John Katsaros

When we were at Microsoft's MMS conference in April they previewed their upcoming plans to enter the virtualization arena with a D-Day like invasion plan that would have made Eisenhower proud. At VMware's Industry Analyst conference you didn't get the sense that they were too concerned about it. And maybe for good reason. As VMware's president and CEO Diane Greene pointed out -- VMware has over 100K customers including all of the Fortune 100, 14K channel partners, 6K employees in 40 countries and 21 products which have won over 193 awards. Their most recent quarter of $438M grew 69%. That's a remarkable story for achieving so much in such a short time period. They've got a firm foothold and lots of loyal customers. And they're a really nice fun loving group. But still, you can't help but wonder what might happen as Microsoft flexes its marketing muscle. Certainly, Microsoft has missed its mark before, especially with its first volley into a new market. But as we all know, that Seattle bunch certainly can preserve.

As part of positioning themselves, VMware is emphasizing its ILITIES -- scalability, reliability, maintainability, serviceability, updateability, flexibility, runability, securability you-name-it-ility -- which on the surface sounds good but in fact, without measurable proof points illustrating the difference, it's hard to establish significant differentiation around the "ilities" because... well everyone says the same thing and the words without evidence don't carry substantial meaning. We've yet to have a briefing where the vendor flips a PowerPoint slide which states "We Don't Scale" or "We're Not Reliable." Every vendor claims that they've got more of the "ilities" than do the other guys and customers don't have a simple way to judge for themselves. So without evidence, then "Good Enough" becomes just that. The "ilities" are deceptive because one can fool oneself into thinking that you've successfully used the "ilities" to establish a firm marketing position. It's fine if someone wants to claim title to the "ilities" but when they do they should recognize that they still need to establish differentiation. What's clear is that both sides -- Microsoft and VMware --agree that the battleground will be all the value add stuff -- starting with data center management (physical and virtual?), operational excellence (H/A, DR?) VM management (Live Migration?), scope (heterogeneous?), and for Microsoft extending to model driven (see Oslo article below).

Symantec used its Vision conference earlier this month in Las Vegas to point out that the company has gotten its act together in relation to its product line. You might remember that as recently as a year ago there was a lot of "post acquisition product line anxiety," especially with the Veritas pieces. Basically the story goes something like this -- the core business groupings are Data Protection (including the Backup Exec and NetBackup pieces separated out from the storage group), Endpoint Security and Management (including Alteris), Storage Management, Information Foundation, Compliance and Security Management (IFCSM), Consumer Security (over a billion dollars in revenue) and Services. Symantec talks about its emerging growth areas meaning things like virtualization, SaaS and Cloud Computing which the company is still coloring in -- along with doing creative things like a relationship with Waway for a storage appliance initially targeting the China storage market and its acquisition of SwapDrive which is part of its consumer group's SaaS offerings. The good part was that getting their core businesses aligned puts them in a position to figure out how they can innovate off of this base. And it's always nice to see a John Thomson keynote -- he's a delight to listen to and we've yet to see him with a PowerPoint slide.

At Vision, Symantec announced its Veritas Virtual Infrastructure which basically combines storage management capabilities from Veritas Storage Foundation with the Citrix XenServer virtualization technology from Citrix Systems. It's an interesting idea -- to extend a server virtualization platform with its own built in storage management functionality, but it does raise the question of whether Symantec should partner with VMware as it has successfully done with its award winning NetBackup for VMware products (also including PureDisk) and with similar partnerships as it moves its security products into the virtualization world? Or is it better in the long term to compete head on in the virtualization arena directly against products like VMware's ESX and Microsoft's Hyper-V? Perhaps co-opetition is to the point where you can do both. WE always love a good fight -- we're looking forward to see how these battles shape up.

When asked "Why Twenty Eight Dollars for Hyper-V?" at the MMS analyst meeting, Microsoft's VP Bob Muglia said something to the effect -- "Well, we thought about it a lot and $28 seemed to be the right answer." You might remember that the last time Microsoft had to make a pricing decision for an add on product was of course when it decided to bundle Windows Internet Explorer for free. That eventually became a full employment opportunity for lots of lawyers and government agencies with Microsoft narrowly escaping some dire consequences (during which time Netscape basically faded away). So if "zero" was the wrong price back during the browser wars, then what's the right price for the hypervisor wars? Has Microsoft found a price that strikes a balance on a lot of fronts while not being so high that it would drive away customers and twenty eight dollars seems to have been the answer nor so low that it invites nasty government regulator inquiries? Usually it's not clear exactly when a product goes from an innovation to a commodity. But in the case of hypervisors, the day the price hit $28 could be that day the hypervisor became a commodity.

