This morning Intel announced plans to buy security vendor McAfee for $7.7 billion, valuing the company at a 60% premium over their market cap as of closing-time yesterday. The valuation is about 5 times the last trailing four quarters’ revenues, which is about typical for M&A deals in the security industry, and it suggests that both parties negotiated well. The price is not so high that it makes Intel look like Daddy Warbucks, but not so low that it looks like McAfee was desperate to sell.

But of course “a not so high price” is all relative. Nearly $8 billion is a lot of money. What on earth does Intel expect to get for all of the money it is spending on McAfee? I’ve been scratching my head over this, and despite McAfee CTO George Kurtz’ helpful blog post, I am still struggling to figure this one out. Let’s look at some of the stated rationales for the deal:

  • Intel wants in on the mobile market. According to the coverage of the deal in Bloomberg, the McAfee acquisition is about mobility. Raymond James analyst Hans Mosesmann argues that “[Intel’s] ability to be successful in the non-PC market, and even in the PC market, is going to depend more on system solutions, and security is becoming a really big deal.” Intel apparently agrees, telling the BBC that “today’s security approach did not fully address the billions of new internet-ready devices, including mobile and wireless devices, TVs, cars, medical devices and cash machines.”
  • Security wants to be embedded in silicon. George Kurtz argues that the threat landscape has become so deadly that hardware-based solutions are needed: “Given the current challenges in dealing with the proliferation of virulent malware, bringing software closer to silicon will provide a real advantage for consumers and businesses. Beating back the tide of malware proliferation by changing the game on the bad guys is an exciting proposition.”
  • Intel moves closer to becoming a systems supplier, not just a chipmaker. New York Times reporter Ashlee Vance notes that “Intel builds a variety of security functions directly into its chips and has offered its customers ways to tap into the tools. The McAfee technology would sit a couple layers above Intel’s existing technology and perform a much wider array of functions.”

These arguments have their merits. Everyone agrees that mobility is huge, and that the post-PC market will eventually eclipse today’s PC market. Indeed, Forrester data shows that the crossover point is this year. Intel knows this, so it wants to plant a flag in the mobile security space it believes will be necessary to protect these new devices. Moreover, I can understand why Intel feels it ought to be baking more capabilities into silicon: it helps differentiate its chips against rivals AMD and ARM (via its licensees). Adding more functionality to core offerings as a way to entice buyers to upgrade to their platform is a classic strategy that Intel’s acquisition target (McAfee) has been perfecting for years with its desktop anti-malware suite. That product started as a humble virus scanner. Today it includes anti-spyware, a host firewall, data leak prevention, host intrusion prevention and much more. What McAfee has done on the desktop, Intel intends to do “inside,” on its silicon.

But I see four problems with Intel’s strategy (at least as much as I can glean, so far):

  • Neither Intel nor McAfee are serious players in the mobility market, and this deal doesn’t improve their prospects. In the mobile market, Intel has had its lunch eaten by ARM Holdings, a company whose energy-effiicient designs have underpinned the chips of choice on mobile devices like Apple's iPad. And for McAfee, it has recently acquired two mobile security companies — Trust Digital and tenCube. McAfee also (earlier) bought Solidcore for the embedded market, a move that looks savvy in hindsight. But speaking charitably, neither of these most recent two acquisitions will be (as the equity analysts like to put it) “accretive to earnings or revenues” in the short to medium term. That is to say, mobile security won’t be much more than a few percentage points of McAfee’s overall revenues. McAfee deserves credit for thinking outside the PC box, but its execution in this area is, at best, in the early stages.
  • Intel’s hardware platform strategy will not work. Most enterprises take the least-common-denominator approach to managing their computing assets. This is largely because refresh cycles cause hardware platforms to stick around much longer than software-based ones: it is easier to push down a software update than to pull a motherboard. I am not convinced that a hardware-based strategy for security will resonate with enterprise buyers. If you need convincing, ask yourself: how many of the PCs in your organization run Intel vPro-capable hardware? Don’t know the answer? Right: this is exactly my point. Despite Intel’s efforts to add more differentiating “professional” features on and around their core processor silicon, these are seen as a bonus, rather than the centerpiece of enterprise management strategies. It is hard to see how “McAfee Inside” would work out any differently.
  • Intel doesn’t understand software. Perhaps the most troubling part of the McAfee deal is the prospect that they will mismanage their new division into irrelevance.  Intel’s track record with deals further up the stack are patchy at best. In 2005, Intel bought Sarvega, a hardware-and-software play in the XML processing segment. Today, it is irrelevant. In 1991, Intel bought LANDesk as the centerpiece of its DMTF strategy. Remember what DMTF stood for? (No penalty for not remembering:  it stands for Desktop Management Task Force.) LANDesk was sold at the height of the dot-com boom, and it has been bought, spun off or sold three times again. Now Intel wants to get back in the software game again. Again, how will this be any different?
  • The security aftermarket will be very different on Post-PC devices. PC devices, and by this I mean those running Windows, have long needed third-party security vendors to help secure the platform. Early versions of Windows, and even current ones, were not designed with security in mind. Even though Windows 7 is much improved compared to Windows XP, 95 or 2000, the core OS is still based on the Win32 foundation, a twenty-year-old legacy that was designed to run on “everything.” Contrast that with the highly sandboxed, compartmentalized, digitally signed “apps” model of the BlackBerry OS and Apple’s iOS. With these two operating systems, you don’t need on-board anti-virus, or HIPS, or anything else — and if you do, it is because Apple or RIM have screwed up. Both of these vendors are taking responsibility for their platforms in totality in ways that Microsoft never did, or could have. Neither iOS nor BlackBerry OS depend in any way on hardware capabilities Intel or anybody else could bring to the table, other than the root-of-trust embedded in the handset. All of the security differentiation is in the OS. And that, frankly, is where it belongs.

All of which leads me to conclude that while Intel’s stated rationales for doing the McAfee deal are very forward-looking, its likely actual revenues are mostly about the past. If Intel wants to grow the franchise for protecting PC platforms, the McAfee deal is a great acquisition. But if you view today’s security aftermarket as something that ought to be better left in the ashbin of history, where security is baked into operating systems, this deal is more of a head-scratcher. In that light, Intel’s purchase of McAfee is a lot like a horseless-carriage vendor buying a leading supplier of buggy-whips.

What does this mean for Forrester customers? Given the risks associated with this deal, enterprise customers should be wary of making long-term commitments to McAfee until Intel’s intentions are clearrt. It would be best if McAfee was left to manage itself, largely as a stand-alone company. That said, Forrester has spoken to many McAfee customers in the last several months that have been upset with McAfee’s handling of the DAT file problem from April, which caused widespread service outages. We expect that customers that have already been angling to jump ship will use this deal as an excuse to accelerate those plans.