In Oct. 2006, the company announced that it would begin licensing anti-virus technology from Sophos, a vendor with which it has historically competed for enterprise dollars. During the same month, the company entered an OEM pact with security gateway specialist IronPort Systems, which has since been acquired by Cisco Systems, to provide its anti-spyware tools in IronPort's Web security appliances.
The deals not only allow Webroot to drive more revenue, but also give the company a foot in the door with customers who already eschew individual point products, said Chief Executive Peter Watkins. Surviving as a provider of a single breed of security tool has become a challenging prospect, he admits.
"We're seeing somewhat schizophrenic behavior from customers, who tell you that they want a best-of-breed answer to a problem but want it integrated together with other technologies and designed to be simple to use and implement," Wakins said. "We've made our mark in best-of-breed anti-spyware but customers are telling us they wanted integration with anti-virus so we added Sophos. With IronPort, both partners get to be in a market they otherwise wouldn't be in, which is very beneficial to both companies."
The challenges of striking out with the OEM strategy are multiple, but can be managed through careful partnering, the CEO said. Along with attempting to synchronize product release schedules and keep partners on the same page, vendors must make sure that they are not "cannibalizing" their own market, or potentially cutting demand for their stand-alone products via the deals.
Companies embarking on OEM deals must also ensure that their partners haven't over-extended themselves with too many relationships, and that they agree on certain issues regarding technological road maps.
"This trend will continue as the security market matures, because with so many product categories, there's really no way for one single company to provide on a level of excellence in all of the areas of the market," Watkins said. "There will be more OEM partnering to meet customer demands for best-of-breed and simplicity, and there may also be a nascent trend toward suppliers who operate primarily around an OEM business model."
Companies such as online storage back-up specialist Mozy, who primarily go to market via partners to eliminate expensive customer marketing costs, could create an opportunity for businesses who do not create their own security technologies but instead merely piece together and customize products from other vendors, Watkins said.
In a sense, major IT consulting companies have been doing the same thing for years.
For its part, Sophos said it will continue to seek out more OEM deals with providers such as Webroot and with appliance vendors. In addition to Webroot, the AV specialist has OEM deals in place with companies including Akonix, Finjan, IronPort, and WebWasher, among others.
"There has always been a desire among partners to use our technology in a way that it can be integrated into their operations, so we've always had a customer base that's been asking for this," said Ron O'Brien, senior security analyst at Sophos. "It makes sense because they see the efficacy of our products and realize that partnering is a smarter move when they weigh the cost of licensing versus trying to develop something similar."
Some experts believe that the security market is on the cusp of a wave of OEM partnership activity as vendors struggle to meet customer demands for integration and "fewer throats to choke" in regard to vendors.