1. Too much, too much, too much. A.k.a. the 50+ size monster PowerPoint files.
2. Related, the customers don’t care about half of the “features” we talk about.
3. This is so similar to the position Brightmail was in a year and half ago when I joined the company (or the Symantec Mail Security 8300 Series with AntiSpam and AntiVirus as it was lovingly known then)

First task has got to be simplification and a focus on three or four key areas that people actually care about. I have a meeting this afternoon to make a first pass at trying to get some thoughts together. I can’t wait for the Big Corp HQ to give this to us because we’ve got to get moving now to get back in our stride and off the back foot.

1. Keeping the bad stuff out
2. Keeping the good stuff
3. Keeping stuff as required
4. Finding stuff easily when needed

I love the using the word “stuff” when I’m talking to people, it always surprises them! However, it nicely sums up the fact that data or information is largely unstructured and unclassified these days and not immediately identifiable based on what system its in.

My focus has been largely the first two pillars in the context of messaging security. For Symantec that means the Brightmail family of technologies. My team mate Jaap has focused on the second two which fall under our Enterprise Vault related products.

However as you can see from the title of this post I’ve had a slight change of direction in the last few months and been pushed towards a stack of solutions in our security products that include the infamous Symantec Endpoint Protection (a.k.a. SEP). SEP is our desktop and server anti-virus product that is what most of the world probably associate with Symantec and it’s yellow boxes. If you use the twitter search site and search for the keyword “symantec” you’ll get an insight into what a vocal group think of that product. You’ll soon understand why I called it a “nettle”!

The reason I’m now working with it is my main focus, Brightmail, is now included in a bundle called Symantec Multi-tier Protection (SMP, must have acronym for everything in technology). SMP contains amongst other things, SEP for the endpoint, SMS for Exchange/Domino (anti-virus for the mail stores) and Brightmail. It’s designed to give complete coverage for end-to-end protection.

SEP has gained a bad reputation because we essentially rushed it to market and didn’t do adequate testing on all ranges of customer sizes. As a result we killed some of our smaller customers servers (who generally don’t have high-end dedicated machine per application). My challenge is that a bad reputation is quick to gain and doubly hard to shrug off. It also doesn’t help when idiots from PR companies try and replicate “comcastcares” on twitter and offer to help “fix peoples problems”. Just makes us look like we don’t have a clue.

The reason smart people though will realise from my title that “grabbing” a nettle is actually not a bad plan. Brushing up against a nettle will result in a painful rash, but grabbing it quickly results in no pain. Now you see my task: dive in, get knowledgeable as to what our customers want, speak honestly and make it work.

According to the report the volumes of spam have recently risen to peaks of 87% globally. However I’ve seen a few snapshots from dashboards that customers have sent our team recently showing 98.2% over a period of a week! I repeat … 98.2%! Just think about the volume of email the hits your inbox legitimately on a daily basis and imagine that’s less than 2% of the volume your organisation is processing for you!

One of the great things I love about the Symantec Brightmail technology that drives the anti-spam products I work with is the mix of humans and technology. It’s almost like bionic man (or woman) in someways. The reason I know that the human-machine mix works so well was the tweaks they’ve done in the last month to slow very effectively the NDR (Non Delivery Report) attacks that were happening. The volumes dropped significantly without a patch or new release of software etc. It was done through crafting rulesets that were deployed automagically to our customers. I was saying to one of our Product Managers, Jason, that it’s a shame we currently don’t have a really effective way to let our customers know what we are doing on their behalf but I think we’re we’re looking into some sort of a direct news feed to our customers in the upcoming dashboards. We could send them an email but it might get marked as spam and as far as I know we’re not hard-coded a whitelist entry of “*@symantec.com”!

I should be getting a tour of one our operations centre’s in Dublin later this month and I’ll try and write up a bit more if they let me.

