John Katsaros

If you didn't think there was a recession before you went the RSA conference, you might have come away with a completely different view. The conference was "too quiet" which may have been due to its unusual scheduling (usually the conference is in February while this year it was in April during a week which conflicted with two other infrastructure events plus Spring Break for many families). But you couldn't help feeling the slowdown -- it didn't seem as big or as active as past RSA events. And there is plenty of reason for thinking that the security business could be in for an economic driven slowdown. As you know, the security value propositions have evolved to include risk and compliance. Several vertical markets, most notably the financial services vertical (banking, securities and insurance) consequently play a greater role in the early adoption cycle of these products -- the financial industry understands risk and has lots of regulations to deal with. Unless you've been under a rock for the past six months, it's hard to miss the fact that the financial sector is being pummeled due to the mortgage crisis -- companies in this space are loosing billions. It's well known that companies in the financial sector are quick to respond to changes in their bottom line by increasing (or in this case decreasing) their IT spending. And of course, it's likely that what gets cut first is discretionary spending on new project initiatives (the very thing that the security infrastructure sector needs the most). So it may be that there is a direct path from the front page woes of the financial industry to a slowdown in the rate of adoption of new security initiatives. Usually, we look to the financial sector to lead infrastructure sectors out of a recession by being the first to increase budgets. The question is: "If not them, then who?"

After the 2006 RSA conference, we made special note of a truly distressful talk given by the CEO of ISS (a security focused division of IBM) who started off telling a story (about how a horse's ass determined the width of roads in ancient Rome which ends up being the limiting factor on the size of the Space Shuttle's engines) which he apparently thought was true but which turns out to be an one of those urban legends that circulates through the Internet ever couple of years. We wondered -- if he got duped by an Internet propagated urban legend, how relevant was the rest of his view on security trends? So it was with great anticipation when we attended Val Rahmani's keynote at RSA. Val is the articulate General Manager of IBM's ISS division. Although Val is a good public speaker, she seemed to miss the fact that she was talking to a room full of security experts. She got off to on the wrong foot by using the line "IBM is getting out of the security business" as a public speaking device to generate interest (it turns out, of course, not to be true). Her talk had lots of cute animation of things like someone rolling a rock up a hill to illustrate her observations that companies aren't getting the most out of their security offerings. What she doesn't seem to understand, perhaps because it hasn't occurred to her, is that her company has been one of the market leaders supplying the very products that she's labeling as ineffective and disappointing. RSA sessions are composed of sophisticated security experts who aren't patient with some patronizing banter about "the new security mandate." The problems with security that she was citing might have more to do with the lack of completeness of the products being sold rather than the lack of understanding of security managers of how to do their jobs. We think the audience wants, and deserves more.

After hedge fund operator Elliott Associates LP set the ball in motion with a $200M buy out bid last month, today's news that someone acquired Packeteer comes as no surprise. What makes it interesting, however, is that it's Blue Coat that came to the table with a $268M cash offer. Assuming Blue Coat does a good job at quickly rolling Packeteer's products into its product line while keeping Packeteer's customers and channel in line, in a couple of years the $268M price tag might look to be a real bargain. All things considered, Packeteer's product offerings are complimentary to Blue Coat's and, in many ways additive. Blue Coat did some interesting financial gymnastics to come up with the cash -- Elliott Associates along with Francisco Partners is fronting $80M in the form of convertible notes.

As you've read here before, we have a really simple metric to gauge the economy -- it's our local Peet's Coffee Shop across the street from our office in downtown Los Altos. There are three questions we ask -- what kind of cars are parked in front at 8AM (execs getting caffeinated before starting their day), is there a line at 10AM (rendezvous for job related networking) and how many bicycles are parked outside in the late afternoon (job seekers taking a break). During the economic up ticks the answers are -- expensive Mercedes in the morning, no line at 10AM and no bikes in the afternoon. Our indicators are currently showing a pretty good mix of expensive cars in the morning but there's beginning to be an annoying line around 10AM and bikes have begun appearing in the late afternoon. So we're getting mixed signals.

