Ironically, Benjamin Aronson has to sneak
in through a back door to sell security appliances to small and midsize
No, he's not hacking into their systems to prove they're vulnerable.
But his attempts to sell security products directly often fail. "When
they hear security, they see dollar signs," says the president and
CEO of solution provider Aronson & Associates. "A lot of small-business
owners still believe these appliances cost thousands of dollars and that
they have to monitor them to keep them up to date."
Most of them, however, have heard enough nightmarish stories about a
company losing critical data due to some disaster that they will buy backup
and disaster recovery solutions. So Aronson sells them the data protection
they want, in the form of SonicWall's continuous data protection (CDP)
product, thus getting his foot in the door. Then he starts nudging it
open a bit more.
"What I've found is that people to whom I've sold a SonicWall CDP,
I'm also able to sell a SonicWall security appliance," he says. "I
do a little evaluation and talk to them about the benefits of security.
I'm able to show them how inexpensive it is and how grand the protection
is. That makes the sale so easy."
Too Many Choices
Although SMBs need security as much as larger businesses do, they can
be overwhelmed with the choices and management of ever-changing components:
network firewalls, intrusion detection, content monitoring, antispyware,
antispam and more. Although manufacturers have introduced unified threat
management (UTM) appliances that combine many security functions, "UTMs
haven't taken off to the extent that people thought they would,"
says Natalie Lambert, analyst of client security and client management
at Forrester Research.
Today, stand-alone security appliances still dominate in the SMB market,
she says, because of their low cost and simplicity. More integrated products,
however, are rising in popularity. A recent Forrester study found that
30 percent of SMBs want security provided by an all-in-one device, and
24 percent want the functionality integrated into networking gear.
"What we're seeing is a convergence between the two (the stand-alone
device and the UTM), particularly in the SMB space," says Joe Levy,
chief technology officer at SonicWall. Some traditional UTMs are expensive
because they weren't originally designed as integrated appliances, he
says. In contrast, SonicWall designed its appliances from the ground up,
creating a basic engine for a line of products that range from the low
end to the high end. "We have a sub-$500 product that has the same
set of UTM capabilities as a product that's more than $10,000," he
But any one preconfigured product is unlikely to fit the needs of all
clients. The best strategy for solution providers is to study various
manufacturers' offerings and build their own portfolio of best-of-breed
security products, says Chris Squier, technology solutions engineer for
security at Ingram Micro. "I recommend that resellers leverage their
manufacturer and Ingram Micro contacts for information," he says.
"You should understand what works and what doesn't ... and when you
find the vendors that you like, that's what you lead with" when a
client needs specific solutions.
For Ingram Micro customers, the choices are many: Ingram Micro carries
UTM appliances from Check Point Software Technologies, Cisco Systems,
Juniper Networks, McAfee, SonicWall, Symantec, Trend Micro and WatchGuard
|Building Your Own Appliance
Network Engines has launched a product that lets solution providers
offer their own branded security appliances.
Until now, the company has sold its hardware primarily to software
companies that wanted to bundle their applications with hardware
and sell them as stand-alone security appliances. But in early 2006,
Network Engines launched a security reference platform that allows
solution providers to build their own appliances.
Called the Microsoft-powered Enterprise Security Appliance, it
comes preloaded with Windows, Microsoft's Internet Security and
Acceleration (ISA) server -- an integrated edge security gateway
that includes a firewall, VPN and caching -- and the Network Engines
Web-based Services (NEWS) management application, according to Hugh
Kelly, vice president of worldwide marketing at Network Engines.
A solution provider who frequently bundles two security applications,
such as web filtering with antivirus software, can easily create
his or her own turnkey appliance.
"The advantage to solution providers is that they don't have
to do manual work in the field," Kelly says. "That reduces
the cost to deliver the service to the customer."
Darren Patoni, president of The I.T. Workshop, has built a good business
by customizing security products to suit the exact needs of each client.
As an example, integrating content filtering into the gateway is great
for educational institutions that want to protect school kids from questionable
content. But for a large business with 1,000 users or more, content filtering
on the gateway could inhibit performance. Patoni likes the Secure Services
Gateway (SSG) firewall from Juniper Networks because it integrates several
functions but is also flexible.
The product is an integrated firewall, VPN and router, with optional
wireless interfaces. VARs can add functions as the customer needs them,
says Stephen Philip, Juniper Networks' senior director of security product
"Solution providers want to put their customers onto a flexible
platform, so that when the customers come back in a year asking for antivirus
or antispam, they can say, 'The platform I put you on can actually do
that. We just need to get you a subscription,' " Philip explains.
That builds trust and helps the solution provider become a proactive secur
ity advisor, adds Doug Erickson, Juniper Networks' director of worldwide
alliance and channel development. "As you get more in-depth with
your SMB customers, they need you to act more as the IT arm for that SMB,
and they require many more of your professional services."
In fact, solution providers can play a key role in educating SMBs about
the basics of security, says Squier of Ingram Micro. Offer classes for
their users and training in security best practices. "You start with
offering those things as services, and what happens is you start to become
a trusted advisor," Squier says. "Then they're not going to
bicker with you over price because they realize you are a partner with
them and that you're taking their security needs to heart."