Symantec has agreed to buy Blue Coat for US$4.65 billion. The deal attempts to solve several challenges for Symantec, including moving into higher-growth product segments and bringing in new executive talent. Blue Coat’s current CEO, Greg Clark, will run the combined company.
With the acquisition of Symantec, Blue Coat will immediately benefit by avoiding the distractions of an initial public offering, which it was well on its way to executing. According to the company’s IPO filing, it lost US$289 million in the 12 months that ended on April 30, 2016. This was roughly the same loss (US$271 million) as in the previous fiscal year.
In the long-term, Blue Coat will acquire impressive threat intelligence assets through Symantec’s 175 million managed consumer and enterprise endpoints. The deal will take several quarters to close and much longer to fully monetize, but expected priorities include integrating Symantec’s threat intelligence and DLP products into the Blue Coat portfolio.
The combined company will have annual revenue just shy of the acquisition price: US$4.4 billion. For the fiscal year ending April 30, 2016, Blue Coat reported US$598 million in revenue. That would make the purchase price approximately eight times the revenue, which is well within the typical range (five to ten times) for security acquisitions.
Both Symantec and Blue Coat have been in transition over the last several years. Blue Coat has made several important acquisitions to expand its portfolio and was sold to Bain Capital in 2015 for US$2.4 billion. Earlier this year, Symantec finally sold off its Veritas storage assets for US$7.4 billion. Symantec has been trimming its workforce and portfolio and had previously announced plans to procure US$400 million in cost savings by next year. That strategy is still in play, and Symantec has announced that it expects to find an additional US$150 million in savings as a result of cost synergies with Blue Coat.
Perhaps counterintuitively, Symantec is raising US$2.8 billion in debt to finance this deal. This is because the company is continuing the US$5.5 billion capital return program announced in March 2016, and it plans to complete that program by March 2017. Bain Capital and Silver Lake, which invested US$500 million in Symantec in February 2016, have both agreed to make investments in convertible notes to help finance this deal, which is expected to close in Q3 CY2016.
Both vendors are well established and own a host of product sets. At a high level, Blue Coat is known as a web and cloud security vendor, while Symantec is known as a data loss prevention (DLP) and endpoint protection (EPP) vendor. Blue Coat products have typically focused on the enterprise, while Symantec’s products have traditionally focused on consumer, SMB, and enterprise segments.
Each vendor brings its own product strengths to the merger. Blue Coat’s secure web gateway (SWG) and Symantec’s EPP offerings lead the way, but there is also synergy from a cloud and mobile security perspective.
Product overlap between the two vendors is relatively small but worth noting. Both vendors offer encryption technologies. Symantec’s Certificate Authority (CA) and encryption for data at rest complements Blue Coat’s SSL visibility appliance, which is a top player in the encryption market; its leading competitors are A10 Networks and Gigamon. Symantec has a large services organization, including Managed PKI and Incident Response. Additionally, Blue Coat partners with Attivo Networks and TopSpin Security for deception technologies, while Symantec does not offer a deception technology product.
On paper, this merger appears to provide go-to-market synergies, allowing cross sell opportunities for Fortune 2000 customers in content security and also bringing Blue Coat’s web security down-market, where it has scant presence among SMBs. Symantec claims some 370,000 total customers, while Blue Coat has approximately 15,000 customers.
However, the current health of Symantec’s channel ecosystem following the Veritas split is unclear. Symantec was reportedly already seeing some shrinkage in its base of channel partners over the last few years as a result of turmoil within the company and a lack of focus on those partners.
Complicating efforts to win back Symantec channel partners is turnover in the company’s sales executive ranks. Symantec’s EVP and General Manager of Global Sales and Operations Adrian Jones left the company last fall. As a highly respected channel executive, Jones was instrumental in building out the company’s channel team and breathing new life into its channel programs.
Still, the matchup positions Symantec as the industry’s leading cloud security provider, thanks to the build-out of Blue Coat’s web security as a service (SaaS) offering combined with the cloud-based content security that Symantec previously acquired with MessageLabs. And Symantec can bring Blue Coat’s CASB acquisitions, Elastica and Perspecsys, to a much broader channel. Given the stronger adoption of cloud computing by SMBs, the merger could help to renew channel interest.
Integration is obviously the biggest hurdle to overcome. In the first year, one would expect the two organizations to avoid massive change and focus on customer retention and channel consolidation. Symantec specifically is well known in the industry for rapid acquisition, but it has an equal reputation for slow integration. As previously mentioned, there is also minor product overlap to contend with.
From an overall platform play, it is possible that other small acquisitions will take place. But Blue Coat will need to determine where Symantec technology and sales execution have been lacking. Symantec has some fairly competitive enterprise mobility management products, for example, but has been unable to gain much traction in that space.
Follow us on Twitter (@NSSLabs) to keep informed as new research is released.