Last December, I blogged about the merger between Symantec and Veritas. Then, a couple of weeks ago, I got the chance to see Mark Seager, Symantec‘s VP Technology (EMEA), present about the new organisation. Apologies if what follows appears to be a marketing plug for Symantec, but bear in mind where the information came from – I still think it makes some valid points.
Symantec’s view is that information is the “fuel” driving the global economy. Often, this information is irreplaceable and the IT department is the its custodian. According to the UK Department of Trade and Industry, 70 percent of organisations that experience serious data loss go out of business within 18 months.
Symantec quotes the following fast facts:
- A University of California at Berkeley study suggests that we will create more data in the next 3 years than we did in the last 40,000.
- The number of Internet users is expected to triple between 2001 and 2007 to 1.5 billion.
- It is estimated that corporate data storage requirements are doubling every six to nine months and the resulting cost of managing new storage is five to seven times the price of the storage.
- In the second half of 2005, the average time between the disclosure of a vulnerability and the release of an associated exploit was 6.0 days.
On the surface, some of these statistics may seem a little unbelievable (after all they do originate from a vendor of security and storage management products) but taking the data growth statistic, consider the growth in broadband Internet services and the mobile phone operators who have reached complete market saturation but still have huge costs to cover for third generation (3G) mobile phone licenses. The networks need to get users to transfer to their 3G networks and to do that they need a killer application, for example live TV. Even on the reduced-size screen of a mobile handset, that represents a lot of data.
Furthermore, network managers used to look at securing the perimeter network but nowadays that perimeter doesn’t exist. Remote users with VPN connections and mobile users with data on portable devices mean that security has to be all-pervasive. Combined with the advances in the incidence of social engineering (including phishing attacks), the security landscape is shifting.
Symantec have traditionally looked at risk management from a security management perspective (i.e. when information is unsecured, business is at risk). The Veritas approach was around failure management – whether it was environmental, component, or human error (i.e. when information is unavailable, business is at risk). Bringing together the two organisations makes a lot of sense, with significant synergies but very little product overlap. The new strategy is that when failure occurs, security management processes take over.
Worldwide, there are three areas in particular where pressures are having an increasing (and significant) effect on businesses: regulatory compliance; operational requirements and security threats. Compliance has to be demonstrable. IT operations are under pressure to drive out extra costs (like security tools for threat management) and IT is often inefficient, built on 3 or 5 year growth plans and siloed for a particular application, leading to typical storage utilisation of just 50% and only 20% CPU utilisation. By comparison, imagine what would happen if an organisation’s office space was purchased using a similar model of keeping it half empty to allow for growth!
The result is ever-greater demands on the IT infrastructure at the same time as a need to drive out cost. What is needed is a dynamic IT infrastructure.
Seager discussed the concept of an “electronic chain” of information from the user/client, through the gateway, network and servers, to the application, with its database and associated storage. This may be replicated many times over within an organisation or with different customers, suppliers and partners. This “information stack” needs to be secure, available and performant. Furthermore, it needs to support operational requirements (consider a a bank ATM – a typical customer doesn’t care that the back-end system is 99.999% available – they just need enough ATMs to be available at a particular time so that they can withdraw money without queuing).
- …an external threat alert could trigger an internal assessment?
- …internal audit correlated with inelegance for patch management?
- …external intelligence could prompt more frequent backups, end-to-end from remote user to data centre?
- …performance issues could be proactively addressed (e.g. network storms, system issues, human errors, system vulnerabilities), in-plan (not on-overtime)?
- …early warning could trigger failover to a secure network?
- …a compromised system could automatically be recovered?
- …all of these actions where audited to show compliance with company standards?
Symantec claim to be able to meet this through products in four segments that cross the information stack:
- Security infrastructure and management tools.
- Storage management capabilities to ensure that information is continuously available.
- Data management solutions to reduce the risk of downtime.
- Application service management to allow dynamic service provision.
All of this is wrapped up by intelligence – what Symantec refer to as insight – from the combined experience of Symantec and Veritas with a worldwide capability of:
- 5 security operations centres.
- 81 monitored countries.
- 28 support centres.
- 20000 sensors in 180 countries.
- 8 security response labs.
Of course, there is also a healthy dose of reality required here – if an expenses policy didn’t restrict me to certain expectations when travelling on business I would always stay in the penthouse suite at a luxury hotel and have a fantastic meal at the best restaurant in town but the reality is a probably more like a standard room at a normal business-class hotel, with a curry from the local Indian restaurant. Likewise, the level of information protection for an organisation’s IT infrastructure has to be selected based on realistic requirements and in line with budget constraints.
The integration of Symantec and Veritas has now started, with a three stage plan:
- Stage 1 is to ensure interoperability between Symantec and Veritas products, ensuring that all of the technologies offered work together and developing solutions which combine services and technologies from across the portfolio. No products are classified as “end of life” (even though some have alternative views on the same issues).
- Stage 2 will ensure that common components are used and that there is consistency across the product set, focusing on key areas of integration and identifying the product areas that will deliver the most immediate synergies (common user interface, common licensing terms, common installation, LiveUpdate integration, integrated support infrastructure, product-to-product integration).
- Stage 3 is about new value – through deeper technology integration but also integration in other aspects of customer relationships such as support offerings, and license management.
Symantec now claims to be able to deliver an end-to-end solution to “keep your business up, running and growing, no matter what happens”. They use an e-mail scenario as an example, controlling unsolicited commercial e-mail (UCE), managing data volumes and ensuring system availability (as shown in the diagram below) but a similar model could be applied to many enterprise applications.