Mazu scores VC lifeblood from Symantec, others

Mazu Networks, the Cambridge, Massachusetts, network intrusion prevention system (IPS) technology company, has secured another round of venture capital funding, including a stake from security software giant Symantec.

Mazu announced that it was receiving another $12 million in Series C funding from a host of existing investors, and that Symantec signed on as a new strategic partner. The deal is also the second major investment by Symantec in intrusion detection and prevention technology that has come to light in the last week, and shows the company increasing its interest in technology that can spot and prevent infection by worms and viruses without using signatures created from captured samples of malicious code.

The latest round of funding brings the total investment in Mazu to $35 million dollars. Existing investors, including Greylock, Matrix Partners, Pilot House Ventures, and StarVest Partners, put up the majority of the new capital, though Mazu declined to reveal specific numbers. Mazu plans to spend the cash infusion on beefing up its sales force and partnerships, and on product development, according to Tom Corn, Mazu's vice president of business development and marketing.

Mazu will increase the size of its sales force, invest in its direct and indirect sales channels, and focus on signing partnership deals. Following an active year, and with interest in its products growing, Mazu plans to use the new funding to put more "feet on the street" to sell Mazu's technology, Corn said.

Mazu's Network Profiler enables organizations to dynamically identify worm and virus infections and use routers and switches on a network to quarantine infected machines. Mazu's products can also model the impact of network policy changes, to determine the best way to mitigate a threat without disabling other critical network functions. The Mazu Enforcer is a network denial of service (DOS) attack prevention product that uses heuristics to analyze traffic at the network perimeter and filter out network packets associated with an attack.

Symantec was interested in Mazu because it is a player in a hot new security market that complements Symantec's existing products and services, Corn said.

Symantec sells an integrated security management solution that ties together point products with the Symantec Enterprise Security Architecture (SESA). Mazu is working on integrating its products with the SESA 2.0 architecture, so that raw data and alerts from the Mazu products can be sent to Symantec's SESA management platform.

"We think there's a lot of potential areas of complement. Symantec is a powerhouse in security and has been moving into network security, not just desktop security. There are a lot of complementary elements for us," Corn said.

A number of leading security companies have moved recently to bolster their IDS technology, as organizations pressure vendors to provide proactive, rather than reactive, protection against viruses and worms.

On Dec. 3, Symantec signed an agreement to buy Platform Logic, maker of the AppFire host-based intrusion detection software, for an undisclosed sum. That deal, which Symantec has not publicly announced, will give the company new technology for blocking unknown, or zero-day, exploits, Trojan horse programs and spyware that hide on network servers, desktop and laptop computers, according to an e-mail message that Symantec sent to industry analysts informing them of the deal and that was obtained by IDG News Service.

Symantec competitor McAfee also invested heavily in intrusion detection in April 2003, when it laid out $220 million for two San Jose, California, companies: IntruVert Networks, a maker of hardware-based firewalls and network intrusion detection systems, and Entercept Security Technologies, which made host IPS technology.