Sourcefire Partners Pleased, But Cautious On Cisco Acquisition

Cisco Systems' $2.7 billion acquisition of Sourcefire this week validates the network security vendor's technology and could be a big win, according to Sourcefire and Cisco partners, but questions remain about what happens once the firm is formally integrated into the networking giant's fold.

Steve Zembrzuski, president of Alpharetta, Ga.-based solution provider Unitiv said he was initially thrilled with the news about the acquisition. His company was named a Sourcefire Silver Partner in April and invested significantly in getting sales and engineers certified on the security firms' appliances. The time and effort should pay off in the short term, but once the technology drops into Cisco's lofty channel distribution network, Zembrzuski said he fears margins will erode.

"We had very unique position because we didn't have a lot of competitors selling the same product, but now all the Cisco players will have same ability to sell this," he said. "It's the long term perspective that isn't clear. The registration process might not be as clean and transparent. What will they do with the engineers when Cisco takes in this product?"

[Related: 8 Cool Network Security Products At RSA 2013 ]

Sponsored post

Sourcefire partners acknowledge that their questions about the Sourcefire sale are likely to go unanswered until the acquisition closes and Cisco begins the transition process.

Those that have worked closely with Sourcefire know the appliance maker had long been an acquisition target. A move by Tel Aviv, Israel-based Check Point Software Technologies to acquire Sourcefire in 2005 for $225 million was withdrawn following strong indicators from federal regulators that the acquisition would be blocked. Cisco paid a premium for the technology, but it is buying a best-of-breed, tested technology, said Pete Lindstrom, principal analyst at Spire Security.

"Cisco every once in a while needs an infusion, and so adding Sourcefire to the Cisco world will help them in the next-generation firewall and application-control space," Lindstrom said. "Cisco plays by different rules and so their ability to continue to develop the technology will be interesting to watch play out."

Solution providers should not see any major changes in the near term until the deal is completed, said Bret Hartman, chief technology officer of Cisco's security group. Hartman told CRN this week that Sourcefire's certification programs would eventually be combined with Cisco's certification processes and programs.

"Many of our channel partners are focused on security, and lots of others are looking to expand in terms of broader offerings. They are hearing from their customers that they need to be doing more in the security area." Hartman said. "The opportunity to expand that inventory with the Sourcefire offering that's already been optimized to work in the channel, that's a great match there."

NEXT: Sourcefire Technology Seen As Cutting Edge

Sourcefire sells an intrusion prevention system, a next-generation firewall and its FireAmp antimalware platform. The Sourcefire appliances are seen as cutting edge by the company's customers, said Michael Ellison, vice president of sales at Irvine, Calif.-based reseller Virtual Graffiti. Businesses were looking for an alternative that was better than a standard firewall and intrusion protection appliance, he said.

"Whenever the larger vendor gobbles up the smaller fish it's always hard to determine how things could get messed up," Ellison said. "The fact that Sourcefire has strong channel distribution and key channel relationships makes it an easy transition."

Ellison said sales of Cisco's firewalls have been falling out of favor because they are too complicated to buy and deploy. "Everything is so a la cart with Cisco and there are so many pieces that made it difficult for resellers to sell and end users to understand it," he said.

Directly exposing Sourcefire to Cisco's large customer base should significantly increase revenues and opportunities for its channel partners, said Gary Fish, Founder and CEO of FishNet Security, a Sourcefire Partner.

"Cisco had been quiet on the security front but this certainly puts them back in the game," Fish said in an email. "Sourcefire has been a great channel partner and we don't expect that to change with the acquisition."

Other industry observers are not as certain about Sourcefire's ability to retain its leadership position following the sale. Acquisitions of strong market leaders almost always results in an erosion of their identity and appeal in the marketplace over time, said Garry Sidaway, global director of security strategy at Integralis, a security services provider. Sidaway said it will be interesting to see how the vendor gets integrated and whether the popular Snort signatures that are at the core of Sourcefire's technology will remain available to the open source community.

"We continue to see convergence in the security market, and it's a justification of the need for that human element to be combined with the technology," Sidaway said. "Most businesses want to understand the context of risk and where they need to be spending money on projects."

Greg Forrest, president of the U.S. theater for global solution provider and Cisco partner AGC Networks, noted that Cisco has invested too heavily in its security strategy in the past, so this is definitely a change in direction for them, but one that's welcomed by partners. Cisco acquired email and Web security gateway vendor IronPort Systems Inc. for $830 million in 2007. It followed up by buying SaaS-based Web security firm ScanSafe in 2009.

"They are targeting a sector that actually has some wind behind the sails, so good for them," Forrest said. "What this means for the partner community in the end, I would assume, is a broader portfolio and those kind of typical benefits that the channel might experience."

Sourcefire technology partners praised the acquisition. Cisco saw the need to increase visibility and shift the discussion around a security-centric software-defined network, said Robert Shaw, CEO of Santa Clara, Calif.-based Net Optics, a maker of intelligent network load balancers that connect to security appliances and networking devices. Shaw said his relationship is likely to strengthen with Sourcefire as more firms transition to software defined networking.

"Cisco will be much more aggressive in making sure they are thinking about the bigger picture when it comes to architecting the network," Shaw said. "Once you start to control the security design you have a much broader longer term ability to build features and functions and the next wave of products."