By Matt Hines
January 4, 2007
Cisco Systems announced on Jan. 4 that it has agreed to buy IronPort, a
provider of messaging and Web security appliances, for approximately
The San Jose, Calif.-based networking giant reported that the deal will
consist of a cash and stock transaction, and that it is planning to
close the merger sometime during the third quarter of its fiscal year
Cisco called the e-mail filtering and anti-spam technologies marketed by
IronPort, based in San Bruno, Calif., a "natural extension" of its
growing security portfolio. The company has made a significant push into
the security space over the last several years, aggressively expanding
its product lineup, which includes technologies such as firewalls and
its NAC (Network Admission Control) authentication tools.
The networking market leader said that IronPort's messaging security
software and appliances will specifically complement its threat
mitigation, secure communications, policy control and infrastructure
"We feel there is enormous potential for enhanced e-mail and message
protection solutions to be integrated into the existing Cisco
Self-Defending Network framework," Richard Palmer, senior vice president
of Cisco's Security Technology Group, said in a statement. "Using the
network as a flexible platform to integrate IronPort's technologies,
Cisco will be able to build new security applications as customers'
IronPort, which was founded in 2000 and has 408 employees, will be
integrated directly into the Cisco Security Technology Group and report
to Palmer, officials for the companies said. Cisco has also been a
longtime customer of IronPort.
The acquired company's products are built around two proprietary e-mail
security technologies, dubbed SenderBase and AsyncOS.
SenderBase is an e-mail traffic monitoring service that collects data
from more than 100,000 organizations such as ISPs, universities and
corporations, and uses that information to detect suspicious behavior
and virus outbreaks. The technology is also used to identify potential
sources of bulk spam, and is licensed to the open-source community and
other institutions attempting to research and prevent unwanted e-mail
All of IronPort's e-mail security appliances run on the firm's
proprietary AsyncOS operating system, which claims a unique "stack-less
threading model" that allows each appliance to support more than 10,000
simultaneous connections. The IronPort OS is built on a version of the
UNIX operating system that IronPort claims to have stripped of all
nonessential components in order to speed performance and provide for
The Cisco deal for IronPort is emblematic of the growing push among
major IT platform providers to add greater security capabilities to
their products while trying to cash in on the continued demand for
better systems defenses from enterprises. Cisco, which has long competed
in the market with its firewalls and secure networking products, has
made a significant push further into the market over the last year,
specifically around its NAC technologies, which aim to keep unauthorized
users off of corporate networks.
While the $830 million price tag for IronPort will likely be viewed by
some experts as expensive, as IronPort had an estimated $25 million in
revenues during 2005, the deal will not come as a surprise to analysts
who have predicted that major IT platform providers such as Cisco will
continue to snap up profitable security businesses.
IBM's October 2006 buyout of Internet Security Systems for $1.3 billion
in cash is another deal that illustrates the trend, as is storage market
leader EMC's $2.1 billion acquisition of authentication specialists RSA
Security, announced in June 2006.
This push by larger security software providers to diversify their
product lines and generate opportunities in emerging sectors of the
security market will spur more deals in 2007 than the industry has seen
over the past several years, analysts said.
"We're seeing that large companies are trying to expand their portfolios
and become end-to-end providers of enterprise-class security
technologies," said Jon Oltsik, an analyst at Enterprise Strategy Group.
"In order to do that, they must cherry pick among the other providers
and look for specialists from the venture-backed startup world," he
said. "In addition to traditional security players, we'll also see more
deals made by large IT companies, such as in the case of EMC-RSA, as
these companies try to win larger enterprise deals that demand some
level of security expertise."
As another example of the type of deal he expects to materialize in the
coming year, Oltsik pointed to Check Point Software Technologies'
November 2006 buyout of encryption specialists Pointsec Mobile
Technologies for $586 million. Check Point also agreed to buy network
intrusion detection specialist NFR Security for approximately $20
million in December 2006.
Subscribe to InfoSec News