Blue Coat Systems

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Blue Coat Systems Inc.
Subsidiary of Symantec
Industry Network Security
Fate Acquired by Symantec in August 2016
Predecessor CacheFlow
Founded 1996
Headquarters Sunnyvale, California, United States
Key people
Greg Clark (CEO)
Michael Fey,
(President and COO)[1]
Products ProxySG, Advance Threat Protection (ATP) System, SSL Visibility Appliance, MACH5, K9 Web Protection, PacketShaper, CacheFlow
Revenue IncreaseUS$496M (FY 2010)[2]
IncreaseUS$39.3M (FY 2010)[2]
IncreaseUS$42.9M (FY 2010)[2]
Total assets IncreaseUS$696M (FY 2010)[3]
Total equity IncreaseUS$386M (FY 2010)[3]
Number of employees
more than 1,400 (as of 2014)[4]
Parent Symantec

Blue Coat Systems Inc. (formerly CacheFlow) is a Sunnyvale, California-based provider of security and networking solutions. The company specializes in cyber security products that detect and mitigate attacks.

The organization has been subject to controversy due to its products being used to conduct mass surveillance and censorship of the Internet by governments that engage in human rights abuses.

The company has gone through several acquisitions, most recently being acquired by Symantec Corporation in a deal valued at $4.65 billion USD.[5] Greg Clark, the former CEO of Blue Coat, is now the CEO of Symantec and Michael Fey, former COO of Blue Coat, is the new COO of Symantec.[6]


Blue Coat Systems was founded in 1996 as CacheFlow, with the original headquarters in Redmond, Washington. In 1999, Rick Kimball and Jay Hoag of Technology Crossover Ventures invested in CacheFlow.[7]

On December 9, 2011, Blue Coat agreed to be acquired by Thoma Bravo for $1.3 billion. With the closing of the transaction, Blue Coat stock was delisted from NASDAQ and it was no longer a publicly traded company.[8] On February 6, 2015 the Wall Street Journal reported that an attempt to sell Blue Coat to defense contractor Raytheon had failed, and Thoma Bravo was restarting the sales process.[9] On March 10, 2015, private equity firm Thoma Bravo sold Blue Coat to private equity firm Bain Capital for $2.4 billion.

In 2016, Frost & Sullivan awarded Blue Coat its Network Security Forensics award for its incident detection and network security products.[10] On June 13, 2016, it was announced that Symantec has acquired Blue Coat for $4.65 billion.[11] The acquisition was officially completed on August 1, 2016.[12]


Blue Coat Systems offer a range of products in the computer security sector.[13][14] Many Blue Coat products focus on attack detection, threat analysis, analytics and network defense. Blue Coat also produce business-oriented solutions, such as Data Loss Prevention, caching management and system administration tools.

In the consumer sector, Blue Coat develop K9 Web Protection, a freeware parental control and web filter application.


Date Company Business Country Value (US$) References
December 18, 2000 Entera Software  United States $170,000,000 [15]
October 29, 2003 Ositis Software, Inc Software  United States $7,100,000 [16]
July 19, 2004 Cerberian Software  United States $17,500,000 [17]
January 3, 2006 Permeo Hardware  United States $60,000,000 [18]
June 23, 2006 NetCache Software & Hardware  United States unknown [19][20]
April 21, 2008 Packeteer Software & Hardware  United States $268,000,000 [21][22][23]
February 12, 2010 S7 Software Solutions Software  India $17,500,000 [24]
December 2012 Crossbeam Software & Hardware  United States unknown [25]
May 2013 Netronome Software & Hardware  United States unknown [26]
May 2013 Solera Networks Software & Hardware  United States unknown [27]
December 2013 Norman Shark Software & Hardware  Norway unknown [28][29]
July 30, 2015 Perspecsys Software  Canada $180–200M [30]
November 9, 2015 Elastica Software  United States $280,000,000 [31]

In 2000, Blue Coat acquired Entera for its streaming technologies. The deal was valued at $170 million.[15]

Following its entry into the security market, Blue Coat acquired several companies to build additional functionality into its product portfolio. From 2003 to 2006, Blue Coat acquired three companies: Anti-virus appliance vendor Ositis Software, Inc. for $7.1 million,[16] URL filtering vendor Cerberian for $17.5 million[17] and Permeo Technologies for its SSL (Secure Sockets Layer) VPN appliance.[18]

