Sourcefire

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Sourcefire
Type Subsidiary
Industry Network security; intrusion detection, intrusion prevention system and anti-malware
Fate Acquired
Founded 2001
Founders Martin Roesch
Headquarters Columbia, Maryland
Key people John Becker (CEO), Martin Roesch (Founder and CTO)
Products Sourcefire FirePOWER network security appliances
Revenue $223.1M (FY12)[1]
Employees 560 (3Q12)
Parent Cisco Systems
Website http://www.sourcefire.com/

Sourcefire, Inc develops network security hardware and software. The company's FirePOWER network security appliances are based on Snort, an open-source intrusion detection system (IDS). Sourcefire was acquired by Cisco for $2.7 billion in July 2013.[2][3]

Background[edit]

Sourcefire was founded in 2001 by Martin Roesch, the creator of Snort. The company created a commercial version of the Snort software, the Sourcefire 3D System, which has now evolved into the company’s FirePOWER line of network security products. The company's headquarters is in Columbia, Maryland in the United States, with offices abroad.

Financial[edit]

The company's initial growth was funded through four separate rounds of financing raising a total of $56.5 million from venture investors such as Sierra Ventures, New Enterprise Associates, Sequoia Capital, Core Capital Partners, Inflection Point Ventures, Meritech Capital Partners and Cross Creek Capital, L.P., a venture fund whose general partner is a wholly owned subsidiary of Wasatch Advisors, Inc.

In 2005, Check Point attempted to acquire Sourcefire for $225 million,[4] but later withdrew its offer after it became clear US authorities would attempt to block the acquisition.[5]

In March 2007 the company completed an initial public offering, raising $86.3 million. The sole book-running manager of the offering was Morgan Stanley & Co. Incorporated. Lehman Brothers Inc. acted as co-lead manager and UBS Securities LLC and Jefferies & Company, Inc. served as co-managers. In August of the same year, the company acquired Clam AntiVirus.[6]

In May 2008, Sourcefire rejected an offer of $187 million from security appliance vendor Barracuda Networks,[7] who had offered to pay US$7.50 per share which amounted to a 13% premium of their then-current stock price.[8] On 5 January 2011, Sourcefire announced its acquisition of the cloud-based antivirus firm Immunet.[9][10]

Revenue for the fourth quarter of 2012 was $67.4 million compared to $53.2 million in the fourth quarter of 2011, an increase of 27%.[11](subscription required) Revenue for the year ended December 31, 2012 was $223.1 million compared to $165.6 million for 2011, an increase of 35%. International revenues were $74.4 million, up 77% over 2011. As of December 31, 2012, the Company's cash, cash equivalents and investments totaled $204.0 million[1]

In 2009 Sourcefire received SC Magazine's 2009 "Reader Trust" award for best intrusion detection and intrusion prevention system (IDS/IPS) for Snort,[12] Network World’s “2009 Best of Tests” award for the Sourcefire 3D System,.[13] The company placed in the "Leaders" Quadrant in the 2012 Gartner Magic Quadrant for Intrusion Detection and Prevention System Appliances,[14] and ICSA Labs' certification for the full line of FirePOWER (formerly 3D) appliances.[15] Sourcefire was given a top "recommend" rating in 2012 for fastest and most accurate IPS detection from NSS Labs. FirePOWER was also ranked by NSS Labs at the top of their 2012 "Security Value Map" in security effectiveness and total cost of ownership.[16]

On July 23, 2013, Cisco Systems announced a definitive agreement to acquire Sourcefire for $2.7bn.[17]

Products[edit]

FirePOWER NGIPS and NGFW[edit]

The Sourcefire FirePOWER line of appliances are designed to form part of a layered security defense. They can be deployed as:

  • Next-Generation Intrusion Prevention System (NGIPS), with network visibility into hosts, operating systems, applications, services, protocols, users, content, network behavior and network attacks and malware.
  • Next-Generation Firewall (NGFW) with NGIPS, incorporating access and application control, threat prevention and firewall capabilities
  • Next-Generation Intrusion Prevention System with integrated:
  • Application control
  • Malware protection
  • URL filtering
  • Advanced Malware Protection Appliance for dedicated inline network protection against advanced malware.

