Denny says Gigamon "contradicted Gartner", and "Gartner was dead wrong". This is my space, too. All due respect, Denny, but, not so sure of your policework there.
Gartner predicted the demise of the standalone "intrusion detection system". Denny's product is enabling infrastructure for network monitoring and network security tools. It's not an intrusion detection system; it's lower on the value chain than that.
The market for intrusion detection systems, which are sold almost entirely to enterprises, evaporated in the 3 years following that Gartner report. There were several hundred million addressable dollars of it in 2003. Now there may be 50.
You probably don't care about this. But what you might care about is, there's a difference between bootstrapping a company into a 15MM/yr niche and funding a company to go after a billion dollar market. The former has an outcome like nCircle's, where you limp for the next 5-10 years of your life. If you do well, you get a "lifestyle company". The latter has an outcome like SourceFire, which involves private jets.
Lifestyle companies are great. But they don't have promising exits. The "Paul Graham Way" involves exits; murder yourself for 2 years, never work again. This is more the "Joel Spolsky Way"; end up with private offices, a 4 day work week, and an Aeron chair.
We've been bootstrapping for a couple years now. It's definitely cost us time, and we have the constant hazard of falling into a lifestyle company. I'm not saying one approach is better/worse than the other. But if you're selling to enterprises, ignore the analysts at your own mortal peril.
Well written. As someone who works for a major IPS vendor - I can point out one more area in which Gartner was way off. Namely, the market sizing for the IPS industry. We are #1/#2 in the industry in terms of market share and by extrapolating from sales graphs and such it seems that IPS is nowhere close to the billion dollar market that Gartner said it would be. Another distinction that is obvious to an engineer but not to an analyst/VC type is that IPS is just a marketing buzzword. IPS = IDS with the option to drop packets and block flows. As for your comments on ncircle, I agree that they are limping. But I am not so sure they're addressing a niche any longer. The vulnerability assessment people (worked for one of those as well) are busy going after the compliance market -- which doesnt seem like so much of a niche given the kind of $$ enterprises are spending on SOX.
I kind of said the opposite: Gartner was right, and people stopping buying IDS. By your market share assertion, you either work for McAfee or TippingPoint; the combined IPS rev for McAfee, TippingPoint, IBM, and SourceFire is over $500MM.
I'm an engineer too, and I get that IDS and IPS are basically the same thing in different form factor, but product packaging, deal structure, and go-to-market are just as important as whether your pcap_loop hooks up to a switch fabric shared memory buffer or the BPF driver.
Sheer unstoppable excellence will always be valuable, but controlling for that, an IDS company (or a company tied to the fortunes of the IDS market) is a bad bet.
Gartner predicted the demise of the standalone "intrusion detection system". Denny's product is enabling infrastructure for network monitoring and network security tools. It's not an intrusion detection system; it's lower on the value chain than that.
The market for intrusion detection systems, which are sold almost entirely to enterprises, evaporated in the 3 years following that Gartner report. There were several hundred million addressable dollars of it in 2003. Now there may be 50.
You probably don't care about this. But what you might care about is, there's a difference between bootstrapping a company into a 15MM/yr niche and funding a company to go after a billion dollar market. The former has an outcome like nCircle's, where you limp for the next 5-10 years of your life. If you do well, you get a "lifestyle company". The latter has an outcome like SourceFire, which involves private jets.
Lifestyle companies are great. But they don't have promising exits. The "Paul Graham Way" involves exits; murder yourself for 2 years, never work again. This is more the "Joel Spolsky Way"; end up with private offices, a 4 day work week, and an Aeron chair.
We've been bootstrapping for a couple years now. It's definitely cost us time, and we have the constant hazard of falling into a lifestyle company. I'm not saying one approach is better/worse than the other. But if you're selling to enterprises, ignore the analysts at your own mortal peril.