risk internal to your network than there is external.
One of the bigger myths that we have to overcome about content security
management is that it can just be a policy on a VPN or firewall. We already
had deep-packet inspection on our firewalls as a way to stop Trojans worms
and viruses.
We just took that same technology and inverted it. Those same signatures
that “say stop this virus” can be used to say “stop sending certain
confidential information out.”
Q: Has SSL-VPN reached the tipping point yet? Is there still growth to be
had in that sector?
We certainly think that there is still tremendous opportunity and that we
haven’t hit a saturation point yet by any stretch of the imagination. I
would say that we’re just at the tipping point.
The reason why is that whether you’re a large or small company the whole
nature of a home office just doesn’t make sense anymore. We often look at
SonicWall and say we’re an ambient company. We’re wherever life is at.
Our network should sense where I am and it should provide me with the same
level of security. That’s what SSL-VPN is allowing me to do. It’s allowing
me to access my information from anywhere in the world.
What we did when we introduced our first SSL-VPN was disruptive by making it
affordable relative to our peer group in the SSL-VPN market.
Q: Do you see NAC and the need for NAC helping to drive and grow your
business?
We do have a network access control for things today like our clients. By
way of example we sell McAfee antivirus for all of the clients that are
attached to our gateways. We do a thing which is basically a network access
control. Before you can get on the network you must be at the current
revision of the antivirus software and you must have a clean system. We do
that for both remote work and LAN attached workers.
So we’ve actually been doing NAC long before the industry sort of cloned it
and claimed it. In fact we’ve got some pretty interesting patents on our NAC
capabilities, specifically in the area of security.
Q: SonicWall has been in business since 1991. You’ve been with the company
since 2003. In that time what do you think has been the most “surprising”
changes in the marketplace?
The nature of the threats have changed substantially in just
three-and-a-half years. Viruses are just nuisance-type threats from today’s
perspective.
Today people are literally stealing from us. This is all about real grand
theft happening with a faceless grinch thief. I can tell you that we’ve had
countless customer engagement where I ask why they are upgrading or
installing new security. More often than not it’s because of some level of
corporate identity theft or some level of hard economic theft that has gone
on.
The viciousness of these threats and the economic effect of the threats have
definitely changed.
The other significant change is that people are now looking for security
companies to take more responsibility for their overall security needs. They
don’t want the separate solutions; they want a unified solution and that’s
one of the reasons why we’ve done well with unified threat management. It’s
also why continuous data protection (CDP) has picked up for us. People want
us to provide security around the stored data.
Q: What is the biggest challenge that you face?
We grew in 2005 our software business 44 percent over 2004. In 2006 we’re
growing our overall business at 33 percent over 2005. With that growth there
is the constant need to attain and retain the top talent.
My No. 1 concern is top talent retention and recruitment. With the kind
of growth rates that we’re experiencing, we’ve become a target and we’re
growing.
The picture of the economy is changing so rapidly. Our economic stability is
changing as rapidly as companies are releasing earnings. The macro-economy
is concerning to me.
Q: What’s next? Is it more of the same? Or will there be a “magic box” that
can do everything for everyone?
There will be a continued volley of threats. We will get to the unified
magic box, the panacea will be achieved but probably only for a nanosecond.
That’s because we’ve got to realize that this game that we’re playing is a
game of chess. The moment that I think that I’ve got the predators in
checkmate, they’ll prove me wrong. For every code writer that I have there
are 10,000 hackers out there. This is no longer for the benefit of hackers
saying, “I cause this virus or that Trojan”; it’s a business where money is
being made and lost.
The future in our business looks very good. We know that spam has already
increased four-fold since 2005, we know that spam is so sophisticated that
zombies are repopulating other zombies so to find these computers is
becoming nearly impossible.
Unfortunately the future is to a certain degree more of the same. The
security business is going to be a big business. This whole notion of a
single unified box will be accomplished for a nanosecond. The people that
we’re truly fighting will find their way around it.