As Blue Coat moved into the WAN optimization market, it shifted its acquisition focus to companies with caching and performance technologies. In 2006, Blue Coat acquired the NetCache business from NetApp.[19][20] In 2008, Blue Coat acquired Packeteer, a bandwidth management company, for $268 million.[23][32] In 2010, Blue Coat acquired S7 Software Solutions, a provider of software migration products and services.[24]

Beginning in 2012, Blue Coat refocused its acquisitions on expanding its product portfolio into adjacent security markets. In December 2012, Blue Coat acquired Crossbeam Systems, maker of a scalable network security platform that can virtualize network security applications from third-party security software vendors (including McAfee, Sourcefire, Check Point, and Imperva).[25] In May 2013, Blue Coat acquired SSL technology from Netronome.[26] Also in May, Blue Coat acquired Solera Networks, a maker of security analytics products that help businesses detect and resolve threats already on the network.[27]

In December 2013, Blue Coat acquired Oslo-based Norman Shark, a provider of threat discovery and malware analysis solutions for enterprises, service providers and government.[28][29]

On July 30, 2015 Blue Coat announced it had acquired Perspecsys as a key part of its Cloud Access Security Broker (CASB) offering for an estimated to be $180–200M.[30]

November 9, 2015, Blue Coat acquired cloud security company Elastica, Inc. for $280 million further broadening its CASB portfolio.[31]



In October 2011 it was reported that the U.S. government was looking into claims made by Telecomix that the Syrian government is using Blue Coat's products in order to censor the internet.[33][34] The hacktivist group released 54 GB of log data alleged to have been taken from seven compromised Blue Coat web gateway appliances that depict search terms, including "Israel" and "proxy", that were blocked in the country using the appliances.[35][36] Blue Coat later acknowledged their systems were being used within Syria, but assert the equipment was sold to intermediaries in Dubai, which they believed was destined for an Iraqi governmental agency, not the Syrian regime.[37] Despite the systems consistently sending "heartbeat" pings directly back to Blue Coat, they claim to not monitor their logs to identify from which country an appliance is communicating.[37] Blue Coat further announced they would halt providing updates, support and other services for systems operating within Syria.[37]

In April 2013, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) announced a $2.8 million civil settlement with Computerlinks FZCO for violations of the Export Administration Regulations (EAR) related to the transfer to Syria of Blue Coat products. The penalty was the maximum allowed. According to the BIS, Computerlinks FZCO provided Blue Coat with false end user information. Computerlinks FZCO knew that the items were destined for end users in Syria but stated that the end users for the items were the Iraqi Ministry of Telecom or the Afghan Internet service provider Liwalnet.[38]

Use by foreign governments[edit]

On March 12, 2013, Reporters Without Borders named Blue Coat Systems as one of five "Corporate Enemies of the Internet" and “digital era mercenaries”[39][40] for selling products that have been or are being used by governments to violate human rights and freedom of information.[41] Blue Coat equipment has been acquired by the governments of Bahrain, Burma (Myanmar), China, Egypt, India, Indonesia, Iran, Iraq, Kenya, Kuwait, Lebanon, Malaysia, Nigeria, Qatar, Russia, Saudi Arabia, Singapore, South Korea, Syria, Thailand, Turkey, the United Arab Emirates, and Venezuela.[34][42][43] Blue Coat has consistently denied these claims, asserting that it respects internationally recognized rights to privacy and freedom of expression, and does not condone any government’s use of its products to abuse Internet privacy or freedom of expression.[44][non-primary source needed]

On July 8, 2013, The Washington Post reported on a Citizen Lab study, accusing the governments of Sudan and Iran of misusing Blue Coat products.[45]


In September 2014, BuzzFeed reported the Egyptian government had contracted with an Egyptian-based company "Systems Engineering of Egypt" (SEE Egypt) and began surveilling online communications within Egypt conducted via Skype, Facebook, Twitter, YouTube among others. The article quoted "SEE Egypt" interviews in which the organization referred to itself as a "sister company" of Blue Coat.[46] The day following the report, BuzzFeed note Blue Coat distancing themselves from the controversy and published a response from the organization, which read in part:

