Symantec Corp. is entering the encryption market, acquiring encryption giant PGP Corp., and GuardianEdge Technologies Inc., in a $370 million deal that will integrate the two vendors' platforms into Symantec's centralized management platform

Symantec paid $70 million for San Mateo, Calif-based GuardianEdge and $300 million for Menlo Park, Calif.-based PGP. The agreements are subject to regulatory approvals and are expected to close during the June quarter.

Symantec president and CEO Enrique Salem said both companies' product lines could be integrated across Symantec's product portfolio lines, including its Software as a Service, backup and recovery and security offerings. Symantec currently has an OEM relationship with Guardian Edge and PGP.

GuardianEdge Hard Disk Encryption and Removable Storage, backbone Symantec's Endpoint Encryption Product as well as the Altiris Total Management Suite. PGP's encryption technology, meanwhile, resides in the Symantec Data Loss Prevention offerings, which are based on the former Vontu solution. Symantec acquired Vontu in November 2007.

This is Symantec's first acquisition in the encryption market. One of its principal rivals, McAfee Inc., acquired SafeBoot Corp. in November 2007. SafeBoot was an encryption and user authentication vendor; SafeBoot is now the McAfee Endpoint Encryption product

Salem said he's seen increased interest and inquiries from customers about investments in DLP, but said customers want encryption capabilities as a first line of defense. He singled out PGP's encryption key management as a driving factor in his company's pursuit of its longtime partner.

"Encryption is important, but what is more important is that you have policy-driven approach to the management of encryption keys," Salem said. "PGP allows us to offer key management across the breadth of our portfolio."

Symantec's $300 million acquisition of PGP, can enable it to offer its customers a full range of full disk encryption (PGP) and removable media encryption (GuardianEdge); Salem added that since are both OEM partners, he expects any integration issues to be minimal.

"At this point, we see an opportunity to go way beyond removable media and hard disk encryption, and have a policy-based key management infrastructure across the range of products we offer," he said. Earlier this year, PGP acquired ChosenSecurity. The move brought PGP into the identity management space as well; ChosenSecurity's offerings bring security and trust of individuals taking part in SSL transactions, as well as the authentication of mobile applications and the creation of digital signatures. Salem added that Symantec would be able to move trust and encryption onto endpoints, leaving server authentication and trust to leaders such as VeriSign Inc.

"This helps us move further into identity [management] and trust of individual users," Salem said. "Expect us to do more around trust."

Symantec has had a close relationship with GuardianEdge, licensing its technology for its endpoint protection suite. The relationship was so close that Nick Selby, a former industry analyst, said he predicted in 2009 that the two vendors would come together. Selby, currently managing director of Trident Risk Management, a security consultancy, said the acquisition gives Symantec a boost over Sophos Plc. and brings it closer to its rival McAfee. Both vendors added encryption capabilities by making their own acquisitions. (McAfee acquired Safeboot Inc. in 2007, and Sophos acquired Utimaco Safeware AG in 2008.)

Selby said Symantec shouldn't have many integration issues. While there is some overlap, the two vendors mostly complement each other, helping Symantec integrate encryption across data loss prevention, email and file and server protection. Integrating PGP's key management platform into the Symantec Protection Center will help centralize encryption management, he said.

"PGP will give Symantec the ability to provide more integrated and widely deployed key management and better policy controls over key management," Selby said. "GuardianEdge is very good at removable media and mobile device encryption and they're better at rolling encryption out and updatability."

Selby said, Symantec will have to demonstrate that it can continue to improve in integrating its acquisitions, as it did with its acquisition of DLP vendor Vontu in 2007. Integrating encryption and key management into an heterogeneous, enterprise-wide portolio is a non-trivial task. If done successfully it can be a huge growth opportunity for Symantec, he said.

Less than a week after Symantec's acquisitions of encryption vendors PGP Corp. and GuardianEdge Technologies Inc., the rash of consolidation in the computer security market continued Monday when Sophos agreed to sell a majority interest to global private equity group, Apax Partners

Terms were not released, but the company is valued at $830 million, according to a news release. Minority shareholders TA Associates will also sell its full interest in Sophos to Apax. Sophos, which specializes in endpoint security and antimalware protection, said it had revenue in excess of $260 million as of March 31, the end of its fiscal year.

Apax Partners, meanwhile, focuses on five business sectors, including technology and telecommunications companies.

Sophos, based in the U.K., was one of the largest remaining standalone security vendors, trailing Symantec Corp. and McAfee Inc. for leadership in the endpoint security space, and McAfee in the sale of data protection suites, according to the Sophos release.

"As the market continues its migration from point solution to tailored, unified security suites, Sophos' strategy to offer the world's most resilient, cost effective solutions without any additional complexity remains key," said Sophos CEO Steve Munford, in a prepared statement. " Apax's financial backing, combined with Sophos's deep understanding of security and data protection is great news for our customers, prospects and partners."

"We identified the security software space as an attractive investment area for us given its rapid growth driven by ever increasing malware threats and high barriers to entry," said Salim Nathoo, a partner in the Tech & Telecom team at Apax Partners. "Sophos is a very strong platform and is gaining market share. Apax's strong track record and industry specific knowledge in the technology sector makes Sophos a perfect fit."

Sophos founders Dr. Jan Hruska and Dr. Peter Lammer will keep a minority share of the company.

TA Associates, which sold its full interest in Sophos to Apex, remains in the security space. The investment firm paid more than $200 million in 2009 for a stake AVG Technologies Inc.

