Massaro: I would describe myself as a kind of a serial entrepreneur. This is my fifth VC-backed startup. I did my first one all the way back in 1971 when I was about 27 years old and before there was any formal venture capital community. There were a couple guys like Bill Hambrecht investing some money.

I came up through engineering as all my education has been in engineering: my bachelors, my masters, and then my Ph.D. at Berkeley. Just about every company I've done is technology-based, and it has been an asset to understand the technology, to be able to communicate with the engineering organization, to be able to drive the engineering organization, and do it in an effective manner. The first company I did was Shugart Associates where we basically invented the floppy disk drive. It was one of the companies that was in the right place at the right time. We had 13 competitors out there and we beat every one of these guys out and we obviously did a good job in sales and marketing the product. It started with the floppy, then we did the low-end hard disk drive, those are gigantic industries today. Shugart Associates was sold was to Xerox Corporation in 1978. Xerox asked me if I would go to Dallas, Texas and be President of the Office Products Division had responsibility for the "Office of the Future", which was a hot topic. While researching technologies for that initiative, I came out to California and the research firm was the Palo Alto Research Center. Here I saw Ethernet and I saw Altos which was the first iconic computer and I saw the whole client server architecture with workstations on a network off the servers and a metaphoric computer interface, we had icons and we had mice to move things around. So we took basically about 200 engineers and productized the technology in 1981. At that time, Xerox made me a corporate officer at an age of 34 and there were hundreds of Vice Presidents and 12 to 13 corporate officers. We brought Ethernet to market and the press said that Ethernet doesn't have a chance of becoming a standard because it's going up against IBM's Token Ring. Well, interesting enough, I read an article about six months ago that IBM just pulled their last Token Ring network out of their corporate headquarters and put Ethernet in. Of course, Ethernet became a worldwide standard and the concept of using a metaphoric computer with Windows, little pictures, and mice that moved things around and so forth and using servers in a client-server architecture all became the standard. So that was a lot of fun, I really enjoyed that.

OV: So, by the time you were 34 you had already started a successful startup and sold it to Xerox. What did you do after that?

Massaro: After that, David Liddle and I started Metaphor Computer Systems, which was a very high profile company that was funded by several VCs. We had a high-end system with a client-server architecture and unlike Xerox, which was very document-oriented, the system was very data-oriented. We focused on selling it to marketing-oriented companies, like consumer packaged goods companies. Proctor & Gamble was one of our large accounts, and we did very well in the consumer packaged goods and in the pharmaceutical areas, and then IBM approached us about doing a number of licensing agreements which we did, and we ultimately ended up selling that company to IBM in 1991. While at Metaphor, I started another company, where I was just chairman of the board, which was called Edge Diagnostic. The company built the first computer-based automotive diagnostic system, where we basically would plug right into the on-board computers and do self-diagnostics and so forth. We sold that one to Snap-On Tools. Then I did one other one, which was Silicon Gaming, which was the first software-based casino slot machine, which was really a lot of fun. Number one, the product was quite a challenge and number two, getting a software-based slot machine through the Nevada Gaming Commission, which really was one incredible challenge because this was all new technology and all the other casino slot manufacturers were all fighting us and so forth. Really got heavy into security and how do you secure software games and so forth and so on, and that's the company I took public. While that market was hot, we went out at about, I think it was about $7 or $8 a share, got up to $24, so it went up, it got pretty hot there then the whole gaming industry cooled off. Then in the 1990's I started an environmental products company. Although we had some interesting technology, we couldn't get any funding in the 90s for environmental products. Although everybody talked about it, VCs weren't putting any money in it. So I funded it myself in the early phase, but I couldn't really get it off the ground because I couldn't ever get any serious funding for it. So, all in all, I've had some serious successes, and I've had some failures. I learned more from the failures than I did the successes.

