By Alex Salkever The big boost in the computer-security sector that was expected after September 11 has largely failed to materialize. Most companies in that sector, including firewall ace Check Point (CHKP) and security services and software company Internet Security Systems (ISSX), have suffered from the ongoing slump in information-technology spending, albeit in a less pronounced fashion than business software companies such as Oracle (ORCL) or SAP (SAP).
Then there's NetScreen (NSCN). The up-and-coming firewall appliance outfit reported another strong quarter on July 22, thanks to big customers' appetite for its high-end, high-speed security products. Revenue for the quarter ending June 30 hit a record $36.4 million, a 14% increase over the previous quarter and a jump of 58% on the same quarter last year.
The company won't turn profitable on a net basis before 2003, but it's still ramping up its sales force. That could be part of what's hurting its share price, which has dropped from $30 just after its initial public offering in December, 2001, to $11.57 on July 29. Still, almost no security company -- regardless of its size -- is recording big revenue increases in this market. BusinessWeek Online Technology Editor Alex Salkever spoke to NetScreen CEO Robert Thomas on July 24. Here are edited excerpts of that conversation:
Q: Some people said they expected the security sector to do better after September 11. Why do you think that hasn't happened?
A: We were asked, almost on Sept. 12, what kind of uptick in business did we expect to see? Our answer then was the same as it is today: It's unlikely we'll see any change in the short term.
After the events of September 11, people were much more security aware [and] they certainly need to protect those networks. What they didn't do was to race out and buy more firewalls and virtual private networks [VPNs are encrypted data tunnels that let remote employees safely access corporate networks] and install intrusion-detection systems. That wouldn't have solved the immediate problems. What a lot of companies have been doing is looking at their networks and asking how to make them disaster-proof.
Q: Are you seeing any increase at all in the computer-security market?
A: That's a hard question. We know that IT spending is depressed -- but for the last two quarters, and going into the current quarter, our pipeline of potential deals in the enterprise area is as strong or stronger than it has ever been. We haven't really seen a lot of reduced spending in the customers we're talking to.
Q: Where are NetScreen's opportunities right now?
A: On the wide-area-network side, where businesses are deploying VPNs, we see lots and lots of activity. We have a very strong product in that area. People are doing it to save money. They can deploy and manage a network much more quickly and cheaply with a VPN than with other methods. And a lot of companies are sending their employees home to work. Especially in Silicon Valley, more and more people are telecommuting.
On the other side, at the very high end, we see strong growth. When we released the NetScreen 5000, our latest high-end product [designed for use at big companies], we didn't anticipate the kind of demand we saw. We actually underproduced boxes.
Q: So they are actually spending money on security?
A: In some areas. People are spending more money on VPNs this year than last year. And we're very good at that. We're the only company that can provide a box for everything from the guy running the home office to the telecom running the biggest switches. Everyone else would have to provide a collection of boxes with a collection of licensing agreements and a collection of management tools. We have a lot of advantage in that area.
Q: How do you plan to respond to the rise of integrated Internet security appliances where companies are trying to put as many things as they can in a single box or product?
A: I think from an end-user point of view, it's a very attractive scenario. But you can end up with the best of worst of breed.... [In] the smaller-business market, where people feel they have to protect themselves, they can say, "Well, I've bought my insurance policy, and now I can go back to running my business" without really understanding what they've bought.
But I think even in the midsize market, all of those things in one box doesn't fly. Sticking antivirus in the same box doesn't make a lot of sense. You have to have a pretty robust antivirus system, and that's not something that everyone who is trying to build an all-in-one box has.
Q: At the high end of the information-security market, do you think best-of-breed will still be the rule?
A: Yes, for some time to come. Having said that, we can't afford to just be a firewall or a VPN company for the rest of our lives. There's a lot of growth in that market and market share that we can take, but we need to profile more complete solutions to customers. Over the next few quarters, you'll see us start to deliver additional capabilities in different areas. Salkever is Technology editor for BusinessWeek Online