Data security appliance provider and Rule Breakers pick Secure Computing (Nasdaq: SCUR ) blew away estimates in the fourth quarter. Tim Beyers recently asked CEO John McNulty for an inside look at the business. Read on to see what McNulty has to say about his company's early days, its newest competitors, and why spam is far more dangerous than you think. This interview has been edited for length and clarity.
Tim Beyers: John, thanks for making time today. Could you begin with a heads-up on how the business got started?
John McNulty: Sure Tim. Secure got started inside of Honeywell's (NYSE: HON ) aerospace defense organization in the '70s. So our roots go back, I think, longer than anybody else in the security business. We were doing contract work for the Department of Defense and the Department of Energy for securing the computers of those days and, during that time, invented the concept of the firewall.
Then, in 1989, Honeywell was undergoing restructuring. They spun out Secure to a team of venture capitalists. Initial commercial products, if I recall the history right, were sold in like '92. But the firm existed from '89 to '92 on contract work for their historic customers and a few others.
TB: When did Secure become what it is today?
JM: That was with the initial public offering, which was completed in '95. It was one of the first Internet-related IPOs. I arrived in May of '99, after the company had a horrendous miss in Q1 of that year.
Secure had 15 products and kind of a throw-it-against-the-wall-and-see-what-sticks strategy. Inside of the first few months, we pared that down in a graceful fashion to the Sidewinder product, the SafeWord product, and our SmartFilter product.
In '99, Secure did $22 million in products and services but lost about fifty cents on the dollar. So it was a relatively small company, excluding contract work, which I exited in 2002.
TB: Interestingly, about 20% of the business has been federal. But it sounds like this is mostly historical business. Has it grown? Is there a risk of losing that? Usually when investors see such a large chunk coming from one sector or even one customer, it makes them a little nervous. How does it work for Secure?
JM: I think we have been running at about 20% for about the last seven years. And, actually, if you combine the U.S. with federal governments globally, we are probably a tad over 30%.
The U.S. government is very concerned about security -- specifically information security -- and we are the gold standard. Sidewinder has never been compromised as a firewall. By the way, it won the SC Magazine readers' trust award for best enterprise firewall this week, which we were very proud of because it obviously goes up against Cisco (Nasdaq: CSCO ) , Check Point (Nasdaq: CHKP ) , and Juniper's (Nasdaq: JNPR ) NetScreen products.
Our biggest segment of business from the U.S. federal government is the Department of Defense and the intelligence community. But we also provide products to the Department of Homeland Security, the FAA, and commercial departments of the government. No single department is over 10% of the business.
TB: Great. Can you tell me a little bit about "unified threat management"? We have heard that term a lot. There are multiple companies that use it. When Forrester talks about you, it uses that phrase. Tell us how you define it and what is the best way to think about it if you are an investor?
JM: IDC coined the term, probably three years ago. At the time, it said it was no less than a firewall with intrusion detection and anti-virus. But we have gone away from the term. We've positioned ourselves as the enterprise gateway provider. Think of a doorway into the network that leads to applications and data, which is really where the gold resides in an enterprise. The enterprise gateway is the door.
There are hundreds of different types of traffic, but they fundamentally break down into applications, network applications, messaging, and Web traffic. Hence our Web gateway, messaging gateway, and network gateway capabilities. So, enterprise gateway is about 90% of the business, of which unified threat management is a component. The remaining 10% is in identity and access.
TB: But when you discuss Secure on your conference calls, you say that network gateway tends to be a big piece of your business. But now you're classifying all the business, outside of ID and access management, under the more generic "enterprise gateway" moniker. Does that mean Sidewinder is no longer responsible for the vast majority of revenue?
JM: All of our products work together. But we sell the Sidewinder appliance, which was the biggest revenue producer for us in the last year, certainly in the last quarter, in many different flavors. For example, we had one big customer that ran benchmarks that found that the best filter on the marketplace was Sidewinder running SmartFilter. And this was a large Internet service provider doing a six-figure deal.
So they were not using the firewall component -- they simply ran the Sidewinder appliance with the hardened operating system so it is ultra-secure with SmartFilter on top of it. They got the best price-performance throughput for that.
That highlights, Tim, how difficult it can be to classify that business. Is it all SmartFilter because that is the product they are using? Or is it Sidewinder because they are not using Sidewinder appliances?
The truth is that it is very hard to differentiate and compartmentalize the revenue. That's why we're now giving guidance as enterprise gateway and IAM. But Sidewinder was, last quarter, the biggest component. It generated $28.8 million of billings. Next largest was the messaging gateway, which was $20.9 million.
TB: Got it. Now I want to talk about TrustedSource, which you acquired from CipherTrust last year. I read an interview where you said that there were a lot of people knocking on CipherTrust's door and that you didn't want to do the CipherTrust deal when you did but also that you felt you had no choice. As you explain what TrustedSource does and how it does it, maybe you can address why you felt that CipherTrust had to be part of Secure Computing?
Want to see the rest of the interview and get full access to Rule Breakers? Click here to try the service free for 30 days. There's no obligation to subscribe.
Fool contributor Tim Beyers is a sucker for growth stocks and a regular contributor to Motley Fool Rule Breakers service. Tim owns shares of Secure Computing. All of his portfolio holdings can be found at Tim's Fool profile. His thoughts on growth stocks, Foolishness, and investing in general may be found in his blog. The Motley Fool's disclosure policy is your best defense against Wall Street's worst.