Advanced Malware Protection and FireAMP[edit]

Sourcefire Advanced Malware Protection (AMP) offers malware analysis and protection for networks and endpoints using big data analytics to discover, understand and block advanced malware outbreaks, advanced persistent threats (APTs) and targeted attacks. AMP enables malware detection and blocking while provisioning continuous analysis and retrospective alerting, using Sourcefire's cloud security intelligence[clarification needed].

Advanced Malware Protection can be deployed inline via a license key on NGIPS, dedicated AMP FirePOWER appliance or on endpoints, virtual and mobile devices with FireAMP.[18]

Snort[edit]

Main article: Snort (software)

Snort is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines signature, protocol and anomaly based inspection methods. Developed in tandem with the Snort open source community, its developers claim it is the most widely deployed intrusion detection and prevention technology worldwide.[19]

Immunet[edit]

Main article: Immunet

Immunet uses the cloud virus definitions along with virus definitions from Clam Antivirus which is an open source (GPL) anti-virus toolkit primarily used on UNIX operating systems designed for e-mail scanning on e-mail gateways. It provides a number of utilities including a multi-threaded daemon, a command line scanner and tool for automatic database updates. The core of the package is an anti-virus engine available in a form of a shared library.[20] Immunet is provided in two versions, Free and Plus.

See also[edit]

References[edit]

  1. ^ a b "Sourcefire Announces Record Revenue for Fourth Quarter & Full Year 2012". Marketwire. 2013-02-21. Retrieved 2013-02-21. 
  2. ^ "Cisco Announces Agreement to Acquire Sourcefire". Cisco Systems. 2013-07-27. Retrieved 2013-07-23. 
  3. ^ "Cisco to Buy Sourcefire, a Cybersecurity Company, for $2.7 Billion". The New York Times. Retrieved July 23, 2013. 
  4. ^ "Check Point and Sourcefire to Explore Alternative Business Relationship". 2006-03-23. Retrieved 2008-10-12. 
  5. ^ "Check Point calls off Sourcefire buy". 2006-03-24. Retrieved 2008-10-13. 
  6. ^ "Sourcefire acquires ClamAV". SecurityFocus. 2007-08-17. Retrieved 2008-10-28. 
  7. ^ "Barracuda hungry for OSS security developer Sourcefire". 2008-05-30. Retrieved 2009-08-20. 
  8. ^ "Sourcefire says no to Barracuda's takeover bid". 2008-05-30. Retrieved 2009-08-20. 
  9. ^ Friedrichs, Oliver. "Immunet Acquired by Sourcefire". Immunet. Archived from the original on 10 April 2011. Retrieved 10 April 2011. 
  10. ^ "Sourcefire Announces Acquisition of Immunet". Columbia, MD. Business Wire. 5 January 2011. Archived from the original on 10 April 2011. Retrieved 10 April 2011. 
  11. ^ http://news.investors.com/technology/022213-645370-sourcefire-security-stock-rises-on-earnings-report.htm
  12. ^ "SC Magazine Website". Retrieved 2009-10-29. 
  13. ^ "Network World Article". Retrieved 2009-10-29. 
  14. ^ "Gartner Magic Quadrant Report". Retrieved 2012-12-26. 
  15. ^ "ICSA Labs Report". Retrieved 2009-10-29. 
  16. ^ NSS Labs' 2012 Security Value Map for IPS
  17. ^ http://www.cisco.com/web/about/ac49/ac0/ac1/ac259/sourcefire.html
  18. ^ FireAMP
  19. ^ "Snort Website". Retrieved 2008-10-28. 
  20. ^ "ClamAV Website". Retrieved 2008-10-28. 

External links[edit]