L.
Taylor - July 6, 2000
Vendor
Genesis
Rockville,
Maryland based AXENT Technologies Inc. has been seeing steady increases
in revenue and solid sales in its line of security products for the last
several years. Growing at a rate of 45% in 1998, AXENT exceeded $100 million
in revenue. In 1999, their total net revenue exceeded $112 million. AXENT
develops, licenses, markets, and supports, computer security systems for
enterprise computing environments. Its objective is to become the leading
developer and provider of information security solutions for enterprise
computing environments.
AXENT
was founded in 1994, and filed its S-1 with the Securities and Exchange
Commission (SEC) on April 22, 1996 issuing 2,000,000 shares of common
stock. John Becker, chairman and CEO and Richard Lefebre, former chairman,
are the co-founders of the company. AXENT was started as a spin-off, and
distributor, of Raxco Software Inc. a systems resource management tools
company. Both founders previously worked as VPs for Raxco and John Becker
still serves on Raxco's board.
AXENT
has made numerous acquisitions that have added to their fast growth story:
- AssureNet
Pathways, Inc. - 1997
- Secure
Network Consulting - 1998
- Raptor
Inc. - February 1998
- PassGo
- March 1999
Originally
Enterprise Security Manager (ESM) was AXENT's flagship product. However,
since the acquisition of Raptor, their Raptor firewall is the product
that is more renown in the industry.
Vendor
Strategy and Trajectory
AXENT will continue to expand its security product line, acquiring smaller
security players along the way. With an approach to security called Security
Lifecycle, Axent has put into place the proper roadmap for selling security
products and services. Starting out with the assessment phase, the Security
Lifecycle methodology uses Enterprise Security Manager and Netrecon to
evaluate the present state of a customer's security status.
AXENT's three protection products, Intruder Alert, Raptor Firewall, and
NetProwler contain the most fundamental security protection products that
any aspiring Internet company should include in their IT strategy - network
based intrusion detection, host based intrusion detection, and an enterprise
hybrid firewall. Cybercrime and information security attacks are not going
to go away. In fact, they stand to increase and become much worse, as
more products with security holes in them get released to the market.
By
far, AXENT's Raptor firewall is the leading revenue generator of their
security protection line of products. AXENT obtained the Raptor firewall
after purchasing Raptor in February 1998. The Raptor firewall was originally
called the Raptor Eagle firewall before AXENT acquired Raptor. Raptor
started out as what is known as a proxy firewall, and has since employed
stateful packet inspection capabilities to become what is now known as
a hybrid firewall.
Figure
1. Security Lifecycle
ANALYSIS
Vendor
Strengths
From a technology perspective, AXENT is rock solid. Its Lifecycle Security
Model, which takes into account the four critical aspects of security
- Assess, Protect, Enable, Manage - provides a security roadmap that makes
a lot of sense, and it has the products to support this process. AXENT's
strength is its focus on doing one thing well - information security development
and consultation. With so much interest in the security market these days,
security is a growing niche within many organizations. AXENT's strength
is its breadth and depth of solutions. Further, for AXENT, security is
their core competency and main focus.
AXENT's
acquisition of Secure Network Consulting (SNCi) in 1998 positions them
with a consulting force that is trained on AXENT products, and has expertise
in analyzing and determining customer security requirements. SNCi provides
standard consulting services, Express Packaged Services, and ServiceShield
Managed Services. SNCi is headquartered in San Antonio, Texas and has
offices in Europe, the Middle East, and Africa.
Vendor
Challenges
Though AXENT has a great story to tell as far as security is concerned,
it is going to be hard for them to topple Checkpoint in the firewall market.
Checkpoint currently dominates the firewall market, and has carved a rock
solid niche. Checkpoint's Firewall-1 firewall started out as a Stateful
Packet Inspection firewall, however, they have recently started adding
proxies migrating it to a hybrid firewall. Stateful Packet Inspection
firewalls typically have shorter development cycles, and are able to get
to market faster. One key difference between Checkpoint and AXENT is that
Checkpoint focuses only on the firewall and VPN market, where AXENT focuses
on a much broader scope of security products that covers their entire
Security Lifecycle approach.
