Security Platforms/Tools

Cisco Nets NetSift for $30M

This is a good time to be a network security startup. Cisco Systems Inc. (Nasdaq: CSCO) is spending its money on yet another security company that's barely out of its diapers (see Cisco Pays $30M for NetSift ).

Just a week after announcing the acquisition of eight-month-old M.I. Secure Corp. for $13 million, Cisco says it's paying $30 million in cash and stock options for NetSift Inc., a company just a year old and with 15 on staff (and, currently, a blank Website).

The deal is expected to close by the end of July, when NetSift, originally backed by Enterprise Partners Venture Capital, will become part of Cisco's Internet Systems Business Unit (see Cisco Buys Startup for $1.2M per Employee).

And in case your calculator's not working, that values NetSift, which is developing technology to automatically protect enterprise networks against new worm and virus attacks by generating unique signatures, at $2 million per employee. KACHINGGG!!!!

Among those 15 is at least one person with a track record of starting a company bought by Cisco. Board member Guru Parulkar founded switching fabric startup Growth Networks in 1998 and joined Cisco when his company was acquired by the routing giant in February 2000 for about $355 million in stock. He left in July 2001 to join the VC firm, New Enterprise Associates (NEA).

This is Cisco's third security-related acquisition this year, with FineGround Networks making up the trio with M.I. Secure and NetSift (see Cisco Chomps FineGround). Altogether, Cisco has announced seven acquisitions in 2005, the other firms being Sipura Technology Inc., Topspin Communications Inc., Airespace Inc., and chip firm Vihana Inc., another $30 million acquisition (see Cisco/Linksys Buys VOIP ATA Maker, Cisco Buys Topspin for $250M, and Cisco Buys Airespace).

— Ray Le Maistre, International News Editor, Light Reading

Green_Acres 12/5/2012 | 3:09:13 AM
re: Cisco Nets NetSift for $30M A bit of detail on Netsift from an old job posting (April 2005)...


NetSift, Inc. is a well-funded, early stage network security startup. We are pioneering a new approach to protecting enterprises from large-scale attacks such as worms, viruses, and DDOS. Our proprietary hardware implementation examines traffic at multi-Gigabit speeds to automatically detect and prevent an attack within seconds of its onset, as opposed to the days taken by security vendors today. We are looking for experienced and talented security engineers who will play a key role in establishing NetSift as the go-to vendor for the most accurate, timely, and actionable security alerts.

Job Responsibilities:
~ Develop, debug, document and reverse engineer exploits as they are discovered by NetSift solutions. Provide the further analysis and communication required to credibly interface with CERT, the Storm Center, and other responsible disclosure forums.

~ Translate new vendor vulnerability announcements into NetSift vulnerability signatures.

~ Work with cross-functional teams such as Product Management, Algorithm Designers, and Software & Hardware Engineers to develop new functional requirements for the NetSift solution based on knowledge of new and existing attack trends.

~ Work closely with the development team to design new paradigms for the next generation of intrusion detection and prevention solutions.

~ Help create a Security Operations Center that provides 24/7 security monitoring of various NetSift installations and enterprises.

~ BS in Computer Science or equivalent (MS preferred).
~ 4+ years experience with intrusion detection systems (NIDS preferred), signature creation and testing.
~ Strong programming skills in C, C++ and x86 assembly.
~ Extensive software reverse-engineering experience.
~ Deep knowledge of operating systems internals, with particular emphasis on Windows vulnerabilities.
~ Ability to disassemble 8086 code using standard tools like IDA Pro, SoftICE and GDB.
~ Solid understanding of networking fundamentals (TCP/IP) and protocols.
~ Extensive experience with protocol analysis and network traffic analysis.
~ Strong technical writing skills.
~ Experience with standard IDS and IPS tools such as Snort, NetScreen, ISS, McAfee, or TippingPoint a plus.
~ Contributions to Buqtraq or other responsible disclosure forums a plus.

Please email resume to jobs_at_netsift.net

Steve Hunt
VP Engineering
NetSift Inc

materialgirl 12/5/2012 | 3:09:11 AM
re: Cisco Nets NetSift for $30M If CSCO gear is noteworthy for slowing to a crawl with added features, how is all this stuff they are buying supposed to play together? Can they just attach ASIC-based cards to the backplane and bypass the slowness of IOS? Will they migrate their new OS (IOS-SX or what-ever) to their smallest devices. How can you manage it if each piece comes from another startup?
materialgirl 12/5/2012 | 3:09:10 AM
re: Cisco Nets NetSift for $30M Make that "CSCO Power"
DoTheMath 12/5/2012 | 3:09:09 AM
re: Cisco Nets NetSift for $30M Most of the $20 million kind of acquistions would fall under the "spin-in" category, where Cisco was already invested in the start-up. In fact, a lot of the people in these companies are ex-Cisco. You will notice that these companies are almost entirely engineers, including at the CEO level.

Given that Cisco's options aren't worth much, I believe this is the way Cisco rewards its key talent lately.

In some cases at least, some of the companies do stuff that is no big deal technically, and clearly the work could have been done far cheaper inside than the acquisition price paid. That again fits with the "need" to reward talent.

brahmos 12/5/2012 | 3:09:08 AM
re: Cisco Nets NetSift for $30M depends on luck also whether one gets to be part of these spin-in deals. people in storage, wireless, security, some hot new asic tech seem to have better chances than IOS, routing, and other "mature" technologies. I'd say out of 35000 people (10000 engineers?) hardly 100 would get the chance ..not a favourable ratio. u need to be in right place at right time and be on *very* good terms with the powers that be.
mr zippy 12/5/2012 | 3:09:07 AM
re: Cisco Nets NetSift for $30M News just in, the Southpark underpants gnomes have just published what phase two of their business plan is :

Phase 1) Collect Underpants
Phase 2) Get bought by Cisco as a security company, because you're competent at securing underpants (formerly "????")
Phase 3) Profit

(Note, this is all in jest, I'm not suggesting the people who are working at these every young and rapidly acquired companies are equivalent to underpants gnomes, rather that the way Cisco seems to be aquiring these startups without them seeming to have much market traction could be an answer to phase two :-) )

For an overview of what the underpants gnome business plan is, and how it does provide a lesson in real life investing, visit the following :

"South Park's" Investing Lesson
zoinks! 12/5/2012 | 3:09:07 AM
re: Cisco Nets NetSift for $30M I agree with Brahmos.

Of the two spin-ins I am familiar with, the guys in charge were 1) very well connected internally within Cisco and 2) had strong coattails to drag along only the best talent.

Being well-connected is a must - in order to get the right funding AND most importantly to get yourself (and your team) a sweetheart deal that will pretty much guarantee riche$.

Sign In