Leaner Intel Security bets big on endpoint and cloud: Jagdish Mahapatra

No other security vendor with broad portfolio can execute entire threat defense lifecycle from ‘protect, detect and correct’ perspective, says Jagdish Mahapatra, Intel Security

Intel Security has gone lean in terms of its enterprise product portfolio.

The tech giant in past couple of months has announced end-of-life plans for McAfee Email Gateway appliance, McAfee Vulnerability Manager, McAfee Network Threat Response Software, McAfee Qurantine Manager, McAfee Enterprise Mobility Management, and McAfee Asset Manager. There are reports of sale of McAfee Next-Generation Firewall and McAfee Firewall Enterprise businesses to Raytheon|Websense too.

ChannelWorld India spoke exclusively with Jagdish Mahapatra, Managing Director, India and SAARC, Intel Security on the company’s new strategy and why the security giant is still a force to reckon with in the enterprise market and ahead of the competition.

Excerpts from the interview

Intel Security recently signed its intention to sell its McAfee Next-Generation Firewall and McAfee Firewall Enterprise businesses to Raytheon|Websense. What is the rationale?

First and foremost, we have still not made the public announcement. The talks are on with Raytheon Websense and I cannot comment more on it.

We feel the evolution of the network and hence firewall is headed in a very interesting direction. You have the corporate network here with all basic series web, email, end point; then you have IPS and then there is firewall at the entry and exit point. So far, most of the users would be inside the network and the installed firewall takes care if someone accesses the outside world. Moving forward the network with this perimeter being defined firewalls have reached the best level of stretched innovation.

Moving forward, we see IoT, wearables etc will not go to the corporate network. It will go to the cloud. Intel security view that whether it is amazon, azure of any cloud service provider. IoT will take update of security from cloud and it will not touch the corporate network.

For most of the travelling executives, almost half of the time their information or data flow (traffic) does not even cross their corporate network.

In next two years, firewall will lose its importance in terms of where it sits now to where it will be in future. Security will move towards provisioning services including web, email and also firewall moving to the cloud. Today amazon gives a complete service set and they do not define the firewall. The firewall may not relevant to the customer but he is more concerned on other provisioning aspects as the cloud provider takes care of layer 2.

But your competitors like Fortinet, Palo Alto, FireEye to name a few are still betting big on NGFW appliances?

Most of the mentioned security companies call themselves as platform companies and not firewall companies. They probably would look at expanding and providing email, web as a platform play as they have also realized that stand alone firewall will lose its relevance.

Network companies are now understanding the end points. It’s become extremely important what data resides on end point and what connection is established with cloud or corporate network. Securing the endpoints has become the most critical piece.

We have cases of CIOs of large corporate wanting to move all of their corporate applications to cloud. It sounds very aspirational but even if they move 80% of the load in two years, what is the relevance of firewall? End point will get critical and hence all network players trying to get hold of this space whether acquisition or building expertise and there will be a shakeup in the industry in next two to three years.

Our strength has always been end point. McAfee legacy has been end point and nobody understands it better than us. We recently announced enhanced end point solution 10.x recently as which is much faster and quicker as things are moving fast. Secondly it fundamentally gives the path to the cloud. If traffic is coming here and provisioning is happening here, the whole management of the end point can only be from on premise perspective has to be on cloud. And our management console McAfee ePO (ePolicy Orchestrator) facilitates the cloud story.

What are the new bets by Intel Security to dominate the enterprise security world?

We need to enhance end point get it better and better from IoT point of view. But we have to cloudify all our products. We will move all our products to cloud. IPS will get consumed we need to make sure to get the virtual part of that kicking in. IPS is not an entry or exit point but it has to be present across as it provides threat intelligence to network aspects. We will play strong there.

The decision around firewall is based on the fact that instead of putting our might on that aspect (firewall) which may not be relevant in future, we will put our investments in endpoint and cloud. We will address those two areas in a big way.

The other shift is around how integrated security is better for enterprises. We are taking the whole story of our ‘Security connected’ to next level. More and more customers is are saying that security connected is good. We are only vendor which can integrate as we have products there. Can you deliver the outcome, what are three things you can promise? We have concreted those feedback and we launched at info cu and two cities in India we launched ‘threat defense lifecycle’ concept.

The first aspect being technology process and people component should provide the basic level of protection. Protection isn’t enough which is moral of the story of all breaches. Whenever it gets breached, can we detection it faster and correct is faster than others.  Our approach is protect detect correct and then adapt this as an iterative cycle. Every time I correct something I make all the points intelligent and we are making sure all products are managed on one platform.

And does erstwhile McAfee’s ‘Security Connected’ story have place for competing security vendors too?

There are so many point product players when customers invest there should be someone who tells and commits everything to be connected on common bus. We recently signed up with twelve new partners (our competitors) for McAfee DXL (Data Exchange layer) who have agreed to join the bandwagon because that’s what is meaningful for the customers. We want more partners to join DXL which will allow customers to choose the best product.

