Intel buys McAfee “for security in the cloud”

In case you missed it, Intel has bought McAfee, a security company best known for virus scanning and other malware detection software, for $7.68Bn (on revenues of about $2Bn).  This is a tidy multiple in any marketplace, particularly as  McAfee is not the dominant player.  It is the largest deal Intel has ever done, and the largest pure-play security deal ever.  Plus the deal was in cash.

Add to this the Intel plan to purchase the Wireless Solution unit of Infineon (for $1.4Bn) and you now have the direction in which Intel plans to go. More Security in the hardware.

The technical rationale behind the deal seems to be that security should be going into hardware, and that in newer cloud access devices (Android, iPad etc) it wont’ be a bolt-on extra like it is at the moment, it’ll be something that OEMs could buy from Intel.  The same argument applies to the clouds themselves.  Servers would come with embedded security. We’ve been discussing this stack/hardware boundary a little at the virtualization practice – it features on our recent podcast, Virtual Thoughts: Is the Hypervisor moving into Hardware?. However, our perception had been that the stack/hardware boundary was being driven by the VCE coalition (VMware, Cisco, EMC) and potentially by HP and even Dell, but not by the semiconductor manufacturers.

It is important to stress that we are not necessarily talking about the core antivirus business itself here. The virus scanning engine is a fairly complex beast which  needs constant updating as new threats are identified, and even the engine itself migrates through time.  Updating firmware is much harder than software. However, McAfee already has embedded security products – for preventing unauthorized change to embedded devices.It also has firewalls, network security appliances and the like (with some overlap with Intel’s existing product range). McAfee also has a large portfolio of Application-level Risk-level products that can assess and quantify the enterprise operational risk position, and this is likely where the highest margin is and wll remain.

It’s a peculiar deal in that Intel actually once owned part of the Symantec antivirus business -the sale of that business back in 1998 was rationalized as a maintaining a policy of netrality over antivirus technology so as to avoid coming into conflict with its OEM (like Dell and HP) who may want to choose other technology.   HP and (as we mentioned in a recent post) even Dell are becoming more consolidated stack players, but at this stage antivirus isn’t generally part of that offering.  Intel clearly believes it can drive additional revenues out of McAfee by leveraging these OEM partnerships to ensure more McAfee ends up on people’s desktops for trial periods when they buy these OEM’s machines.  The difference 12 years on is it thinks it can do it without annoying them.

There is also a major difference between 1998 and 2010, the price of a low-end desktop or laptop PC has plummeted from around $2000 to around $500. The cost of silicon in the machine has plummeted too and although Intel may get a larger proportion of that silicon and there may be more PCs in general being sold, the additional revenue from antivirus (around $100 over 3 years) is clearly an interesting prize.

So, although there have been a lot of discussions about the technical fit, in fact this may be a simple business-driven acquisition.  Intel grows McAfee market share as much as possible without reducing price point.  It consolidates the OEM sales teams and reduces costs.  McAfee already generates cash, but can be expected to generate a lot more on this basis, and Intel may eventually get its money back. That keeps the accountants happy, and gives the team at McAfee the freedom to innovate.  We wait and see what will happen.

Posted in SDDC & Hybrid Cloud, SecurityTagged , , , ,