Cisco Buys IronPort
IronPort, a five-year-old, privately held company, makes appliances for Web security and management, but it is best known for its email security appliances, which help filter spam and detect malware in large and small enterprises as well as Internet service providers. Eight of the top 10 ISPs, as well as large enterprises such as JetBlue Airways, are IronPort users.
The move is something of a departure for Cisco, which has acquired many security vendors over the years but has generally kept those acquisitions focused on targets that operate at the network level. Experts say today's move could indicate that the company is shifting its considerable weight toward a broader role in the security industry, just as software giant Microsoft Corp. (Nasdaq: MSFT) has done.
"If I were a security vendor, I would be kind of nervous," says Rob Enderle, president and founder of Enderle Group, an IT consultancy.
Cisco called the acquisition a "natural extension" of its security portfolio, which includes threat mitigation, policy control, and security management. The company plans to integrate the IronPort technology into its Self-Defending Network framework, according to Richard Palmer, senior vice president of Cisco's Security Technology Group.
"Using the network as a flexible platform to integrate IronPort's technologies, Cisco will be able to build new security applications as customers' demands evolve," Palmer said.
Some experts are skeptical that Cisco will be able to broker a successful marriage between network security and messaging security.
"The acquisition makes Cisco look good on paper, but the reality is that in the security space, there have been very few true integrations after an acquisition," says Ira Winkler, author of The Spies Among Us. "[The acquisitions] end up being point products that vendors can more easily sell. It makes it easier to [buy] for the end users, but rarely does the functionality become easier to install and maintain."
"It's true that IronPort's SenderBase network and database provides insight to global email patterns in a way that could make Cisco networks react in real time to emerging threats," says Robert Richardson, editorial director at Computer Security Institute. "It's an interesting possibility, but it's not something that automatically follows from the acquisition."
But Enderle sees the IronPort purchase as part of a bigger vision. "This appears to be an attempt to do network security more comprehensively than I've ever seen done," he says. "Spam and attacks on email systems are a good deal of the traffic problem that companies are experiencing today."
— Tim Wilson, Site Editor, Dark Reading