See Egypt is a Blue Coat reseller, but is not otherwise affiliated with Blue Coat. See Egypt has assured us that they have not bid or resold Blue Coat products to the Egyptian government for any social network monitoring operation... Blue Coat sells its products to end users through more than 2,000 resellers worldwide. We require our resellers to adhere to the same legal requirements and ethical standards to which we hold ourselves.[47]

Security researchers[edit]

In March 2015, Forbes reported Blue Coat had pressured security researcher Raphaël Rigo into canceling his talk at SyScan '15.[48] Although Raphaël's talk did not contain any information about vulnerabilities on the ProxySG platform, Blue Coat still cited concerns the talk would "provide information useful to the ongoing security assessments of ProxySG by Blue Coat." The canceling of the talk was met with harsh criticism by prominent security researchers and professionals alike who generally welcome technical information about widely used security products.[49]


There exists a publicly trusted intermediate certificate, issued by Symantec, which permits the company to issue transparent man-in-the-middle certificates that will not cause browsers to warn about an untrustworthy connection.[50]

See also[edit]


  1. ^ "Blue Coat Names Michael Fey President and COO - Blue Coat". 
  2. ^ a b c Blue Coat Systems (BCSI) annual SEC income statement filing via Wikinvest.
  3. ^ a b Blue Coat Systems (BCSI) annual SEC balance sheet filing via Wikinvest.
  4. ^ "CrunchBase profile". Retrieved 8 April 2014. 
  5. ^ McMillan, Robert; Cimilluca, Dana (2016-06-13). "Symantec Set to Buy Blue Coat Systems in $4.65 billion Deal". Wall Street Journal. ISSN 0099-9660. Retrieved 2016-10-17. 
  6. ^ "Symantec Moves Security Forward in Blue Coat Era". Retrieved 2016-10-17. 
  7. ^ "Interviews - Jay Hoag And Rick Kimball | Dot Con | FRONTLINE | PBS". Retrieved 2015-05-16. 
  8. ^ "Blue Coat Agrees to be Acquired by Private Equity Firm Thoma Bravo". December 9, 2011. 
  9. ^ "Thoma Bravo Renews Sales Process for Security Software Company Blue Coat". February 6, 2015. 
  10. ^ "Blue Coat Systems dominates network security forensics market". Retrieved 2016-03-23. 
  11. ^ McMillan, Robert; McMillan, Robert (June 12, 2016). "Symantec Set to Buy Blue Coat Systems in $4.65 Billion Deal". WSJ. Retrieved June 13, 2016. 
  12. ^ "Symantec (SYMC) Completes Blue Coat Acquisition". Street Insider. Retrieved 7 August 2016. 
  13. ^ "Company Overview of Blue Coat Systems Inc.", Bloomberg Businessweek. Retrieved 13 February 2014.
  14. ^ "Business Assurance Technology Products", Blue Coat Systems. Retrieved 13 February 2014.
  15. ^ a b John Leyden (December 18, 2000). "Entera buyout complete". San Francisco Business Times. 
  16. ^ a b "Blue Coat buys Ositis". The Register. October 29, 2003. 
  17. ^ a b Dan Ilet (July 19, 2004). "Blue Coat buys Cerberian". SC Magazine. 
  18. ^ a b Paul Roberts (January 3, 2006). "Blue Coat to Acquire Security Company Permeo for $60M". eWeek. 
  19. ^ a b Chris Williams (June 23, 2006). "NetApp flogs NetCache to Blue Coat". The Register. 
  20. ^ a b Rebecca Munro (October 19, 2006). "Blue Coat looks for partners to help NetCache transition". ARNnet. 
  21. ^ Greene, Tim (April 21, 2008). "Blue Coat to buy Packeteer Traffic shaping, application visibility, customer list are the reasons". Network World. Retrieved December 27, 2009. 
  22. ^ Lawson, Stephen (April 21, 2008). "Blue Coat to Acquire Packeteer for $268 Million". PC World. Retrieved December 27, 2009. 
  23. ^ a b "Blue Coat Completes Acquisition of Packeteer", June 9, 2008
  24. ^ a b "Blue Coat Systems acquires S7 Software Solutions". Reuters. February 12, 2010. Retrieved March 29, 2011. 
