Symantec beats the research drum

The company is making research a higher priority. It is investing more resources in the group and is more aggressive about the development of technology in-house.

Security
MOUNTAIN VIEW, Calif.--Michael Spertus is about to get some colleagues.

Right now, Spertus is the only employee at Symantec doing fundamental research, which means he is looking at the limits of security technology without a specific product or business goal in mind. This is a new part of Symantec Research Labs, which the Cupertino, Calif., software maker aims to expand.

Last week, for the first time, the company showed off its Symantec Research Labs to press and analysts, at two events.

"We have a critical mass now for the organization," said Mark Bregman, Symantec's chief technology officer. "This is a little bit of a coming out event."

Symantec research labs

Symantec Research Labs is much smaller than the research arms of Hewlett-Packard, IBM or Sun Microsystems, for instance. But after the merger with storage software maker Veritas Software, Symantec feels its research group has come of age and is worth showing off to the outside world.

Both Symantec and Veritas had research activities prior to their merger earlier this year, but the combined company is making research a higher priority. It is investing more resources in the group and is more aggressive about the development of technology in-house, rather through acquisitions, company executives said.

"This is really the only team inside the company whose scope of focus essentially doubled with the acquisition," said Stephen Trilling, the vice president in charge of all research activities as Symantec.

Down to basics
Symantec Research Labs has about 50 people who work in Mountain View and Santa Monica, Calif., and in Pune, India. Spertus is the only one doing fundamental research, while the others work on projects more closely related to Symantec's business.

Symantec spends about 15 percent of its annual revenue--estimated to hit $5 billion on non-GAAP basis for the current fiscal year ending in March--on research and development. The company spends less than 1 percent on its Symantec Research Labs. The balance of the money goes to product groups for their research and development.

"My goal is to grow Symantec Research Labs pretty aggressively," Bregman said. "We will grow the research budget faster than revenue growth." In the next year or so, Bregman said, he hopes to add about 10 people to the organization, including top-notch investigators who do the type of fundamental research Spertus does, he said.

The group helps Symantec improve its technologies, but also helps the company retain and attract talent and expand its patent portfolio, Bregman said. Symantec has about 200 patents today, and about 1,000 are pending, the company said. This week, it will host a patent award dinner with CEO John Thompson to reward its inventors.

While patents are a payoff for researchers, the inclusion of technology in products is the biggest prize, Trilling said. Symantec Research Labs has had many successful "tech transfers," he said.

"Tech transfer, in some sense, is the ultimate measure of our success--the Holy Grail of what we do as far as our contribution to the company," Trilling said.

Hits from the lab
The labs' successes include the network connection manager that now ships as part of NetBackup. When it comes to security, the researchers made improvements in antivirus detection and built technology that blocks threats by creating a signature of a software security flaw, rather than of the malicious code that exploits it, Trilling said. Security products check these signatures against a list to recognize incoming threats.

Last week, Symantec demonstrated three projects its researchers are working on now: a database audit and security appliance; new software to create a virtual single data store; and a fault tolerance system that comes to the rescue in a case of application failure.

None of the projects is ready to be sold as a final product, but the database audit and security appliance is being tested on the networks of real Symantec customers. The system is part of Symantec's "Advanced Concepts" group, which fills a gap between research and actual products. It could be offered as a product when the market is deemed ready.

"The intent of Advanced Concepts is to do projects we feel don't face many hurdles from a technological perspective, but where there is some uncertainty from how this is going to play out in the market," Trilling said.

The database audit and security appliance plugs into a company's network and logs all traffic to databases on that network. The log can aid companies in their audit and compliance programs, but the appliance also flags anomalous queries. These queries could be a sign of an attack or an insider accessing data he should not have access to, Symantec said.

Because it watches traffic going in and out the database, the appliance can alert a user to attacks that conventional security products might not see. "Even with the most robust database protection, a single compromised password can result in a devastating attack," said Gerry Egan, a product manager for Advanced Concepts at Symantec Research Labs.

Researchers in India are working on StarFS, the catchy name for new software that is designed to solve the nightmare of dealing with multiple file servers in different locations. StarFS runs on top of existing file systems and creates a single virtual data store, making many servers appear like a single drive on a user's PC.

"StarFS could provide a new market for Symantec. Traditionally, we are targeting databases, one datacenter, tight clusters and big Oracle systems," said Navin Kabra, the senior principal software engineer at Symantec Research Labs.

Guenter Roeck, an advisory engineer in Symantec's labs, is working on a project called Software Fault Tolerance. The software promises a nearly seamless failover without any data loss in case of an application failure. That includes data on transactions that were in progress when the application failed, Roeck said.

"It is almost like beaming the application from one machine to another from a process perspective," he said. Current clustering and high-availability products start the application on a different machine in case of failure, but transactions that are in progress may be lost and the client may lose the connection, he said.

Both StarFS and Software Fault Tolerance are still in the research stage, but the researchers are talking with the product teams.

With a stronger research group, Symantec can dispel the image of a company that has to rely on acquisitions to innovate. The company's buying spree might have something to do with that. Aside from the Veritas merger, this year's takeovers include antiphishing company WholeSecurity and compliance specialists BindView and Sygate.

"We actually do spend a lot of our time thinking about creating options for the future," CTO Bregman said. "To some extent, there is a perception that Symantec and Veritas are reactive acquirers. I would dispute that."

Close
Drag
Autoplay: ON Autoplay: OFF