x
Optical/IP

Symantec Acquires SafeWeb

Consolidation in the Secure Socket Layer (SSL) Virtual Private Network (VPN) market continues.

Today, Symantec Corp. (Nasdaq: SYMC), a maker of antivirus and Internet security software, announced it has bought startup SafeWeb Inc. for $26 million in cash.

Symantec intends to offer the SafeWeb technology as a standalone product starting in the first quarter of next year. It plans to integrate the SSL VPN into its Gateway Security Appliance later in 2004.

SSL VPNs allow remote users secure access to corporate networks via a standard Web browser. The key benefit of the technology is that it doesn’t require a client to be downloaded, making access from laptops and other mobile devices much easier. By contrast, IPSec requires client software to be installed on every device accessing the corporate network.

SSL VPNs have recently become all the rage. NetScreen Technologies Inc. (Nasdaq: NSCN) just two weeks ago announced it was buying Neoteris Inc. (see NetScreen Snags SSL Leader). NetScreen offered to pay $265 million in stock and cash for the startup, which Frost & Sullivan pegged as Number 1 in the SSL VPN category (see F&S: Neoteris Leads in SSL VPNs) -- which makes the SafeWeb deal look like a bargain.

Prior to its Neoteris acquisition, NetScreen had an interoperability and reseller relationship with SafeWeb, all pointing to a potential buyout (see SafeWeb Joins NetScreen Alliance).

"The company has some great people and good technology," says David Flynn, vice president of marketing for NetScreen. "But the product isn't mature. It still needs a lot of work. We considered acquiring them as a low-cost way to enter the market but decided we wanted to be more aggressive, so we went after Neoteris."

F5 Networks Inc. (Nasdaq: FFIV) also recently scooped up an SSL VPN startup in uRoam (see F5 Buys Into SSL VPNs).

Even with Neoteris, uRoam, and SafeWeb out of the running, there are still plenty of SSL startups in the market. Aventail Corp., PortWise AB, and Whale Communications Ltd. are just a few that are still independent.

PortWise, based in Europe, announced today that it has secured €8 million (US$9.3 million) in its Series B funding (see PortWise Pockets €8M Funding). The company, which claims to have 150 customers, will use the additional funds to expand its global presence. New investor Cazenove Private Equity led the round, with additional investment from Four Seasons Venture.

Symantec was trading up $0.5 (0.77%) to $65.45.

— Marguerite Reardon, Senior Editor, Light Reading

wilecoyote 12/4/2012 | 11:19:43 PM
re: Symantec Acquires SafeWeb So Flynn basically drills Safeweb's valuation into the ground with his comments "low value, product not ready, blah blah blah."

I bet the strategy was to buy Safeweb and Neoteris both, but drill the valuation of Safeweb down to make it more affordable, so he fires off this comment.

You know what that says to me? It says, don't engage with Netscreen unless you are very confident they will execute the transaction. Flynn screwed Safeweb bigtime going public like this. If I were Safeweb, I'd sue.

Gotta hand it to him. Smart move. Nasty, baby. Real nasty. But smart. Smart is cool, right? Netscreen didn't get where it is by being a bunch of nice guys.

Still pullin' for ya Dave. But man, that was ruthless.
mr zippy 12/4/2012 | 11:19:42 PM
re: Symantec Acquires SafeWeb "SSL VPNs allow remote users secure access to corporate networks via a standard Web browser. The key benefit of the technology is that it doesnGÇÖt require a client to be downloaded, making access from laptops and other mobile devices much easier. By contrast, IPSec requires client software to be installed on every device accessing the corporate network."

This sounds like a benefit, until you look at the reality of today's desktop, and in particular laptop environments.

This statement is comparing SSL VPNs to IPsec VPNs using cost of client deployment as the evaluation criteria, not security.

Using cost of deployment as the evaluation criteria, I'd suggest it would be a lot cheaper to distribute an IPsec client to a desktop / laptop, with maybe quarterly updates, and an occasional security fix, when compared with the cost of distributing all the service pack updates that have occured to the most commonly used web browser ie. IE.

Using security as the evaluation criteria, there are two sub-criteria that can be considered

a) accessiblity

"Special" clients such as IPsec clients can provide a somewhat useful limit to access to the corporate network, to those machines that are maintained, controlled, or at least known about (ie. the case of a teleworker using their own home PC). The last case is somewhat of a problem, as you can't be assured of how many and which PCs the teleworking installed the IPsec client on. Still, I would consider over all that the "special" client method provides a somewhat useful access limitation.

Using a generic client, such as a browser, means that access can be gained from any desktop at all, at any location, including those at Internet cafes or at your competitor's or customer's sites. Do you really want to trust the security of your corporate network to the security or lack of of an Internet cafe PC, your customer's or your competitor's PCs ?

I'd prefer not to.

b)Simplicity vs Complexity

An IPsec client has one simple purpose and one simple purpose only. It is written to only to perform that purpose, and only perform that purpose well. Furthermore, as its only purpose is security related, you'd hope, and probably can assume that secure coding practices are followed.

Web browsers are written to do many things, and serve many purposes. They are not a simple piece of software, they are very complex. Usually, complexity is the enemy in security.

Additionally, functionality usually takes (or at least in the past has taken) primary consideration over security when developing a web browser. It is less likely secure coding practices have been followed when developing the most popular browser ie. IE. This is evident based on the large number of security fixes that have come out for IE in the last couple of years.

Based on these observations, I personally think SSL VPNs are less secure than IPsec VPNs.
HOME
Sign In
SEARCH
CLOSE
MORE
CLOSE