Symantec Buys BindView in $209 Million Cash Deal

Symantec (Nasdaq: SYMC) has announced that it has signed a definitive agreement to acquire an agent-less IT security compliance software company in a US$209 million all-cash transaction.

Symantec said the acquisition of BindView Development Corporation would allow it to offer customers an end-to-end solution for policy compliance and vulnerability management with a choice of agent-based or agent-less technology architectures.

Compliance Challenges

Enterprises in both the public and private sector are faced with meeting an increasing list of regulatory mandates, such as the Sarbanes-Oxley Act, the Federal Information Security Management Act (FISMA) and Basel II. Compliance with these regulations can be difficult and expensive, placing new burdens on businesses as they also work to secure their global IT infrastructures.

Jonathan Spira, CEO and Chief Analyst at Basex told the E-Commerce Times that compliance tools ensure that the computer has the latest security policies, operating systems and anti-virus patches.

"This is particularly important on endpoint devices which may connect to a variety of networks, such as a home network or hotel broadband, where malware lurks," he said. "There's no question that we'll see more movement in compliance and security software, especially as everyone tries to find a better mousetrap."

Agent-based vs. Agent-less

Symantec believes the BindView acquisition gives it that better mousetrap by offering customers a choice of agent-based or agent-less technology architectures. Agent-based and agent-less policy compliance solutions are complementary capabilities that address different customer needs.

Symantec said its agent-based technology architecture offers compliance and vulnerability management, and is well suited for enterprises that have complex and heterogeneous IT environments.

By contrast, Symantec said BindView's agent-less architecture, which is less IT-staff intensive, is ideal for organizations faced with managing a large number of systems that are not centrally located.

A Dual Approach

Spira said BindView fills in a gap in Symantec's portfolio. Specifically, he said the company needed BindView's by-Control application, which allows IT administrators to centrally manage and configure computers without the use of agents on each computer.

"BindView's approach requires less overhead in terms of IT staff and is ideal for organizations with systems that aren't centrally located, such as scattered Windows desktop computers and laptops, as well as for smaller organizations," Spira said. "Installing agents on thousands of desktop and laptop computers is not the answer, as it adds to IT overhead."

An Exciting Proposition

Ajei Gopal, senior vice president of Solutions, Alliances and Operations at Symantec, recognized that global organizations are challenged by an ever-changing security environment and by the need to meet multiple government regulations. The ability to offer its customers BindView's agent-less policy compliance solution, he said, is exciting for Symantec.

"Not only will we be able to meet customers' IT security and policy compliance needs with a complete range of product capabilities, but we will also be able to help reduce the cost and complexity associated with compliance," Gopal said.

The acquisition is is expected to close in the first quarter of 2006, subject to regulatory and BindView shareholder approvals. BindView shares were up 35 cents, or about 10 percent, to US$3.85 per share in morning trading on the Nasdaq while shares of Symantec inched up 25 cents to $22.91.