SonicWall has been through it all. The San Jose, CA-based security company began as a hot start up, went public, then private, was acquired by Dell and then spun off to a private equity firm as part of the massive Dell/EMC merger in 2016. In the wake of that change, SonicWall also got a new CEO, Bill Conner, a long-time security and tech industry leader, who took the helm in November.
In this installment of the IDG CEO Interview Series, Conner spoke with Chief Content Officer John Gallant about what the Dell spin out means for customers and where SonicWall is focusing its development efforts. Hint: Think IoT, mobile and hybrid data centers. He also discussed the company’s cloud strategy and how the changing threat landscape opens up new opportunities in the enterprise for SonicWall, which is better known in the SMB space.
SonicWall was acquired by Dell, now it’s spun out by Dell. What does all that mean for the company and for its customers?
SonicWall has been around about 25 years so customers and channel partners have known SonicWall through many incarnations. I actually was closest to it when I was with Thoma Bravo {a private equity firm} and the CEO of Entrust, which was their first security play. I met the team and the company. Of course, they sold their company before I did to Dell but it’s been public, private with Thoma Bravo, with Dell and now private again with Francisco Partners {a private equity firm}. The good thing is it’s independent, it’s 100 percent focused on security, it’s 100 percent focused now on its channel partners and its customers.
Going back to this customer perspective again, does this mean a change of direction or new investments in certain areas? Now that you’re not part of Dell, which had a wider security portfolio or was at least affiliated with a wider security portfolio, what does it mean from a product direction perspective?
Let’s start with the first thing the customers see different. We’re 100 percent channel and we launched Nov. 1 our new partner program called SecureFirst. I love the channels. The good news is we keep the Dell relationship as well. We’ll be an ingredient brand in their stack of solutions, as we were when we were together and, frankly, as we were before they bought us. Customers that want to go through Dell can have us as part of their solution stack.
Our clients get the best of all worlds, whether they’re a Dell customer or one of our other channel customers, we’ll be there to support them for that. As it relates to our product strategy, now that we’re independent we hope to pick up the innovation around our products. Some of that will be on our existing product, firewalls and next-generation firewalls, and we’ll pick up the pace and innovate much like what you saw this past year with Capture. That is our advanced threat protection capability that allows us to protect your business through a cloud-based sandbox.
You’ll see some of those new products in the market mid- to third- quarter this year. You’ve already seen us announce some new capability around our mobile platform where we give you secure mobile access with our SMA product. We’ll have some more next-generation capability there later in the year but what we just released allows you to have disaster recovery on any kind of media, any kind of data, any kind of device on the mobile network. Then you’ll see us start to lean in to some other areas.
Now, 60 percent of the malware is coming in through encrypted email or traffic. That’s our DNA in terms of deep-packet inspection around SSL and encrypted emails. Stay tuned for more offerings in that space in the very near future.
Can you talk a little bit more about the relationship with Dell? Obviously they have RSA and SecureWorks as part of the family. How do you strike a competitive balance with those companies in the market and still work with Dell.
We continue what we’ve done even before Dell acquired us. We had a very nice relationship with Dell as a firewall in their solutions and we’ll continue that relationship. We’ll be working toward an OEM agreement where we’ll become more an ingredient in some of their solutions and carry their potential brand to market with us. We will continue to work with them as we have with the combined RSA, EMC/Dell property. We’re complementary and fit into their security pillow.
You’re new to this role but you’re not new to the security industry. What’s your strategic direction for the company? What did you want to address in taking over SonicWall?
Increasingly, how you play defense - now offense - around all the malware coming in is really going to be the next hot area. Clearly, SonicWall’s deep roots and intellectual property and skill set are well respected for that. There are a lot of people that do it for the largest governments and enterprises, but there are not a lot of people that can take all that complexity, the volume of the threats and resolve/remediate the issues and keep small businesses running. [SMBs] don’t have the money; they don’t have the staff to do that. That’s part of the secret sauce this company has that really got me excited.
I can build from that into campus and distributed networks and different architectures like mobile and Internet of Things. It’s those same skills that will differentiate our strategy and our capability going forward. That’s exactly where we’ll go. We’ll take our deep network knowledge in security and how we can do things faster, cheaper, more transparently with less resource and management.
I want to ask you about the SMB market. SonicWall is widely seen as being more of an SMB company than an enterprise company. Do you think that’s a fair assessment? What would you tell people about your role in the enterprise market?
If you break the market into SMB, mid-tier and large enterprise, it’s a sliding scale where we’re a gorilla in SMB: Extremely well known and great market share almost by anyone’s measure. Mid-tier we’re still in the top five almost by everybody {analysts} and then we’re in the top 10 on the enterprise side. Dell helped move the needle on the enterprise side.
As I look at that model, large data center enterprises are changing through virtualization. They’re changing through storage in the cloud. Every business has multiple access points on the network or physical locations. Think of them as branches or remote offices. That looks like a small business but it needs to be tied together.