We will do bulk most of our products around ‘protect, detect, correct’. But we will collaborate with vendors who are strong in say protect or detect or correct. That’s the big move by Intel Security. 

Intel Security wants to end to end security provider but exiting businesses around mail, MVM, MDM, email and others opens a playground for the competition. Comment.

Let me clarify few things. As we focus on end point and cloud, we are realizing the need to put R & D investments in the areas for maximum returns. The overall addressable market for MVM (McAfee Vulnerability Market) is a small component though it is growing fast and it has been a good product for us. We have many customers on MVM an also email. But they are not significant contributors to overall revenues.

We are exiting few business lines to have added efforts on focused areas like endpoint, IPS, Web to name a few. Web as per us will see the major chunk of traffic. Email as a traffic competent is reducing gradually.

For businesses giving ‘not significant’ revenues, we are partnering with other vendors. For vulnerability management, we have announced to customers about the alternative vendor.Rapid7. For email we have advised customers to move to proofpoint without any operational disruption.

The new strategy indicates Intel Security is focusing on large to very large enterprise customers and kind of exiting SMB market.

Threat defense lifecycle applies to everyone irrespective of size of enterprise. However the SMB prefers an easier and a different route to consume security solutions. The managed services revenues globally and in India has been growing faster than products itself.  We are not cloud provider but we are the cloud enabler else we start competing with partners like some vendors toe that line.

For SMBs, we have many enablement programs in place. In India we have seen huge growth in managed services. I foresee future of many products including SIEM where managed services model is a more scalable model and that percolates down to SMBs.

Again the biggest problem facing the industry is the shortage of security professionals who can make more sense of sensors and dashboards. The reported global number is 1 million. In India also, the shortage of skilled security professionals is more and then training them is also a task. Hence we see more relevance of managed services as the enterprise customers struggle to keep up the skillsets needed in changing security world.

How optimistic is Intel Security on the cloud growth in India because the cloud numbers are not great now. Also millions of SMBs are still on the product purchase phase of AV, firewall and other basic security gear.

Things will change faster than we can imagine as the security will be consumed in a very different way in next two to three years. Look at IoT like how one consumes data on mobile device does not go to corporate network. You can update it and make sure the device is secure after provisioning on the cloud. And the update patch can be done from corporate but it doesn’t have to as the network becomes slower. Even official apps will also go on cloud which is a flexible way and easier to consume it is on cloud.

What about the concern of the security of data on cloud?

We see far more acceptance to cloud with right kind of SLA. The business uptake of AWS worldwide and in India, it is reflection of the people getting comfortable and willing to sign what kinds of SLAs, what penalties they can sign. Despite best of technologies on premise, companies are getting breached. In last six months, we are seeing many instance of ransomware issues in India. Ransomware is not a product issue but it is more about architecting and fine tuning your solution and not buying new technology.  Despite the best of learned people in organization, it is difficult to catch up.

Our web gateway, DLP and all that continue play on both - on premise or cloud. But when the customer asks we should be able seamlessly move EPO on cloud, web gateway on the cloud.  The intention to cloudify all our solutions over time.

What is the value proposition of leaner Intel Security (from product lines perspective) with customers and channels?

I personally feel there is no change in value proposition to the channels and their customers. The channels have choices from lot of single point product companies and big vendors with a smaller security pie chart of their business. And there are technology vendors competing with partners. We never compete with partners.

We have highest market share with an innovative end point solution. We have good web gateway with the option of moving to cloud. The only part missing perhaps is firewall but that was a new acquisition and hence the exit there does not impact per se. We will continue to invest in IPS as strong network story.

There Is no other security player who can walk through the entire threat defense lifecycle as we can from protect, detect and correct. And wherever we don’t have solution in maybe email or VM, we will bring in credible partners who is on our DXL who is on our EPO. We will not get a brand which does not work on our open or connected framework and that’s our commitment to customers.

Will security market continue to prosper as a replacement (when breach happens) mode or move towards a more strategic ‘end to end’ investment by organizations?

It had been predominantly been that way like say replace firewall of one brand by another new one The customers are now approaching realizing that just replacing the brand is not enough. The security solution has to give you something fundamentally different. Most vendors are now talking of the language of connected security and platform play. Largely due to the fact that one product will never be sufficient.

Every ‘best of breed’ security solutions in silos at an enterprise will not work as todays infrastructure needs integrated play. Intel Security has been peaking and working in that direction since past half a decade.

It will be more long term play for enterprise channels through threat defense lifecycle for one tom three years with their customers.

Channels sell the product on run rates. It is always better for channels to get more out of existing customers than hunting new customers. But they actually start making money when you see three to four products to the single customer.

I can’t think of any vendor – with all humility- that can provide a slew of products across security spectrum other than us for next two years. Network vendors or end point vendors provide their one or two strong products. Channels can start with end point, IPS, Web, DLP and then SIEM that helps integrate everything together for their customers. Intel Security provides that big array of products along with robust partnerships that are aligned to our architecture.