Mergers and acquisitions are done for many reasons. Sophos customers should look more closely at how the company communicates its strategy and focuses its resources, said Jonathan Penn, a vice president at Forrester Research Inc. Selling a majority stake to a private equity firm could be a sign that the firm is gaining the financial resources it needs to expand the company, he said.

"They could be using this as a foothold to develop a broader security play," Penn said. "This could be good news for [Sophos customers] because there's some backing and financial resources to expand the portfolio and in the end that's going to make for a more stable and deeper partner."

Penn said Sophos was one of the first to expand beyond threat management at the endpoint to more proactive data protection. "They definitely have some praise on the ease of implementation, simplicity of management," he said.

Like many security vendors in this space, Sophos has had a difficult time competing against Symantec and McAfee, Penn said. The highly competitive market for endpoint security includes Microsoft, Trend Micro, Kaspersky Lab, and F-Secure, among others. Sophos has been "moderately successful," Penn said.

The challenge for Sophos has been to really stand out. The vendor has grown in market share by being the alternative to the top-tier vendors. "That's a difficult position to grow at the pace the rest of the market is growing," Penn said. "My perception is that Sophos hasn't been as aggressive in the large enterprise space and focusing more on mid-tier businesses."

Juniper Networks grabbed top honors due to its excellent performance in terms of revenues for SSL VPN in the Asia Pacific region during 2008. The Asia Pacific SSL VPN Market Leadership Award is also the only award conferred to the region's SSL VPN market by Frost & Sullivan.

"Juniper continues to deliver the market leading SSL VPN in the world.  We are pleased to be recognized for enabling enterprises and service providers in the APAC region to deliver the reliable anytime, anywhere secure access that is critical to their business and future growth in an increasingly diverse and mobile workforce," said Sanjay Beri, vice president and general manager, Access and Acceleration Business Unit at Juniper Networks. "This Award underscores our ongoing commitment to providing the best security for our clients while enabling high business productivity."

Juniper Networks' ability to obtain the highest market share among all the SSL VPN security providers in the region during 2008 was a key demonstration of the company's success. According to the report, the company grew its SSL VPN revenue in APAC by 27 percent compared to 2007. The growth further cemented its leadership position by increasing its market share lead over the second placed competitor to 11 percent in 2008.

The Award highlights Juniper Networks' impressive market share in the SSL VPN market. This growth was mainly driven by the company's market-leading technology and an effective go-to-market strategy that has resounded well in the region.

Frost & Sullivan's research tracked revenues, growth, market share and other business metrics through interviews and extensive secondary research. In the process of selecting Juniper for this award, Frost & Sullivan conducted the research in 14 countries throughout the region and found that Juniper Networks best met the award parameters across the region.

IDC's 2009 Global Study, which was sponsored by Microsoft, says that the sector will help drive growth in economies worldwide to create 5.8 million new jobs and 75,000 new businesses globally over the next four years.

It expects growth in worldwide IT spending on hardware, software and services to continue at a pace roughly three times that of the rest of the economy between now and 2013.

"In this fundamental economic reset, innovative technologies will play a vital role in driving productivity gains and enabling the creation of new local businesses and highly skilled jobs that fuel economic recovery and support sustainable economic growth," said Steve Ballmer, CEO of Microsoft.

Emerging countries will account for only 21% of IT spending this year but, over  the next four years, will be responsible for more than 50%  of net new IT spending.

The total IT spend for all 52 countries analysed in the study will be $1.4 trillion in 2009, with countries from the Middle East and Africa region accounting for $36 billion.

Based on IDC findings for the Arab region, Turkey is the country that will spend the most on IT this year at $7.2 billion. Saudi Arabia follows at $5.9 billion, then the United Arab Emirates at $4.1 billion and Egypt at $1.9 billion.

Imprivata, Inc., the employee access management company, today announced that it received a positive rating in Gartner’s report entitled “MarketScope for Enterprise Single Sign-On[i].” Imprivata’s OneSign^® Platform is an appliance-based employee access management solution that enables organizations to protect enterprise information assets while improving user workflow, productivity and satisfaction.

Imprivata continues to be the leader in the identity and access management market by providing organizations with the most robust and versatile solution for strengthening user authentication, enabling application single sign-on (SSO) and improving end-user workflow. With its appliance-based approach and seamless integration with enterprise systems, the OneSign Platform is the employee access management solution of choice for companies of all types and sizes looking to protect their most critical information assets.

“We believe Gartner’s positive rating confirms our position in the market and our commitment to product excellence,” said Omar Hussain, president and CEO of Imprivata. “Our OneSign Platform has helped close to 1000 companies solve their most pressing password management issues while providing secure application access and simplifying the process of compliance reporting. The significant increase in the number of companies implementing OneSign is highly indicative of the strong gains our customers are experiencing. We are delighted to be recognized by Gartner for our achievements.”

The OneSign Platform is an employee access management platform that strengthens user authentication to desktops and networks, streamlines application access and simplifies the process of compliance reporting--all delivered through a secure, self-contained appliance that requires zero modifications to existing IT infrastructure. Centrally managed from a single administrative console, OneSign secures access across Windows, host-based, Citrix and virtual desktop environments. Imprivata OneSign empowers organizations to balance the need for stronger security with improved employee workflow and productivity. The solution also reduces the time and complexity of complying with regulated access control requirements and password management costs that consume IT help desk resources.