Symantec snares Vontu for $350 million

Symantec has plunged into the data-loss protection (DLP) market via the acquisition route, announcing on Monday that it has agreed to purchase partner Vontu for $350 million. The acquisition, rumored for several weeks, further validates the hot DLP sector, where a number of large players, including EMC and Websense, already have snatched up similar companies. Symantec took a similar approach. “The big guys are gulping these companies up, basically,” Chenxi Wang, the principal security and risk management analyst for Forrester Research, told SCMagazineUS.com today.

Wang said she believes the addition of Vontu’s DLP software, which is used to control the flow of sensitive information across corporate networks, is a smart move for Symantec.

“That piece of their content security strategy is now more comprehensive, and that’s important for them strategically,” she said.

The DLP arena is “a hot market, and the average customer is looking” at data-loss protection software, she said. “Strategically, this market can grow, and also Vontu has a good reputation.”

Several factors led to the acquisition, said Ken Schneider, chief technology officer and a fellow in the security and data management group at Symantec.

“We saw Vontu as head and shoulders” above the other vendors in the DLP market, he told SCMagazineUS.com today. In addition, Symantec had already integrated Vontu technology into its SMS 8300 appliance that prevents emails and instant messages with sensitive data from leaving the network.

The acquisition is “all about protecting data and answering three simple questions for chief information security officers: Where is my confidential information stored in the organization, how is it being used, and how do I prevent it from being lost?” Steve Roop, Symantec’s vice president of marketing and products, told SCMagazineUS.com today.

The Vontu acquisition will also give Symantec better traction in the so-called “e-discovery” arena, Roop said.

“Vontu’s discovery capabilities can reach into Symantec archival and backup and content repositories and help companies comply with the new rules of e-discovery,” he said.

The DLP niche has become a growing star within the broader IT security market, expanding to about 35 to 40 vendors. Some experts, such as Nick Selby of The 451 Group, have said the plethora of solutions do very little to differentiate themselves from each other.

But all hope to grab a piece of the growing compliance-driven needs of customers in heavily regulated industries — most notably, financial services, say experts.

Vontu was one the largest remaining independent developers of DLP software, which has been hyped as one of the few available ways to protect against insider threats. Insider threats can lead to the theft of data customer records or valuable intellectual property by employees, business partners or malware attacks.

In addition to the Symantec-Vontu deal, other acquisitions in the DLP market so far this year include EMC’s purchase of Tablus in August for an unknown amount, Websense’s buy of PortAuthority for $90 million in January and Raytheon’s acquisition of Oakley Networks for an undisclosed amount in September.

Not surprising, reaction to the Symantec-Vontu deal was mixed. Symantec competitor McAfee, for instance, went on the offensive.

“Even with its acquisition of Vontu, Symantec still doesn’t compare to McAfee as a data-protection vendor,” Vimal Solanki, senior director of product marketing at McAfee, said in a prepared statement. “McAfee was the first major security vendor to offer DLP (with the recently announced SafeBoot acquisition).”

So did Websense: “Though Symantec claims the acquisition of Vontu is strategic, given its past history with acquisitions, it is likely that the level of focus on the technology will decline and future innovation slow, which may force Symantec to rely on their size rather than a best-in-class technology to sell the DLP solution,” the company said in a prepared statement.

Tizor, which offers database monitoring tools, took another tack.

“Symantec’s acquisition of Vontu validates the heightened importance of protecting data in today’s enterprises,” said Bill Bartow, vice president of product management at Tizor. “It makes sense that the big security players would take a strong interest in data leakage because that’s what the enterprise market has been focused on in recent months.”