We’ll take our strength in management and technology in the distributed network. I don’t need to be in the large data center, virtual piece of that to compete with the Ciscos or Check Points or Palo Altos. I think large enterprises are starting to learn that protecting and segmenting your cloud and segmenting your network might not be a bad thing. Two security providers might be better than one. That’s how we’re going to play with the disruption of technologies and these next-generation networks.
You made mention a little while ago of being more on offense than defense around security. How do we do that? How do customers get on offense when it comes to security?
It’s exactly what we’re trying to do with Capture. Today the firewall is a detection kind of capability. [Malware] comes in, we detect it and we block it. Even with firewalls and next-generation firewalls, probably 3 percent - plus or minus depending on the vendor and depending on the type malware - gets through. Three percent sounds pretty good to the average person. But when you multiply that times hundreds of millions of attacks, 3 percent is a lot of people getting infected and a lot of business damage.
Capture is all about changing the paradigm. We created a network sandbox in the cloud. Now I can store all the things we’ve learned from the firewall and that 3 percent gets processed through three different engines. What that will do is allow you, for the first time, to find something that you would pass through, capture it, log it and now send the traffic back and stop it, block it or let it go. Because it’s network-based it’s preventive.
Now every other customer doesn’t have to experience it. It’s more prevention, which is offensive. That’s a really important shift. You’ll see us apply that now across our portfolio, not just our firewalls and next-generation firewalls but around email, around our mobile capability. At this kind of volume, you really have to look at different ways to detect the malware.
I’ll give you a perfect example in the retail industry. Two years ago, the industry went to PIN and signature. The rest of the world had gone to chip and PIN but we went to chip and signature instead of PIN. Remarkably, in 2014 SonicWall wrote about 14 malware threat variance signatures against point-of-sale attacks. In 2015, there were about nine of them. In this past year, in 2016, we only wrote one. What that means is the bad guys are looking for easy money. The bad guys said let’s go somewhere else.
Now guess what went up? Spam. Spam went up over 250 percent. If you think about spam, it’s really spear phishing. You couple that with people shopping more online at the office and all of a sudden what used to be a consumer problem starts to look like a business problem, especially if that malware variance is coming in the form of ransomware, which is dramatically increasing. You’ll see in our cyber report that we release at RSA, it’s up almost exponentially. You look at spam as a vehicle coming in and you’re going to see lots of not just zero-day stuff but a lot of ransomware. The offense there is how do you start to segment your networks and your storage so you get critical, sensitive information on a separate network than everything else? That’s an offensive move.
How do you use something like Capture to go behind not just SonicWall’s technology but other vendors’ so you have a layered approach to prevention? How do you put firewalls and that technology in segments of both protected networks? How do you look at your distributed network as a business and diversify? One size doesn’t fit all.
Then, look at what we’re doing now with mobility. Increasingly, threats are coming in through Wi-Fi networks and mobile access points. Look at Internet of Things, which is not a consumer issue. It’s really a business issue because all those things are connecting to business somehow. Our Global Response Intelligent Defense (GRID) network has over a million points out in the world where we’re looking for malware and then feeding it back for us to learn and deal with.
Couple that with our network sandbox and it’s a whole different way of thinking of it. Cameras and things like that usually are connected to a gateway or router somehow. What we’ve got to start thinking about is how do you start profiling that? We need to start looking at the traffic and figuring it out just like we did in the old wild, wild West 20 years ago. How do you start profiling that and looking for bad stuff? It’s a brand new threat factor.
Security is a tough market in which to compete. You have some big competitors with a broad product line but there’s also a huge influx of new companies trying to solve specific problems. How do you navigate that? How do you maintain a broader portfolio while continuing to innovate on those pressing point issues?
Security is a fractured market. You’ve got huge gorillas in the high-end enterprise from Check Point to Cisco, the Palo Altos, playing in that world. As you move to the low end you’ve got us, Fortinet and a cast of a jillion others that are pure startups. We benefit from having done this for so long.
It’s not just can you find the next [solution], it’s how do you fit it into the environment? How do you bring this kind of power and knowledge to bear to move it? I’m not going to go right at Palo Alto, Check Point and those guys. That would be stupid and I don’t need to do it. The reality is that the value proposition for security is not about one vendor solving it all. It’s about how you protect certain assets and start to think of your business differently, segment those networks and protect them differently. You increase the value of the whole that way.
The world is changing because topologies are changing. Mobile is changing networks. Cloud is changing networks. Virtual storage and virtual data centers are changing things. All those disrupters break up the business in different chunks. That is our skill. I’m not going to put a big army of direct sales on the big guys. I’m going to look for where my solution fits the security profile for your business and that’s how we’ll do it at the very high end.
The startups? Look, I’ve got the best of all worlds. I’ve got a multi-hundred-million-dollar company that’s acting like a startup. The R&D guys here are brilliant, they’re innovative. More things have come just in the first 90 days of me being here than I could have dreamed of. It’s amazing [what happens] when you turn on engineers that have a passion for this. Then you bring some new talent in and you’ve got an unbelievably good dynamic. We’ve got channels to market, we’ve got service. With the kind of backing we have from our private equity friends, we have the stability to build for the near and long term that a normal startup doesn’t have.
Where are you directing your R&D efforts now? What should people expect from SonicWall going forward?