Deal: Symantec pulls the trigger on Vontu

At long last, those consolidation watchers can finally exhale, since SYMC has finally gotten the Vontu deal over the finish line. The deal was announced this afternoon as a $350 million dollar cash deal. It's a pretty decent multiple, which I estimate to be about 7-8x trailing twelve month bookings. Not as expensive as Brightmail, nor as cheap as Whole Security.

You can also read SYMC's "rationale" on how Vontu fits into their Security 2.0 strategy and introduces a new tagline "information-centric security."

The reality is Symantec needed to have some type of presence in the DLP space. Their big competition on the storage side is EMC and they have a widget in Tablus. Their main competition in the security space are also well represented, as McAfee, Websense and Trend have acquired companies in the space as well. I've been saying for a while that DLP is more of a storage and information function, than it is core security - so the fit with Symantec is pretty good. The question is whether this provides the "glue" that finally makes Symantec's security and storage capabilities kind of hold together.

And that brings up the huge blind spot in this deal, which is whether SYMC will be able to maintain Vontu's momentum in the large enterprise. They say Vontu will be run as a stand-alone entity, but I'm not sure if that's a good thing or a bad thing. They also plan to integrate Vontu into all of SYMC's existing offerings, given there is a piece of DLP in every aspect of SYMC's business. But to be skeptical (I know it's shocking for me), it hasn't happened in Big Yellow land with any other deal, so there is nothing that leads me to believe it will happen now.

Of course, there is always risk for existing Vontu customers that the deal won't go well and there will be a huge loss of Vontu brain power. But those are always risks in any deal.

Those most exposed are storage folks like Sun and NetApp, and big tech like Microsoft, Oracle, IBM and HP - who currently have no DLP strategy and may get left with 3rd tier pickings if they wait too long. Since DLP is clearly a feature of a bigger data security strategy, any player who says they manage data needs to have a story around DLP. There are also risks for start-ups who have not been spoken for, like Vericept, Code Green and Reconnex. You know the story of the company that holds on too long, waiting for that bigger, better deal. It usually ends as a fire sale. Though anyone independent now has some running room as the inevitable integration hiccups will provide a small window of opportunity.

So to net it out and not belabor the point, strategically the deal makes sense. Now it's all about executing the integration well and that really hasn't been Symantec's strong suit over the past few years.