Network
Associates (NAI) is the vendor most closely positioned to grab some of
AXENT's marketshare. Like AXENT, NAI focuses on a broad scope of security
products which covers the entire spectrum of the security market. However,
NAI's Gauntlet firewall, cannot compete with Raptor which is far more
robust with more cutting-edge features. As it exists today, Gauntlet is
not HTTP1.1 compliant. Because of this, an organization with a Gauntlet
firewall will be unable to get to many financial sites. Further, Gauntlet
is susceptible to many buffer overflow exploits and Denial of Service
attacks as NAI has done little to keep the code patched and current. It
should be noted that NAI's focus and vision is closely competitive with
AXENT's.
Unlike
NAI, AXENT does not have any PKI products. As e-commerce picks up speed,
and more financial transactions start being done via the Internet, AXENT
will not be able to grab new customers that have PKI on the top of their
security requirements.
BOTTOM
LINE
Vendor
Predictions
AXENT will continue to expand its security product line, acquiring smaller
security players along the way. Its focused approach to security and quality
of security engineering, will keep it afloat in the rapidly burgeoning
security market. Because the firewall market is seeing more and more interest
in hybrid firewalls, and because it takes much longer to ramp up on proxy
development than stateful packet inspection development, AXENT is well
positioned to take away a bit more of Checkpoint's market share. Now that
AXENT is marketing its firewall as a hybrid firewall, it will not be subject
to the religious wars that stateful packet inspection vendors have been
pitting against proxy vendors.
By
making use of its IP, TCP, and UDP Generic Service Parsers, Raptor can
support numerous multi-media protocols. In great shape to secure the streaming
capabilities of the Internet, the multi-media protocols that can be supported
by Raptor include:
- H.323
(VOIP)
- Microsoft
Conferencing
- Netscape
CoolTalk
- Read
Audio
- VDO Live
- Apple
QuickTime
- Xing
Streamworks
- Emotion
Creative Partner
- WhitePine
CU-SeeMe
- Vxtreme
WebTheater
Raptor's
resiliency to Internet attacks makes it ideal for e-commerce and transaction
processing. We expect to see Raptor's marketshare increase in this vertical
market. Attacks that Raptor is resilient to include:
- MS Exchange
buffer overflow
- Netscape
mail server buffer overflow
- BackOrifice
- Smurf
- SynFloods
- Teardrop2
- Named/BIND
("ADMrocks") buffer overflows
- HELO
buffer overflow
- SMTP
header buffer overflow
- MIME
header buffer overflow
In
order to compete against NAI, we expect AXENT to acquire a PKI vendor
to round out the Raptor product line.
Vendor
Recommendations
AXENT needs to drive home an ace marketing plan in order to get the mileage
out of its technology that it deserves. It is the firewall vendor best
positioned from a technology perspective to give Checkpoint a run for
the money. Partnering with network vendors like Cisco and Nortel Networks,
as well as ASPs and ISPs, will help AXENT get better exposure in the security
market. It is positioned well to protect streaming capabilities, and should
work on forming alliances with streaming vendors.
In
order to maximize profits, AXENT needs to manage its operational expenses
better, aligning its growth more closely with the growth of revenue. In
1999, AXENT's sales and marketing expenses increased 49% over the previous
year. As well, the cost of net revenues, which includes things like media,
product packaging, documentation, and production costs increased by 72%.
Long-term,
AXENT will be around for the foreseeable future.
User
Recommendations
If you are looking for a company to provide a one-stop-shopping solution
for your information security needs, AXENT is a safe bet. They have a
full line of network security products, and consultants who can help implement
them. The only other large-scale one-stop-shopping security vendor, Network
Associates (NAI), is still trying to recover from a tarnished reputation
incurred a few years ago due to revenue fraud. Compared to Raptor, NAI's
Gauntlet firewall is sorely lacking.
Figure 2. AXENT's Net Income (Loss) over the last five years.
AXENT's
1997 loss was due to a one-time charge resulting from their acquisition
of AssureNet. Excluding this one-time charge, AXENT would have had a profit
of $12 million. The 1999 loss is a result of a growth in operating expenses.
The growth of operating expenses exceeded the growth of revenue.