OV: What prompted you to join and be the CEO at Reconnex

Massaro: In between doing some startups, I also did some turnarounds. Turnarounds are hard to do because after the companies have crashed and burned it's kind of hard to put them back together. But anyway, I was brought into a company called Array Networks, which was funded by two leading VCs in the Valley. One of the reasons I went in there was Dave Liddle who was my partner at Metaphor had joined a VC firm, USVP, and asked me to go in and help them out. The company had raised about $35 million and had no products, weak management, and poor strategy. They were trying to build a very high performance network traffic management device. These are devices that sit in front of web servers and basically balance the load between them. So one of the things that we tried to do was take that product and move it into security space. So we took the proxy, we turned it into a security proxy, and entered the security space. In the mean time, we were approached by a small company, which had software that could analyze content on a network at very high speed. The company was Inetd.com, and we design and engineered it and put it into a product to move into the securities space. But as it turned out, half the inventors, wanted to go into the securities space and the other half did not. Consequently, USVP dropped out and so did I and put together a team to pursue content analysis on the network. I put some money in, and I moved a couple cars out of my garage and we were up and running. And it's a real, actual garage startup and I find that exciting - building a business from the ground up.

At Reconnex, I'm going to be the President and CEO and obviously I have overall responsibility for just about everything. Basically it's a young group of guys here, for some of them it's the first time in the role of kind of heading up a department. I like working in all aspects of the business. I mean I'm strong on the technical side, I'm very strong on the sales side, financial side, and operations. The only area I don't consider myself an expert on is marketing, and that's primarily because marketing is more an art than it is a science. So basically I'm going to work with this young team and build a strategy and a product and the process of the systems to make this a very successful company. We have great expectations. As you probably know, the security industry is highly fragmented. There are thousands of companies out there. Even the largest ones like Check Point oonly basically play in a very small area of security. But because we're in the reconnaissance end of it, where we're kind of looking at everything that's going over the network, we're actually in a position to be kind of the integration company. Now, we're going to have to acquire other companies and acquire other technologies and so forth, but given the position that we're in, where we see everything happening on the network, given security is only about policy generation and policy management, we're in a great position to be able to do electronic policy management. In other words, to be able to implement electronically the kind of policy management, whether it be digital or whether it be paper policy and, therefore, actually become kind of an umbrella securities company and potentially start pulling together a lot of these other mixed companies and become a real major player in the securities space. So we're excited about that.

OV: What problems do you see for Reconnex going forward?

Massaro: Well, to me the biggest challenge is always in the sales strategy. Selling to Fortune 500 accounts is the only place we can actually make any serious money. At the same it can be a very, very tough sell. What's key is not so much the product; the product is a necessary condition for success, but it's not sufficient. We have got to have a sales strategy that enables you to penetrate the account in a reasonable amount of time. The good news about selling to the Fortune 500 account is once you get in there, they'll buy a lot of stuff from you. The problem is, a lot of times the length of the sales cycle exceeds the longevity of the sponsor. We probably spend 70 percent of our time finalizing the sales strategy. And a good sales team costs a fortune. We have to surround the sales people with an assessment analyst, a system engineer, and an inside salesperson. Ramping a sales team is when you really start to spend money. Before that ramp happens, we have to make sure you got the sales process down, mainly the sales strategy and tactics and so forth.

OV: What do you think are some of the core competencies that will make Reconnex succeed?

Massaro: Well, we got a very proven engineering organization. These are a bunch of hotshot engineers who have built proxy devices before. For one, the proxy is hard to build. The second thing is, the sales and marketing people all come from the security space. So they view this as a solution to a series of security problems. I think if we're very successful, it's going to be because our sales and marketing strategy and the fact that we are approaching this with a security mentality, where we're going in and finding out what the real needs are and what the value is in solving those needs, as opposed to just dropping some hot box on the customer and saying hey, give this a try and see if you like it, which is what a lot of people do. I'll take a real good sales and marketing organization with a second-class product over the best product in the world with a second-class sales and marketing organization. What I think I'm going to have here is a first-class product and a first-class sales and marketing organization. The other thing we're going to try to do to, on a side note, we're really going to try and make this a virtual corporation. Like for example, I'm going to outsource all the G&A that I possibly can. We're going to outsource a lot of the marketing services. The technology is here, the service is here and so forth, but you should not be building internally what you can source on the outside. We really only want to focus our time and energy on those things that can add unique value to the company.

OV: What should the audience of this newsletter be looking for in the near term from Reconnex and from you?