The usual corporate-PowerPoint-hell exists at Symantec with 50 slide monsters containing everything you ever wanted say written on the slide itself. I apologise if you’ve ever been subjected to one of ours! Personally I try and use whiteboard wherever possible and I’ve been re-thinking the one I usually give recently in the light of our Vontu acquisition.

Vontu as a standalone entity focused on data loss prevention (DLP .. Another fab TLA) which is fundamentally about discovering where your important data exists within your organisation and keeping in the hands of only the people that need it. I think as I’ve been reviewing their messages and slides that the thing that most jumped out at me was the fact that “policy” was the core of all they do. Describe data. Describe access. Describe retention. Discover. Protect and prevent leakage. All those kinds of words and phrases revolve around policies. If you don’t know what your policy is handed down from a legal body, or an internal body, then how on earth are you going to decide how long to keep that pile of emails from your customers?

I think the biggest relief for me though as I discover more about the Vontu technology is that it’s not some toothless auditing or reporting tool but can actually impact and change user behaviour. You can run it in “Monitor/Discover” mode or “Prevent” or both. It’s not hard to build stories when you can impact the behaviour of thousands or millions of interactions of individuals using “our” information within an organisation!

• Brightmail – Top notch anti-spam filtering engine
• Anti-Virus Engine – Well known and loved (or hated)
• IMlogic – The core instant messaging security engine
• Vontu – Advanced filtering technology for Data Loss Prevention (or Protection depending on the day of the week)

These four elements are all integrated on the boxes and I joked whenever I showed it that three were Symantec technologies, though you’d be amazed how many people didn’t know, and the forth would probably be soon. I didn’t do so with any insider knowledge! Just knew that the technology was too good to stay integrated and yet outside the organisation for too long!

The team I’m in is a group of specialists called “Information Risk Management” and it will be very interesting to see if we get the European Vontu employees in with us at somepoint soon. From my experience so far of this area of business need is that it’s only getting more and more important as our organisations (and in fact our entire economies) are being built on growing stack of data. How it’s managed, for good or for bad, internally or externally, with ease or pain – all these are going to be critical. I repeat again – Woo-hoo-Vontu!

If you searched on our good friend Google for “Symantec appliances” you’d get the following results as the top two:

Symantec turns off on security appliances | The Register

Symantec is scaling down its hardware offering by pulling the plug on a range of network security appliances. The vendor will stop designing and making the …
http://www.theregister.co.uk/2006/06/27/symantec_appliances/

Avoid Symantec appliances, says Gartner – vnunet.com

Analyst firm predicts that Symantec will exit market sector.
http://www.vnunet.com/vnunet/news/2159677/gartner-advises-avoiding

Oh dear, that doesn’t bode well for me in my new role at Symantec where my two focus products at the moment are Enterprise Vault (formerly KVS, archiving software) and the Mail Security 8300 Series appliance! I’ve only been in the role two weeks and I’ve already overheard colleagues describe themselves loosing business because “.. we don’t do appliances”. I repeat, yes, Symantec still make appliances… and they’re very good! They don’t make the hardware, it’s well spec’d Dell kit, but they do everything else involved in getting an appliance developed and with customers.

The communication problem stems from an exit from making appliance hardware and forming a partnership with Juniper that occurred mid-last year. The releases weren’t particularly clear and the press certainly focused on the “stopping making appliances” part of them. I’m still not fully clear on what has happened/is happening with those “SNS” and “SGS” products but “SMS” (Symantec Mail Security) is going strong. Amusingly the road-map code names for the upcoming releases are mountain names which keep getting higher and higher… I hope they’re pacing themselves on the way to Everest! Though I hear sub-ocean mountains are higher…

It’s going to be a challenge reversing the perception that Symantec don’t make appliances and that they are a worthy and safe investment for customers to make but I’m sure our team is up to the task! The most frustrating thing for me so far is working out what is publicly promotable about the products and what is “secret”. Everything seems to be marked “Internal Only” by default and only gets made “External” if someone asks the right person the right question about the right material and they agree. I’m still trying to discover the best way for me to change that without stepping on too many toes or ruffling too many feathers!