• United States



Contributing Writer

Whatever Happened to Microsoft Forefront Endpoint Protection?

Aug 17, 20114 mins
Check PointCisco SystemsData and Information Security

Will this once promising product go the way of the Zune?

Back in 2007, Microsoft shook the security world when it entered the endpoint security market with what was then called Forefront Client Security (now Microsoft Forefront Endpoint Protection). Forefront was positioned as the endpoint security market for the commercial market while its sister product, OneCare, was aimed at the consumer market. This created a market fire storm, especially at companies like McAfee, Symantec, and Trend Micro that depended on PC security for the bulk of their 2007 revenue. The industry wondered, “would these powerful security companies get Netscaped?Microsoft was pretty bullish about its announcement. When Forefront was announced, Bob Muglia, who was VP of Microsoft’s server and tools business stated, “we think that this product will provide a level of integration and simplicity that really differentiates it, and really enables a different kind of solution.” Microsoft wasn’t alone in its expectations. Here at ESG, we had just done some market research revealing that: 1) Most security professionals looked at endpoint as a commodity product, and 2) They were already evaluating Forefront or were willing to do so. In other words, the market was open to Microsoft — all it had to do was execute and beat the competition on price.Fast forward to 2011 and Forefront seems like a blip on the endpoint security radar screen. I regularly speak with McAfee, Symantec, Trend and others who rarely if ever mention Microsoft as a primary competitor. From 2007 through 2009, Microsoft briefed me on Forefront progress and plans but then the company re-organized in 2010 and almost all communications stopped. Wondering if it was me, I reached out to some analyst friends to see if Microsoft continues to discuss Forefront with others. I got a consistent response, “not really.” So what happened? Here’s a few of my thoughts:1. Forefront did have momentum out of the gate in 2007 but it faced a few obstacles. First, there is the traditional view that Microsoft products don’t hit their stride until Rev 3.0, so customers were willing to wait. More importantly, we are talking about security professionals who are paid to be paranoid. Microsoft would have to work hard to get the benefit of the doubt from this tough crowd.2. Microsoft tried to make endpoint security an economic rather than an IT issue but putting Forefront on its Enterprise Client Access License (ECAL) which made the product virtually free to companies that bought a bundle of client licenses for Exchange, Sharepoint, etc. It was an “all or nothing deal” whereby you had to buy client licenses for all desktops. From my perspective, Microsoft didn’t win many ECAL Forefront deals but did alienate security professionals by pulling the “end around.”3. Forefront management required a number of other pieces of Microsoft infrastructure (Microsoft Operations Manager, SQL Server, ActiveDirectory, etc.). Security professionals were used to more turnkey endpoint security management platforms.4. Microsoft stopped selling OneCare in the consumer market. Although it replaced OneCare with Microsoft Security Essentials (a free alternative) many people were spooked by this change of plans. With Microsoft out of the consumer market, why would it stick around the commercial market?5. Microsoft Forefront “Stirling,” the next-generation product was delayed by several years.6. Microsoft re-organized and cut back its Forefront marketing.7. On average, Forefront was a “B” player in most independent security product testing. Most recently, Microsoft Forefront was characterized as a “niche” product in the Gartner Magic Quadrant. Most likely there was sub-plot to these issues on the sales side of the house. Microsoft reps and channel partners didn’t see much ROI on Forefront sales efforts so they simply stopped selling the product to concentrate on others that were easier to sell. So the supply side (Microsoft corporate, sales, the channel) slowly backed off while the demand side never really caught on. I know that Microsoft Forefront endpoint protection 2012 is currently in Beta test. I’m sure the product is superior to the current offering but will it really turn the market and channel around? Given the 4-year track record of Forefront, I doubt it.Ultimately, Microsoft has to ask itself a difficult but necessary question: Given our limited success, is it worth continuing to invest in this market? Microsoft did this with the Zune music player, perhaps its time to make a similar decision with Forefront.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author