Massaro: Over the last few days, we have put together a corporate operating plan with 20 corporate milestones. Measuring our success against these plans is what the audience should be looking for in the near term. These are 20 things that we want to accomplish over the next year. For example, the first customer ship of our initial product, which is scheduled for January, followed by a big product launch so we'll actually launch the product after our first customer ship. Right now we already have a number of Fortune 500 accounts lined up to evaluate our product. Another milestone is getting our first referencable account, which is slated for February. And by June, I want to have five referencable accounts in the financial services and technology sectors. So the best measure of how well we're doing is going to be our account list. You know, revenue is important, but what's more important is the quality of the revenue. In other words, if I had $1 million in a quarter and I had 20 accounts at $50,000, or I have five accounts at $200,000, the latter is so much more valuable than the former. The quality of the revenue is defined by your ability to penetrate the large corporations, starting with the technology corporations. Technology corporations only buy good technology, so you get a Good Housekeeping Seal of Approval by getting into an Intel, a Sun, an Oracle or something like that. So I would say if you want tell-tale indicator of how well we're doing, prior to us having huge revenues and profits and so forth, look at the quality of our installed base.

OV: That would be, I think, a good litmus test of success at some point in the future. What are some of the technical trends that are happening in your space?

Massaro: Well, we are the first ones on the street with the business plan on protecting the corporations from threats from within. Prior to us, everybody was trying to protect the corporation from the bad guys on the outside. We are first ones really to highlight the need to protect the corporation from the bad guys on the inside. There are a lot of business plans that are tracking along the lines of what we are proposing to do. It turns out that this protection of the network from the threat from within is probably the next big frontier in the security space. What is driving that in many ways is the evolution of the Internet. Think of the Internet as a means for two entities that are physically separated to communicate with each other; using the Internet to get people within a facility to communicate is called the intranet; setting up demilitarized zones to let people from the outside share information with internal users is called the extranet. So you have the intranet, the extranet, the Internet, which are artificially segmented from each other. The problem is that very often there is no difference between somebody physically within the facility to someone that's physically external to the facility, whether it's an employee, consultant, what have you. That was the common status quo for several organizations. Then, a couple of things happened. Number one, they need to do an authentication and authorization at the network level versus the application level, which is one of the things we did at Array Networks. You're no longer authenticating and authorizing someone to go at an application that's on your network, you're actually authenticating who they are and authorizing them, what they can do before you let them on the network. The next step after having people accessing network with different levels of acceptability and accountability is to be able to monitor network activity. Network monitoring, which is what we do, is analyzing the flow of content around your network, into your network, and outside your network. Additionally, we've got several security and confidentiality and privacy laws that have put a lot of legal requirements on corporations to know what is going on in their network. So these are some of the things that are really driving this cutting edge frontier in security.

OV: One last question, I would like to know anything that you think would be of interest to the audience of the newsletter.

Massaro: Well, you've got a couple of audiences there, right? One would be the limited partners; they'll probably come from large corporations and they're managing their pension funds or what have you. We're probably interested in every one of these guys as a customer. How do you get that across, right? I guess the message you want to leave everyone is that the real next frontier in security is really protecting content flow. And there's going to be a lot of opportunities in here for a lot of companies like Reconnex, and there's going to be a lot of need in the large corporations that are kind of represented by your limited partners for these kinds of products. Absolutely, I'd love to be able to get in front of them and give them a presentation.

The other audience is comprised of seasoned CEO's and entrepreneurs, who are always a good source of collaborating on the final details of a young company's business plans. It would be good to hear about their experiences and what challenges they are facing.

About Reconnex: Reconnex is developing a plug-and-play network appliance for real-time "network forensics" by intelligently monitoring and analyzing all forms of content over the network. It is directed at monitoring the activities of insiders and trusted users, and allows corporations and government entities to protect their intellectual property and confidential information, provide simplified policy management for regulatory compliance and prevent and detect inappropriate network use. The Reconnex appliance allows administrators to examine the actual content that is transmitted by internal personnel and provides them a contextual understanding of suspicious activity, so that they can verify malicious behavior. In addition, it provides a legally binding chain of evidence that can help them successfully pursue legal action against wrong-doers.