Eric Parizo

By Eric Parizo, Senior Analyst, Enterprise Security, GlobalData

McAfee is a security provider in transition.

After spinning out of Intel earlier this year to become an independent company co-owned by TPG, Thoma Bravo and Intel, McAfee CEO Chris Young wasted no time streamlining the organization, cutting approximately 300 jobs.

Meanwhile, the vendor widely known for its endpoint security portfolio has significantly revamped its enterprise product line, last year cutting a handful of underperforming products and doubling down on five key areas: endpoint, security operations, workload security, data protection and integration.

McAfee’s long-term vision, shared at its recent Mpower conference, is to become its customers’ most trusted security technology provider, and solution providers will be essential to realizing that opportunity. But in the short term, channel partners must study two key developments to understand the ramifications for their businesses.

McAfee shifts away from field marketing: McAfee’s recent layoffs were in part a result of the company’s strategic decision to reduce spending on local field marketing, instead shifting more of its efforts toward digital marketing. Executives say the strategic adjustment reflects the changing nature of how IT buyers engage with vendors, conduct research and ultimately choose products. Increasingly, all of these activities happen wholly or partly online as opposed to in the field.

This is a trend affecting all information security vendors and more broadly the entire IT security market. Customers are now very comfortable using the internet to choose and purchase products of all sorts, including IT. In turn, vendors have realized that engaging websites, detailed webcasts and demos, and active social media presences often produce better results than full-color brochures and high-pressure onsite sales presentations.

This change offers benefits for vendors in that marketing spending is more measurable, with a clearer ROI. It’s trivial to track which digital campaigns draw in leads and which ones don’t. That matters to a VC-owned company like McAfee that is challenged with balancing short-term revenue versus long-term growth.

But there are important ramifications for McAfee channel partners. Fewer local events will mean fewer opportunities to bring McAfee’s expertise to bear when selling its products. Similarly, the expected reduction in local sales engineers and travel for regional sales engineers means less on-site support during the sales process. Digital-centric sales cycles are often longer and require an effective “warm handoff” from the vendor to partners, creating more points at which potential deals can fall through.

Partners should pressure McAfee to improve its lead management process. Specifically, ask how it plans to scale and refine efforts to identify, qualify and transition digitally generated leads to partners. Furthermore, solution providers should follow McAfee’s lead and make sufficient investments in their own customized digital marketing efforts. Partners should also plan for the vendor’s reduced local presence by opportunistically attending more …

… events of all kinds where prospects may be, and even create their own events and freemium consulting packages as lead-generation vehicles.

And while not all solution providers are willing or able to offer comprehensive managed services, increasingly McAfee is tuning its products to be MSSP-friendly. Partners should remain cognizant of whether their current and future McAfee customer portfolios may lend themselves toward managed services.

McAfee prioritizes best-of-breed integration: McAfee partners are likely already familiar with Data Exchange Layer, the Security Product Integration Framework closely tied to the vendor’s ePO and Threat Intelligence Exchange (TIE) products. DXL, and its more recent iteration as OpenDXL, enable relatively simple and fast integration of McAfee and dozens of best-of-breed, third-party security products so that they can work as a single, interconnected security product architecture.

Arguably the most significant announcement at this year’s Mpower event was a first-of-its-kind integration between McAfee OpenDXL and Cisco Systems’ pxGrid SPIF . The integration enables Cisco’s ISE network-access control product to discover endpoints unknown to ePO and share status information, enabling ePO to potentially apply policy or mitigate the risk posed by a rogue or out-of-compliance device. In turn, ISE can receive endpoint status data from ePO and use it to govern the level of network-access endpoints received, potentially quarantining devices if necessary.

These seemingly trivial integrations are greatly desired by customers. Not only can overstretched security pros realize greater efficacy by enabling their network and endpoint security solutions to work together, they also lay the groundwork for an advanced incident-response capability through orchestrated and automated incident response and threat investigation. Enabling policy-based mitigation actions across Cisco-managed networks and McAfee-managed endpoints is a win as well.

Even though SPIFs (in this case, security product integration frameworks, not sales incentives) make security product integration easier than ever, McAfee’s long-term commitment to OpenDXL represents a huge opportunity for its partners. Customers new to OpenDXL will need consulting and support with initial deployment and configuration, deciding which products to integrate, developing workflow processes based on those integrations, and in some cases developing code to support custom integrations. As more third-party vendor integrations become available, partners will increasingly serve as advisers to consult on which products work well together and how to deliver the best possible efficacy from an integrated, best-of-breed security product ecosystem.

The high degree of change at McAfee in the past two years has no doubt caused trepidation among partners, and it won’t be a surprise if that brisk pace continues or accelerates as McAfee gets its footing as an independent company. But solution providers that understand how McAfee’s changes support its broader strategy – and are willing to adapt along with the vendor – will be poised to benefit from a fruitful long-term relationship.

Eric Parizo is senior analyst, enterprise security, with GlobalData. Eric brings over 15 years of experience to his role and is responsible for tracking and analyzing the evolving technological and competitive developments in the threat management segments of the information security market.