Cisco to Buy Sourcefire to Bulk Up Security Portfolio

The $2.7 billion deal will bring enhanced intrusion prevention and advanced malware protection to Cisco’s growing security platform.

Cisco Systems is bolstering its security solutions by spending $2.7 billion to buy Sourcefire, a move that will add bring greater anti-malware capabilities to the networking giant and could be a harbinger of more deals in the industry, according to analysts.

Cisco officials announced the deal July 23, saying the addition of Sourcefire's network security solutions will be the latest step in the company's efforts to offer a broad platform that can address a dynamic and rapidly changing cyber-security landscape driven by such trends as cloud computing and IT mobility.

The deal, which has been approved by the boards of directors from each company, is expected to close in the second half of 2013. Once the deal closes, Sourcefire's employees will become part of Cisco's Security Group, under the direction of Senior Vice President Christopher Young.

Sourcefire will bring a range of capabilities—from intrusion prevention and threat detection to next-generation firewalls and advanced malware protection—to a Cisco security portfolio that the company is aggressively looking to build, Young told eWEEK. Cisco is looking to build a broad security services platform that can be delivered via the cloud and is tightly integrated into Cisco's increasingly open and software-based networking environment.

In January, Cisco bought Cognitive Security, whose technology can help organizations better detect and identify patterns of behavior in networks that may indicate a threat, Young said. In October 2012, Cisco hired Bret Hartman away from EMC's RSA security division to become CTO for the Security Group. Hartman told eWEEK in a recent interview that a key incentive for coming to Cisco was the networking vendor's platform-based approach to security.

The company already offers a range of security solutions, from firewalls, intrusion-detection services and VPNs to its Identity Services Engine (ISE). Sourcefire will help businesses with improved advanced threat protection before, during and after an attack throughout the spectrum, from the cloud to any devices, officials said.

Organizations "don't want to feel like they're behind [the changing threat landscape]," Young said. "They want to feel like they can keep up with advanced threats."

Sourcefire offers a range of cyber-security products, from its next-generation intrusion-protection service and FirePower advanced malware protection service to its FireAMP malware analysis solutions for physical, virtual and mobile environments. At the core of the company's security offerings is Snort, an open-source intrusion-detection and -prevention engine. Created in 1998 by Sourcefire founder and CTO Martin Roesch, Snort has been downloaded more than 4 million times, according to the company.

Cisco's Young said Snort will be a key technology that will integrate with the networking vendor's security solutions.