Fortinet Hires Antivirus Guru

Fortinet has hired antivirus expert Joe Wells to drive its hardware-based anti-virus technology

August 19, 2002

4 Min Read
Light Reading logo in a gray background | Light Reading

In a bid to bolster its hardware-based antivirus approach, security startup Fortinet Inc. announced today that Joe Wells has joined the company as its chief antivirus architect (see Fortinet Adds Antivirus Ace).

Wells has been a big name in the antivirus community for more than a decade. He headed his own Wells Antivirus Research Laboratory (WarLab) and worked at many large companies on well-known antivirus programs, such as Norton Antivirus from Symantec Corp. (Nasdaq: SYMC), IBM Antivirus from IBM Corp. (NYSE: IBM), and VFind Antivirus from CyberSoft. In 1993, he founded The WildList Organization International, a repository of known viruses that's become a key source for identifying and testing viruses.

Wells's appointment is part of Fortinet's efforts to build momentum for its hardware-based solution. Fortinet introduced its FortiGate series of network protection gateways, built on network-compatible ASICs (application specific integrated circuits), in May (see Fortinet Improves Security Family). Besides antivirus control, the gateways feature firewall, intrusion detection, and content filtering capabilities. Fortinet claims to be the only company offering ASIC-driven antivirus technology.

Wells likes the approach. While several companies have attempted to implement antivirus technology via hardware, he says, Fortinet is the only one that seems to have succeeded. “It’s the first time I’ve seen it put together right,” he maintains. “The beauty of a hardware solution is simple -- you have a secure environment in a completely separate universe.”

But not everyone agrees that hardware is the best approach to the antivirus problem.

Bob Pratt, the director of product marketing with CacheFlow Inc. (Nasdaq: CFLO), says it "seems strange" to do antivirus scanning on a chip. The problem, he says, is that antivirus products need to be continuously updated to protect against the constant flow of new viruses. Using software as the basis for a security gateway or appliance provides more flexibility, he says. “It’s surprising to try to do that in hardware,” he says.

CacheFlow scans Web downloads in networks using a standalone box powered with software that links networks to outside antivirus servers held by Symantec Corp. (Nasdaq: SYMC) and Trend Micro Inc. Software upgrades keep the box abreast of the latest viruses.

Fortinet, however, claims that its box is as flexible, if not more so, than pure software solutions. According to the company, the silicon virus-scanning engine is programmable, allowing it the flexibility to accommodate new algorithms via Web download without requiring a hardware change. Of course, the company doesn't completely distance itself from software. The database that determines which viruses to scan for is purely software-based and continuously updated.

Fortinet also says its ASIC-based system is more scalable than software-based gateways. Running at network speed, the appliance is especially good for scanning real-time traffic like Web downloads and email, they claim (see Guarding the Gigabits).

Analysts seem to agree, at least in theory. “Software can only be so scalable,” says Aaron Vance, an analyst with Synergy Research Inc.. “Hardware has a lot more upsides than software.”

“You have to have hardware to scale up to the speeds needed on high-end networks,” says Yankee Groupanalyst Matthew Kovar.

Wells also subscribes to the scalability argument. He says hardware is a very effective way to keep up with email based viruses, which are the most vicious ones on the loose today. He says that while many email-based viruses, such as Klez H, aren’t necessarily destructive, they are nonetheless very harmful because they move around so quickly that they can rapidly block an entire network. “Email worms and viruses are the worst,” he says.

Some might wonder at Wells choice of company. After all, Fortinet is a small, privately held company with only 100 employees -- hardly an IBM.

“What I like to see is innovation,” Wells says. “A big corporation has different priorities -- its shareholders. Small companies can put the users first.”

It seems Wells isn’t the only one who finds Fortinet promising. The company landed second-round funding of $9 million last month, bringing the amount invested in it to $13 million (see Fortinet Gets $9M, Names Veeps).

In addition, Fortinet was founded by Ken Xie, who also founded NetScreen Technologies Inc. (Nasdaq: NSCN), one of last year’s only successful IPOs (see NetScreen's Screaming IPO). “They do have that heritage,” Kovar of Yankee says. “That makes me slightly optimistic. If you’ve done it before, you can probably do it again.”

— Eugénie Larson, Reporter, Light Reading
http://www.lightreading.com

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like