Cisco Systems is buying privately held IronPort Systems for $US830 million in cash and stock.
The deal for IronPort, which makes email, Web, and security management appliances, will add expertise in spam and messaging security to Cisco's security portfolio. Cisco plans to use that technology as part of its Self-Defending Network framework, the company said in a statement. The deal is expected to close in the third quarter of Cisco's 2007 fiscal year, which ends in April.
IronPort was founded in 2000 and has 408 employees. The company began as an antispam firm, using proprietary technology such as its AsynchOS operating system and SenderBase email and Web traffic monitoring network to sell high-capacity email security gateway appliances that can quickly vet inbound email, discarding up to 80 per cent of inbound spam connections based simply on the reputation of the message's sender.
Spam, which had fallen off the enterprise security radar in recent years, has once more become a hot issue. A new breed of "image" spam has recently found a way around spam filters and is again filling up enterprise inboxes.
In December, IronPort released statistics from its customer installations showing a 100 per cent year-over-year increase in spam message volume -- to 63 billion messages per day in October. Image spam accounted for 25 per cent of that total, an increase of 421 per cent from the same period in 2005.
IronPort also expanded beyond spam detection into areas such as anti-spyware, Web traffic content inspection, data encryption, and compliance. The company purchased email encryption firm, PostX, in November, adding message-level encryption to its product offerings. IronPort also announced a partnership with antispyware firm, Webroot, in October that combined the Webroot antispyware SDK with IronPort's S-Series Web Security Appliances.
As IronPort's technology expanded to meet more challenges, the company became more attractive to major enterprise IT players such as Cisco, Enterprise Strategy Group's Jon Oltsik said.
In a security market that's shifting from mere email security to enterprise messaging security that includes IM, mobile devices, and policy management, Cisco needs to "climb the stack," Oltsik said. "It's not just about perimeter security," he said. "It's about network security, and that means you have to understand that traffic isn't just packets and frames."
Vice-president of security marketing at Cisco, Jeff Platon, wouldn't comment on how IronPort's technology would be integrated with Cisco's other products. He said, however, that IronPort was about more than spam. Cisco sees IronPort's technology fitting into Cisco's larger effort to embed intelligence services in Cisco networking solutions under the banner of Service Oriented Network Architecture, or SONA.
"This is a glimpse of what's to come. It's about network security, application security, and messaging security blending into a larger, converged marketplace," Platon said.