In-Depth

Analysis: Behind Symantec's MessageLabs Play

Symantec spent more than half a billion dollars to buy its way into the SaaS e-mail and Web security segments

• By Stephen Swoyer
• 10/21/2008

Earlier this month, security giant Symantec Corp. made a long-anticipated leap into the software-as-a-service (SaaS) segment, snapping up SaaS e-mail and Web security specialist MessageLabs.

Symantec officials, not surprisingly, touted the deal as both a coup and a fait accompli. "MessageLabs extends our investments in the Software-as-a Service segment and will allow us to offer our customers unprecedented choice from a single provider of message security solutions" said chairman and CEO John Thompson, in a prepared release. "By combining MessageLabs with our Symantec Protection Network team, we have one of the strongest portfolios of cloud-based infrastructure services and a great foundation on which to grow."

Industry watchers only half agree: yes, they concede, Symantec's purchase of MessageLabs -- which, at $695 million, represents almost a 500 percent premium over that company's annual revenues -- is the stuff of a grand or master stroke. However, it's one also fraught with peril for Symantec, particularly on the integration and overlap reconciliation fronts.

"Acquiring MessageLabs would give Symantec a foothold in the high-growth e-mail security software as a service … market, and a launch pad for more SaaS services -- but at a price tag of nearly five times MessageLabs' 2008 revenue," write Gartner analysts Arabella Hallawell and Peter Firstbrook. "Symantec has a considerable share of the e-mail security market as a result of its Brightmail acquisition in 2004. With MessageLabs, Symantec will have a 20 percent share of the market. However, as market demand has trended toward the appliance and SaaS delivery models for e-mail security, most of Symantec's Brightmail customer base remains on software; customers have been reluctant to shift to the company's e-mail security appliances."

What's more, the pair says, the MessageLabs acquisition raises questions about Symantec's appliance strategy, at least as it pertains to gateway security. "MessageLabs will reside in Symantec Protection Network … platform group -- which includes only backup SaaS -- and will be separate from the Brightmail business unit," they write. "Symantec will have to carefully reconcile how it positions its two e-mail security businesses to its customers and its sales team and product groups."

On the other hand, MessageLabs does give Symantec a footing in the Web security space. "[Web Security is] an area where Symantec has no presence and MessageLabs has promising but nascent capability," write Hallawell and Firstbrook. "Symantec must augment its presence in the secure Web gateway … market. Although e-mail archiving, storage and disaster recovery represent growth areas for SaaS and could benefit from existing Symantec technology, Symantec must not lose focus on MessageLabs core competency: providing best-of-breed inbound threat protection."

Symantec isn't operating in a vacuum. It faces pricing pressure from competitors such as Google Inc. and Microsoft Corp., according to Gartner. Microsoft, for example, bundles its SaaS offering (i.e., Exchange Hosted Filtering) as part of its Enterprise CALs; Google, for its part, has been known to use deep discounting to attract enterprise customers.

There's also a potential for sales channel conflict. "In North America, MessageLabs partners with IBM and Verizon for sales, but Symantec will likely rely less on these partnerships and use its own sales presence in North America to improve margins. Furthermore, Symantec's channel is largely conditioned to sell software rather than SaaS," Hallawell and Firstbrook conclude.