By Alex Salkever Would you want Bill Gates to be your firewall engineer? Many info-tech pros who see Microsoft software as insecure would answer with an emphatic "No way!" But that's precisely what Microsoft (MSFT) is planning to offer its broadband Internet service subscribers with MSN 8, the next update of software and services from Redmond's ISP arm.
Slated for release later this fall, MSN 8 will offer subscribers free support for home networking on broadband connections to those who buy a new line of Microsoft-branded wired and wireless routers. Since the sleek silver and black routers have firewall features included, it means home networkers on MSN won't have to purchase a separate security appliance. And by giving customers support for both the security devices and connectivity, MSN solves one of the biggest headaches in home computing: finding someone willing to help rather than passing the buck.
Not surprisingly, only Microsoft-branded routers will get free support as Gates & Co. plausibly claims that it can't afford to support each of the hundreds of firewall routers on the market. As a promotion, Microsoft is offering a 30% discount on the routers to MSN customers.
A FAR CRY. The move by North America's second-largest ISP (after America Online) is the latest sign that security is becoming part of any standard broadband ISP offering. On Oct. 8, Verizon (VZ), announced an exclusive deal with router-maker Linksys to support without charge the Irvine (Calif.) company's broadband routers and built-in firewalls. And in June, cable broadband giant AT&T (T) unveiled an exclusive deal to sell to its broadband subscribers discounted firewalls from Sygate in Fremont, Calif.
Support, of course, is a somewhat relative term. Verizon will connect customers back to Linksys representatives for help with the routers. Ditto with AT&T and its customers running Sygate gear. But that's a far cry from a year or two ago when the typical reaction from an ISP support representative was utter hostility when asked for help configuring a home-networking router with built-in security or any type of software firewall.
Now, floods of customer inquiries fueled by fears of cybercrooks are driving this shift in attitude among ISPs. "We noticed increased concerns from our customers about their high-speed connections," says Tiffany Tomaszewski, Internet services product manager for AT&T Broadband in Denver.
SAFER SURFING. The ISP giants are joining smaller, more forward-thinking providers such as Earthlink (ELNK) and Seattle-based Speakeasy.net. Both have supported certain firewall products, for a fee, for over a year. But the market heft of MSN, Verizon, and AT&T Broadband, a trio that collectively services close to 5 million broadband subscribers, can't be overstated. Their embrace of security measures will change the consumer security sector dramatically. Customers can expect safer surfing for less money as ISPs increasingly include discounted or free security services to keep up with Microsoft's offering.
Furthermore, the price competition that firewall and security-device makers will face in selling through big ISPs rather than directly to consumers will speed up an onrushing shakeout in the sector. Everyone gets squeezed when individual consumers with little pricing leverage are replaced by a bunch of big ISPs that see low prices or even free security services as a bennie for their customers. Ultimately, many of the security software makers will have to face down Microsoft, a rough prospect considering its deep pockets and infinite patience.
No doubt, the trend toward security becoming just another part of ISP service is ultimately a huge improvement for consumers. As it stands today, security is one of the most painful issues anyone with a broadband connection has to deal with. While much of the software and hardware is relatively easy to use, the average consumer on a home network can still quite easily misconfigure a firewall or other security software.
"SOMEONE ELSE'S FAULT." Keeping track of the security status of all the PCs, handhelds, and other geegaws connected to a growing home network becomes another problem. "You'll have multiple devices in the house, and consumers are not going to want to become a network administrator or an expert in security and home networking," says Steve Cullen, a vice-president at security software provider Symantec (SYMC).
Another big issue is the question of where the cyber-security buck actually stops. "A lot of times if a customer has to call the ISP, they say it's some firewall's fault. Call the firewall company, and they say it's the ISP's fault or someone else's fault," says Larry Grothaus, lead product manager for MSN 8. But if the ISP handles the security device, then the conflict goes away, and customers can get a one-stop shop for support.
On the business side, the sector can expect a rapid consolidation because companies that line up deals to sell their products either directly to or in conjunction with ISPs will prosper. According to Paul Weinstein, a vice-president at software firewall maker Zone Labs, as much as 20% of all security product sales will be resold through ISPs. That might not sound so dramatic, but with dozens of companies vying for this market, concentrating 20% of the business in a few hands could devastate smaller players.
WHAT'S IT WORTH? No surprise, then, that the competition to sign deals with ISPs is fierce. "We've come into meetings just hours after our competitors have paid a call.ost of our partners have other software providers knocking on their doors," says Weinstein.
The long, brawny arms of Microsoft, however, will likely have the biggest impact. By reducing the price of supporting secure home networking to zero -- except for the cost of the router, which is something a subscriber would have to pay at every other major ISP -- it could change customer perceptions of what security services are worth and whether they should be included in the basic cost of connectivity.
In turn, that might affect the bottom lines of other ISPs trying to sell security service as an a la carte offering. Speakeasy has charged $5 per month for its MyFirewall service, which manages Internet Security Systems' (ISSX) BlackIce personal firewall installed on the desktops of Speakeasy subscribers.
OUT ON A LIMB. Earthlink says its support reps will do their best to help out with any device. But it charges $10 per month to provide guaranteed support for home networking, the 2Wire brand routers, and Zone Labs' ZoneAlarm firewalls that it sells to customers. "One of the reasons we decided to offer home networking in the first place was to add a little bit to the bottom line for broadband," says Earthlink spokesperson Kurt Rahn.
And even though AT&T now supports Sygate software firewalls, it still won't support full-fledged security routers, and it charges for home networking -- $5 per additional machine attached to an AT&T connection.
Risking brickbats and rotten tomatoes, I'll go out on a limb here. I think Microsoft is doing the right thing with its free offerings. Customer security really does belong with ISPs, something that more and more of them clearly acknowledge. I also think that ISPs selling such services a la carte is the wrong tack, as better security on home networks ultimately helps the ISPs, too, by minimizing virus, worm, and other problems that continue to wreak havoc on networks.
HARDLY PERFECT. Is Microsoft's effort here self-serving? Of course. It's selling its own branded equipment and monopolizing more of the profits by forcing customers to buy it if they want support. In a perfect world, MSN would support a handful of security-router devices and firewall products -- say, three at a minimum. But support for one is still better than no support at all -- or paid support.
How well Microsoft actually executes on its initiative remains to be seen, considering that millions of Microsoft Office customers regularly complain of lousy support. Still, the concept is right on, and other ISPs should follow suit. Salkever is Technology editor for BusinessWeek Online and covers computer security issues weekly in his Security Net column