Content, Channel investors, Channel partner programs

Broadcom-VMware M&A: The Implications for VMware Carbon Black MSSPs

Credit: Getty Images

After days of rumors, Broadcom confirmed plans to buy VMware. The resulting deal, if completed, will tuck the former Symantec Enterprise security business into VMware -- where Carbon Black currently sits. And that business combination, if completed, could be mixed news for MSSPs and security-driven MSPs that bet early on Carbon Black, MSSP Alert believes.

First, three key data points to note:

  1. Broadcom acquired the Symantec Enterprise security business for $10.7 billion in 2019.
  2. VMware acquired Carbon Black for $1.9 billion in 2019.
  3. Fast forward to May 2022, and Broadcom confirmed plans to buy VMware for $61 billion in cash and stock, while also assuming $8 billion in VMware debt.

The deal includes a "go shop" period -- which allows VMware to seek higher bids for the company through July 5, 2022. If the deal is completed, the Symantec Enterprise-Carbon Black business combination would make for strange bedfellows -- especially for MSPs and MSSPs.

Broadcom and Symantec Enterprise Security: Limited MSP Partner Strategy?

Indeed, the Symantec Enterprise business is now positioned as Broadcom's endpoint security business for enterprise customers. Much of the channel partner strategy has involved a Cyber Security Aggregator program that flows through distributors. Separately, Broadcom in 2020 sold off such Symantec assets as:

Also that year, Broadcom ended the Symantec PacketShaper product line.

Roll all the moves together, and Broadcom's security effort appears to mostly focus on direct sales to enterprise customers.

VMware Carbon Black Faces Intense Competition in the MSP-SMB Security Market

Meanwhile, VMware and Carbon Black generally have good relationships with MSPs and MSSPs. But the companies haven't exactly kept pace with more aggressive security software providers that are working overtime to integrate with MSP software platforms.

Indeed, enterprise-scale companies such as CrowdStrike, SentinelOne and Sophos (among many others) appear to have strong momentum with MSSPs and MSPs -- in many cases leveraging product integrations to extend down into the midmarket and SMB sectors.

Moreover, upstarts such as Blackpoint Cyber, Huntress, Netsurion and Stellar Cyber have MSP-centric partner models that are catching on in the SMB channel.

Bottom line: The VMware-Carbon Black business combination hasn't made much new noise with MSSPs since VMware acquired the endpoint security business in 2019. If the Broadcom-VMware deal gets finalized there's little evidence to suggest that the buyer will deeply engage MSSPs and MSPs -- especially in the SMB sector.

Blog originally published May 23, 2022. Updated regularly thereafter with new perspectives on the potential deal.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.