[ISN] Cisco Buys E-mail Security Specialist IronPort

From: InfoSec News (alerts@private)
Date: Thu Jan 04 2007 - 22:37:00 PST


By Matt Hines
January 4, 2007

Cisco Systems announced on Jan. 4 that it has agreed to buy IronPort, a 
provider of messaging and Web security appliances, for approximately 
$830 million.

The San Jose, Calif.-based networking giant reported that the deal will 
consist of a cash and stock transaction, and that it is planning to 
close the merger sometime during the third quarter of its fiscal year 

Cisco called the e-mail filtering and anti-spam technologies marketed by 
IronPort, based in San Bruno, Calif., a "natural extension" of its 
growing security portfolio. The company has made a significant push into 
the security space over the last several years, aggressively expanding 
its product lineup, which includes technologies such as firewalls and 
its NAC (Network Admission Control) authentication tools.

The networking market leader said that IronPort's messaging security 
software and appliances will specifically complement its threat 
mitigation, secure communications, policy control and infrastructure 
management technologies.

"We feel there is enormous potential for enhanced e-mail and message 
protection solutions to be integrated into the existing Cisco 
Self-Defending Network framework," Richard Palmer, senior vice president 
of Cisco's Security Technology Group, said in a statement. "Using the 
network as a flexible platform to integrate IronPort's technologies, 
Cisco will be able to build new security applications as customers' 
demands evolve."

IronPort, which was founded in 2000 and has 408 employees, will be 
integrated directly into the Cisco Security Technology Group and report 
to Palmer, officials for the companies said. Cisco has also been a 
longtime customer of IronPort.

The acquired company's products are built around two proprietary e-mail 
security technologies, dubbed SenderBase and AsyncOS.

SenderBase is an e-mail traffic monitoring service that collects data 
from more than 100,000 organizations such as ISPs, universities and 
corporations, and uses that information to detect suspicious behavior 
and virus outbreaks. The technology is also used to identify potential 
sources of bulk spam, and is licensed to the open-source community and 
other institutions attempting to research and prevent unwanted e-mail 

All of IronPort's e-mail security appliances run on the firm's 
proprietary AsyncOS operating system, which claims a unique "stack-less 
threading model" that allows each appliance to support more than 10,000 
simultaneous connections. The IronPort OS is built on a version of the 
UNIX operating system that IronPort claims to have stripped of all 
nonessential components in order to speed performance and provide for 
tighter security.

The Cisco deal for IronPort is emblematic of the growing push among 
major IT platform providers to add greater security capabilities to 
their products while trying to cash in on the continued demand for 
better systems defenses from enterprises. Cisco, which has long competed 
in the market with its firewalls and secure networking products, has 
made a significant push further into the market over the last year, 
specifically around its NAC technologies, which aim to keep unauthorized 
users off of corporate networks.

While the $830 million price tag for IronPort will likely be viewed by 
some experts as expensive, as IronPort had an estimated $25 million in 
revenues during 2005, the deal will not come as a surprise to analysts 
who have predicted that major IT platform providers such as Cisco will 
continue to snap up profitable security businesses.

IBM's October 2006 buyout of Internet Security Systems for $1.3 billion 
in cash is another deal that illustrates the trend, as is storage market 
leader EMC's $2.1 billion acquisition of authentication specialists RSA 
Security, announced in June 2006.

This push by larger security software providers to diversify their 
product lines and generate opportunities in emerging sectors of the 
security market will spur more deals in 2007 than the industry has seen 
over the past several years, analysts said.

"We're seeing that large companies are trying to expand their portfolios 
and become end-to-end providers of enterprise-class security 
technologies," said Jon Oltsik, an analyst at Enterprise Strategy Group.

"In order to do that, they must cherry pick among the other providers 
and look for specialists from the venture-backed startup world," he 
said. "In addition to traditional security players, we'll also see more 
deals made by large IT companies, such as in the case of EMC-RSA, as 
these companies try to win larger enterprise deals that demand some 
level of security expertise."

As another example of the type of deal he expects to materialize in the 
coming year, Oltsik pointed to Check Point Software Technologies' 
November 2006 buyout of encryption specialists Pointsec Mobile 
Technologies for $586 million. Check Point also agreed to buy network 
intrusion detection specialist NFR Security for approximately $20 
million in December 2006.

Subscribe to InfoSec News

This archive was generated by hypermail 2.1.3 : Thu Jan 04 2007 - 22:48:55 PST