When John Thompson succeeded Gordon Eubanks as CEO of Symantec in April 1999, he wasted no time in making his mark.

Hardly had Thompson got his feet under the table, than he had decided on a radical re-orientation of the company from a consumer focus to the enterprise, and from PC and software tools to corporate security, based initially around the company’s anti-virus products.

Out went the popular Visual Cafe Java integrated development environment (sold to start-up WebGain, which went spectacularly bust last year) and the ACT! contact management software unit (which was spun-out).

In came security software and services vendor Axent Technology for $975 million in stock and, in the last year, the company has bought a string of smaller start-up vendors, most notably, Riptech, Recourse Technologies, SecurityFocus and Mountain Wave.

As a business strategy born at the height of the dot-com boom, it has so far proved to be remarkably prescient. Today, Symantec is one of the few technology companies that is worth more now than it was in April 1999 when Thompson took the helm.

That is reflected in the company’s financial performance. In the year before his appointment, Symantec chalked up sales of $592.6 million. By the close of fiscal 2003 in March, revenues had increased almost two-and-a-half times to $1.41 billion.

But although such growth is impressive, it cloaks a fundamental problem. Symantec still remains dependent on the sales of anti-virus software and has struggled to establish itself as a credible player outside that core market, despite the nine acquisitions that Thompson has made. Symantec’s chief operating officer John Schwarz admits that anti-virus software still accounts for more than two-thirds of revenue.

The problem of over-reliance on a single technology is common to all security software vendors, not just Symantec. For example, RSA Security still derives some three-quarters of its revenues from the SecurID authentication token technology, while Check Point Software remains overwhelmingly focused on firewall software and Internet Security Systems (ISS) on intrusion detection.

Going forward, however, Symantec is attempting to broaden its revenue base by integrating all of its newly acquired security offerings into a single management framework so that users can manage the various technologies from the one console. “We have defined an architecture and a means of describing security events, regardless of the source that it comes from,” says Schwarz. These events can be stored in a single database and both correlated in real-time and data mined to provide more sophisticated security analysis.

But the security management software at the heart of that strategy, acquired when Symantec purchased Axent Technology, is still immature and while it does encompass rival’s products, its coverage still remains limited.

There is, in fact, a question mark over the calibre of much of Axent’s technology. John Pescatore, research director at influential analyst Gartner, says that products from Symantec’s recent acquisitions are replacing those that the company picked up with Axent. The Axent Raptor firewall has virtually disappeared from the market, he says, and its Prowler intrusion detection product was replaced by ManHunt when Symantec bought Recourse Technologies.

But Thompson does not appear to be letting such problems deflect him from his goal. For example, he has reorganised the company’s sales force to make it more responsive to the needs of major enterprise customers.

The next year will demonstrate whether or not the company has anything but anti-virus software to sell.