European rivals turn wary eye on Microsoft

Companies such as F-Secure, Panda Software and Sophos are taking a low-key approach, unlike their U.S. counterparts. Cupertino, Calif.-based Symantec, in particular, has been vocal in its opposition to Microsoft, even sending executives to Europe to talk to reporters about how it fears the software giant will undercut security rivals with Windows Vista.

That doesn't mean, however, that the Europeans don't share the concerns that have been voiced by Symantec, McAfee and others.

"We should regard Microsoft's entry into this space as a threat," said Josu Franco, director of corporate development at Panda Software in Bilbao, Spain. "Microsoft is trying to leverage its monopoly in the desktop to compete in the antivirus space, and we should call that abuse."

Europe is a key battleground for Microsoft as it gets ready to ship Vista, the successor to Windows XP that is slated to be broadly available in January. The European Commission has already warned Microsoft to stick to its competition rules--in particular, those that prohibit abuse of a dominant market position. Microsoft continues to seek out what's permissible in Vista.

Europe has many small companies that sell antivirus and other security products. Some are concerned that they face the same fate as Netscape, the venerable browser company that saw its business evaporate after Microsoft added Internet Explorer to Windows.

"All of them are concerned, and should be," said Thomas Raschke, a Hellerup, Denmark-based analyst at Forrester Research. "The security market, and particularly the most mature areas like antivirus and firewalls, is maturing and consolidating rapidly. Many of the companies will either have to join forces or disappear."

The Netscape effect
While security software and Web browsers are obviously different, Microsoft's intentions are the same and hold an equal risk for security, Franco said.

"I don't think that anybody would say that having Internet Explorer on over 90 percent of desktops has been good for consumers in terms of innovation, user choice and especially in security. We all know that this monoculture in browsers has been bad," Franco said.

But Microsoft maintains that it can't protect Windows on its own and that other security companies are important.

"We don't believe that Microsoft can solve this problem by itself, and we need the industry's support in this effort," said Adrien Robinson, a business development manager at Microsoft. "The more that we can do with partners, the better for our customers."

Security software and features have emerged as the hottest topic among a number of concerns with Vista, which will come with added security technology. At the same time, Microsoft is pushing into the security space with a new product for consumers, Windows Live OneCare, and is working on protective business products under the Forefront brand.

"As long as Microsoft allows equal access to the operating system, we can differentiate," said Steve Munford, CEO of Sophos, a security company in Abingdon, England. "We have to make sure that we have a broader and more comprehensive strategy than Microsoft."

Symantec, which leads the worldwide antivirus software market, has been loudest in raising the alarm over Vista and Microsoft's entry into the security arena. CEO John Thompson earlier this year warned of a future where all security applications are provided by Microsoft.

"The concerns from the U.S. companies are real," said Risto Siilasmaa, chief executive officer at F-Secure, based in Helsinki, Finland.

Pricing concerns
Predatory pricing is of particular concern, said Siilasmaa. "If Microsoft starts to offer their solutions at significantly reduced price levels to gain market share, and then plans to raise prices again after a few years, that obviously is a business issue all the companies have to tackle," he said.

Microsoft could change the game on pricing, Munford agreed. "You always think about predatory pricing, but I have not seen any evidence of it," he said. Siilasmaa also said he hasn't yet seen any signs that the software giant will sell its products at artificially low prices in order to harm rivals.

In the short term, Microsoft's entry into the security industry might mean lower prices, but that isn't necessarily good for software buyers, Franco said. "We would think that Microsoft tactics to compete in this space will ultimately hurt consumers," he said.

The software giant has introduced its Windows Live OneCare in the U.S., but the consumer security product is not yet available in Europe.

In addition to a firewall, which was also part of XP, Vista will include anti-spyware software called "Windows Defender" and a new Windows Security Center that tells people the status of the protection on their PC. Security companies sell competing products.

Some of Microsoft's rivals have publicly complained about a feature called "PatchGuard" in the 64-bit version of Vista. Critics claim the feature locks out helpful security software, while Microsoft says it is designed to guard core parts of the operating system against attacks.

Meanwhile, other concerns that Panda, among others, have raised include the possibility that Microsoft could use its huge presence on desktops to promote its own security software. For example, it already advertises Windows Live OneCare on the default "Welcome Center" in Vista, which appears after the PC starts up.

Lunch invitation
In addition, Microsoft's own security products could benefit from better access to Windows. After all, the people who develop those products work in the same place as those who are building the operating system, several security companies pointed out.

"They will use any trick they can to link their security products to the operating system. Not everybody will be on an equal footing," Franco said. "They are in a better position to align their operating system and their security applications. They have the original access, not the early access."

Microsoft, however, argues that its own security product teams are on an equal footing with third-party software makers.

"We're not treating OneCare or Forefront differently than we're treating them. They're getting the same level of access," Robinson said. "Anything that OneCare or Forefront is using, any third party has access to that as well."

Rival security software makers are even welcome to come eat lunch in Microsoft's cafeteria and meet the product teams, she said.

"There is the fact that we are Microsoft and we're all sitting here in Redmond, but at the same time we do give access to ISVs (independent software vendors) here on campus, and they can come at any time to meet with the different product teams as well as have lunch in our cafeterias," Robinson said.

But Panda's Franco feels partners have been "fooled" too long by Microsoft's talk of partnerships. "If you really want better consumer security, there should be trust between Microsoft and its partners in security. Right now, Microsoft being a competitor, how do you build trust? There are too many conflicts," he said.

Playing fair
Sophos is a Microsoft partner and works with the company on several products. Munford believes Microsoft won't engage in any anticompetitive practices--it is more interested in selling Windows and Office, not security software, he said.

"I would say that Microsoft is very conscious at playing fair and making sure that what they are doing in the operating system does not give any unfair advantage," he said. "Microsoft is open to dialog with security vendors. At the end of the day, Microsoft is not interested in putting security vendors out of business."

Indeed, Microsoft doesn't intend to harm anyone in the security industry, analyst Raschke said. It has been forced to address security, he said, "or their products would not take off. Security is often the No. 1 inhibitor."

Computer security in depends on variety and innovation in security software, Commission spokesman Jonathan Todd told CNET News.com earlier this month.

"Microsoft's design of the security features in Vista should not put this diversity and innovation at risk. This might occur if reputable third-party security vendors, which have proven experience in addressing security problems, are prevented from competing on an equal footing," he said.

Panda has presented its case before the European Commission, but Franco would not say whether the company has filed an official complaint.

F-Secure has not yet spoken to the regulators, Siilasmaa said. "We trust Microsoft will do the right thing, and if they don't, everyone will be talking to the Commission," he said. "I believe that Microsoft will come to understand and accept that, and they will change some of the plans they have regarding Vista."