After watching so many acquisitions in the infrastructure sector occur over the past five years, it's been our hope that the IPO market for infrastructure companies would pick up so that we could get back to the good old days and have multiple exit alternatives for successful infrastructure startups. And with the infrastructure IPOs that have occurred in the past year, it looked like that was finally happening. VMware's IPO last summer seemed to be a clear indicator -- after coming out in the fifty-ish range it doubled to the $115 range by November. But VMware has seen its price tumble to the mid $50 range. And other infrastructure IPOs looked good early on too -- Sourcefire and Acme Packet each looked like IPO poster boys for success. But the market has been brutal this past fall and winter -- both companies are now trading at their lowest levels since their IPOs and have lost over half of their market value. And Riverbed Technology has been trading in the $18 range, near its IPO price, after breaking $50 last fall. Despite all of these indicators, in what you could call a daring move, ArcSight went public in mid February, priced at $9 per share, a level that it hasn't closed at since its IPO (that's got to be an ugly story when you get into the details, talk about poor timing...). Of course, when you try to read the tealeaves on how the public market treats infrastructure, you have to consider how Cisco is faring since it sets the stage for so much of the business -- CSCO is trading around $24, down about 30% since its recent high this past fall.

Speaking of Cisco, on Tuesday John Chambers said "I'm more comfortable with 12 percent to 17 percent long- term growth than I was a month or two ago." You might remember that in February he scared the heck out of the market by saying that recent Cisco sales had only grown 10% instead of the higher rate that they had been expecting. Thanks, we can breathe a sigh of relief -- at least till next month.

It's the time of the year again when the RSA Conference comes to town. It's always an interesting event as security companies get to strut their stuff. The market for security products has changed radically -- five years ago the threat landscape drove infrastructure gymnastics and lots of spending as IT managers wanted to avoid being on the front page of tomorrow's newspaper. But today's threats, although more lethal, are not as visible in the media, causing repercussions among security vendors as they're trying to learn how to sell in this new environment. It was really frustrating last year when speakers at the RSA Conference talked about the consolidation that was going to occur in the security market as weaker companies would be consumed by the stronger guys. Rather than preaching these gloomy self serving messages (self serving because it's the big company guys who get to do the keynotes) we're hoping that in this year's speakers come up with some good ideas as to how the security industry can provide greater customer value -- like in making products that are so valuable to customers that they'll buy them.

While the 2008 Chinese New Year is the year of the rat, the 2008 Networking new year is the year of the video. Or that's what Chambers and the Cisco executive team hopes will be the case. In 2001 when the networking world was crashing after the bubble burst, Chambers said "it's all about VoIP" -- and as unbelievable as that sounded back then, Cisco made it happen and not only converged the world of traditional voice services onto IP backbones but also used VoIP to drive lots of network infrastructure conversions. Well things are brighter these days and the message from the recent Cisco analyst conference was clear -- Video is the next big thing to drive network spending and infrastructure upgrades for both enterprises and service providers.

We've been spending months examining the emergence of Collaboration 2.0, an important enterprise adoption of Web 2.0 technologies. The first round of Collaboration came to the forefront 20 years ago with the introduction of Lotus Notes which ushered in a generation of collaboration software products that were pretty much about improving the productivity of organizational teams -- making employees and processes more efficient. Enterprises are beginning to adopt Web 2.0 technologies -- Wikis, Blogs, Web Forums, Podcasts and more -- also for collaboration. But this time around, Collaboration 2.0, it's for a much broader interpretation of the "C" word -- Collaboration on a much larger scale -- globalization, new models for R&D, process transformation, new partnership models, sales transformation and more...When the consumer side talks about Web 2.0 it's about user empowerment and social software; but on the enterprise side the interesting potential from what Collaboration 2.0 offers goes beyond making an organization more productive by making its entire value chain more productive -- from the supplier of raw materials and intellectual property to the ultimate consumer. It's not the things that Web 2.0 technologies do that are important to enterprises -- it's what you can do with them. Interesting stuff...

Cisco talked and showed off its Telepresence technologies at C-Scape. It's all impressive stuff, including the numbers. Cisco rattled off a bunch of stats regarding its own internal TelePresence usage -- the numbers mentioned below came out pretty quickly but we think our notes are accurate -- currently Cisco has 161 TelePresence rooms deployed today and expects to have 244 by July. So far they have had 42K TelePresence-enabled sessions. And Cisco's analysis in November of 6,000 employee users showed a 46% reduction in travel expense and a 31% reduction in entertainment expense (and a 400% increase in bandwidth usage). Chambers' overall plan is that the Cisco will decrease customer face to face meetings but increase the frequency of customer interactions using Web 2.0 and TelePresence technologies. TelePresence looks great but there are still things that need to be done -- like Inter -- corporate TelePresence usage so that Company A can interact with Company B. Plus, eventually there will need to be some standardization of sorts so that Vender A's Rooms can interact with those of Vendor B (HP HaloRoom interacting with Cisco TelePresence for instance). It's neat stuff, that's for sure.