  25. ^ a b Bill Brenner (December 18, 2012). "Blue Coat acquires Crossbeam Systems". CSO. 
  26. ^ a b "Blue Coat Acquires Netronome SSL Technology to Extend Leadership in Enterprise Security". Press Release. Blue Coat Systems. May 9, 2013. Retrieved July 23, 2013. 
  27. ^ a b "Blue Coat to Acquire Solera Networks", Press Release, Blue Coat Systems, May 22, 2013. Retrieved September 4, 2013.
  28. ^ a b "Blue Coat Acquires Norman Shark", Press Release, Blue Coat Systems, December 18, 2013. Retrieved January 5, 2014.
  29. ^ a b "Blue Coast acquires anti-malware firm Norman Shark" Archived December 19, 2013, at the Wayback Machine., Ellen Messmer, Network World, December 18, 2013. Retrieved January 5, 2014.
  30. ^ a b "Blue Coat Systems Buy Elastica after Perspecsys". 
  31. ^ a b "Blue Coat Delivers Industry's First Complete Cloud Security Solution with Acquisition of Cloud Security Innovator Elastica". 
  32. ^ Greene, Tim (April 21, 2008). "Blue Coat to buy Packeteer Traffic shaping, application visibility, customer list are the reasons". Network World. Retrieved December 27, 2009. 
  33. ^ "US probes Syria's use of Internet blocking equipment". BBC. October 24, 2010. Retrieved October 25, 2011. 
  34. ^ a b Hopkins, Curt (May 29, 2013). "U.S. company allegedly caught aiding Syria and Iran in censorship efforts". The Daily Dot. Retrieved June 2, 2013. 
  35. ^ "Blue Coat denies sale to Syrian censors". Information age. October 25, 2010. Retrieved October 25, 2011. 
  36. ^ Nachawati, Leila (11 October 2011). "BlueCoat: US-Technologie überwacht syrische Online-Bürger" (in German). Netzpolitik. 
  37. ^ a b c Valentino-DeVries, Jennifer; Sonne, Paul; Malas, Nour (29 October 2011). "U.S. Firm Acknowledges Syria Uses Its Gear to Block Web". Wall Street Journal. 
  38. ^ "Bureau of Industry and Security Announces $2.8 Million Civil Settlement with Computerlinks FZCO for Charges Related to Unlawful Exporting of Technology to Syria". Bureau of Industry and Security Press Release. April 25, 2013. 
  39. ^ "The Enemies of Internet, Special Edition : Surveillance". Reporters Sans Frontières. 2013. Archived from the original on March 17, 2013. Retrieved 27 May 2016. 
  40. ^ McCullagh, Declan (11 March 2013). "Meet the 'Corporate Enemies of the Internet' for 2013". CNET (CBS Interactive). 
  41. ^ Gallagher, Ryan (12 March 2013). "Reporters Without Borders Releases List of 'Enemies of the Internet'". Future Tense - Slate, New America, Arizona State University. 
  42. ^ "Corporate Enemies: Blue Coat", The Enemies of the Internet, Special Edition: Surveillance, Reporters Without Borders, 12 March 2013
  43. ^ "Planet Blue Coat: Mapping Global Censorship and Surveillance Tools", Citizen Lab, Munk School of Global Affairs, University of Toronto, 15 January 2013
  44. ^ "Blue Coat Introduces Public Internet Access Policy - Blue Coat". 
  45. ^ Ellen Nakashima, "Web monitoring devices made by U.S. firm Blue Coat detected in Iran, Sudan", Washington Post, 8 July 2013
  46. ^ "EXCLUSIVE: Egypt Begins Surveillance Of Facebook, Twitter, And Skype On Unprecedented Scale". BuzzFeed, Inc. September 17, 2014. 
  47. ^ Frenkel, Sheera (18 September 2014). "U.S. Company Distances Itself From Egyptian Surveillance System". BuzzFeed. Retrieved 27 May 2016. 
  48. ^ "Hackers Slam Blue Coat Claiming It 'Pressured Security Researcher Into Cancelling Talk On Its Tech'". Forbes Inc. March 26, 2015. 
  49. ^ Fox-Brewster, Thomas (30 March 2015). "When Censorship Backfires: How Blue Coat Silenced A Security Researcher". Forbes. Retrieved 27 May 2016. 
  50. ^ Thomson, Iain (27 May 2016). "Don't panic, says Blue Coat, we're not using CA cert to snoop on you". The Register. Retrieved 28 May 2016. 

External links[edit]