Interview: IronPort's Scott Weiss
The CEO of IronPort systems talks about his company's acquisition by Cisco and why he sees no end in sight to the problem of spam.
May 24, 2007
Scott Weiss |
As an early employee at Hotmail before it got acquired by Microsoft, you've been deeply involved with the e-mail space. What's changed?
Back in the Hotmail days, Hotmail would go down for an entire day and people would give us the benefit of the doubt. It's not that they weren't bothered by it, but it wasn't as much of a utility as it is today. Today, it's national news if BlackBerry goes out for an hour.
Cisco announced in January it was acquiring IronPort. What will your role be?
My role will stay the same. IronPort will be a separate business unit within Cisco. I think they've done almost 130 acquisitions, and only three have been cast as separate businesses: Linksys, Scientific Atlanta and IronPort.There's a variety of reasons for that. When you have a security issue, you don't want someone saying, "What product are you using?" You want someone saying, "I know what version you're on." The ecosystem we created around customer responsiveness and our responsiveness to security threats is something Cisco wants to preserve.
Around 90 percent of the e-mail NWC gets is spam, and I expect it's similar for other organizations. What's going on out there?
There's a lot of innovation on the spam side. Image spam is a new threat that made it by a lot of legacy filters. The rise of the botnets has also been difficult. Before, you could isolate spammers as coming from illegitimate sources in Brazil or the Ukraine and block that source, but now most of the spam is coming from Comcast and people who have PCs hanging off a cable modem. You can't block Comcast or a major ISP.
I don't see an end in sight, unfortunately. Somebody asked me what the top exploits we'll see in 2007 would be. My answer was, "We have no idea." No one has any idea.
The antispam market will continue to consolidate because not that many people can keep up with the advanced techniques spammers are exploring. They can afford to bankroll hackers to put together new and innovative things we have to combat.
IronPort claims its reputation filtering stops 80 percent of spam without the need for scanning. Are spammers learning to thwart reputation filtering?
One way is through the bots. What I have seen--this is an outcrop of reputation filtering--is that people need to police their own networks. In many corporations we turn on spam scanning outbound, and they are shocked that their Fortune 500 company is a spammer. One reason is employees get infected with spyware and then have a spam-sending zombie coming out of the network.Inasmuch as spammers are finding ways around reputation filtering, companies want to take greater steps to protect their reputations; there's a movement afoot that's going to make reputation filtering more powerful once people take their reputations more seriously.
In 2006 IronPort acquired an e-mail encryption company and partnered with Vontu, a data leak prevention (DLP) company. How significant are the compliance and DLP markets for driving new business?
Not very. I look at both of these as applications that logically reside at the e-mail gateway. I see it as important, but it doesn't typically drive sales. The main driver for us is still antispam and AV efficiency.
You left Microsoft to found IronPort. Now that IronPort has been acquired, do you have your eye on a new venture?
I don't rule out getting back to a smaller company, but I'm running a significant and strategic business for Cisco and I'm going to stay put for the foreseeable future.0
You May Also Like