As the Microsoft vs. VMware Virtualization Wars heat up, the management questions are important because 1) the management system can influence which hypervisors get deployed and 2) as hypervisors become commoditized, much of the profit to be made in virtualization will come from the management systems side of the business. Since the majority of the servers being virtualized are Windows Servers, its Microsoft's belief that customers will find it more appealing to extend the management system already in use -- System Center -- to manage both physical and virtual servers, rather than having separate management systems. Further, Microsoft is adding support for VMware's ESX products so that customers can manage both ESX and Hyper-V from the same console. So then the question is -- "How much of the market uses Microsoft's System Center?" We're told that on the server side, 45% of enterprises use it with 40% penetration rate (penetration rate refers to the percent of attached systems inside an organization), and on the desktop side, 56% of enterprises use it with an 80% penetration rate.

The sense that you get after watching Microsoft describe its upcoming virtualization product portfolio is that they're throwing everything including the proverbial kitchen sink into this battle and it's a battle that no one there is willing to lose -- future career options are at stake. Bob Muglia puts it on a more personal level when he talks about being half way down his ten year mission to improve datacenter operations. It's always hard to tell how the battle for the virtualization market will shape up -- VMware has a huge lead, a good product line and satisfied loyal customers -- at this stage the thing that is clear is that the team from Redmond is prepared for a long siege.

If you didn't think there was a recession before you went the RSA conference, you might have come away with a completely different view. The conference was "too quiet" which may have been due to its unusual scheduling (usually the conference is in February while this year it was in April during a week which conflicted with two other infrastructure events plus Spring Break for many families). But you couldn't help feeling the slowdown -- it didn't seem as big or as active as past RSA events. And there is plenty of reason for thinking that the security business could be in for an economic driven slowdown. As you know, the security value propositions have evolved to include risk and compliance. Several vertical markets, most notably the financial services vertical (banking, securities and insurance) consequently play a greater role in the early adoption cycle of these products -- the financial industry understands risk and has lots of regulations to deal with. Unless you've been under a rock for the past six months, it's hard to miss the fact that the financial sector is being pummeled due to the mortgage crisis -- companies in this space are loosing billions. It's well known that companies in the financial sector are quick to respond to changes in their bottom line by increasing (or in this case decreasing) their IT spending. And of course, it's likely that what gets cut first is discretionary spending on new project initiatives (the very thing that the security infrastructure sector needs the most). So it may be that there is a direct path from the front page woes of the financial industry to a slowdown in the rate of adoption of new security initiatives. Usually, we look to the financial sector to lead infrastructure sectors out of a recession by being the first to increase budgets. The question is: "If not them, then who?"

After the 2006 RSA conference, we made special note of a truly distressful talk given by the CEO of ISS (a security focused division of IBM) who started off telling a story (about how a horse's ass determined the width of roads in ancient Rome which ends up being the limiting factor on the size of the Space Shuttle's engines) which he apparently thought was true but which turns out to be an one of those urban legends that circulates through the Internet ever couple of years. We wondered -- if he got duped by an Internet propagated urban legend, how relevant was the rest of his view on security trends? So it was with great anticipation when we attended Val Rahmani's keynote at RSA. Val is the articulate General Manager of IBM's ISS division. Although Val is a good public speaker, she seemed to miss the fact that she was talking to a room full of security experts. She got off to on the wrong foot by using the line "IBM is getting out of the security business" as a public speaking device to generate interest (it turns out, of course, not to be true). Her talk had lots of cute animation of things like someone rolling a rock up a hill to illustrate her observations that companies aren't getting the most out of their security offerings. What she doesn't seem to understand, perhaps because it hasn't occurred to her, is that her company has been one of the market leaders supplying the very products that she's labeling as ineffective and disappointing. RSA sessions are composed of sophisticated security experts who aren't patient with some patronizing banter about "the new security mandate." The problems with security that she was citing might have more to do with the lack of completeness of the products being sold rather than the lack of understanding of security managers of how to do their jobs. We think the audience wants, and deserves more.

After hedge fund operator Elliott Associates LP set the ball in motion with a $200M buy out bid last month, today's news that someone acquired Packeteer comes as no surprise. What makes it interesting, however, is that it's Blue Coat that came to the table with a $268M cash offer. Assuming Blue Coat does a good job at quickly rolling Packeteer's products into its product line while keeping Packeteer's customers and channel in line, in a couple of years the $268M price tag might look to be a real bargain. All things considered, Packeteer's product offerings are complimentary to Blue Coat's and, in many ways additive. Blue Coat did some interesting financial gymnastics to come up with the cash -- Elliott Associates along with Francisco Partners is fronting $80M in the form of convertible notes.