Cisco to buy IronPort for $830M

Cisco Systems said on Thursday it is buying privately held IronPort Systems for $830 million in cash and stock.

The deal for IronPort, which makes e-mail, Web, and security management appliances, will add expertise in spam and messaging security to Cisco’s security portfolio. Cisco plans to use that technology as part of its Self-Defending Network framework, the company said in a statement. The deal is expected to close in the third quarter of Cisco’s 2007 fiscal year, which ends in April.

IronPort was founded in 2000 and has 408 employees. The company began as an anti-spam firm, using proprietary technology such as its AsynchOS operating system and SenderBase e-mail and Web traffic monitoring network to sell high-capacity e-mail security gateway appliances that can quickly vet inbound
e-mail, discarding up to 80 percent of inbound spam connections based simply on the reputation of the message’s sender.

Spam, which had fallen off the enterprise security radar in recent years, has once more become a hot issue. A new breed of “image” spam has recently found a way around spam filters and is again filling up enterprise inboxes.

In December, IronPort released statistics from its customer installations showing a 100 percent year-over-year increase in spam message volume — to 63 billion messages per day in October. Image spam accounted for 25 percent of that total, an increase of 421 percent from the same period in 2005.

IronPort also expanded beyond spam detection into areas such as anti-spyware, Web traffic content inspection, data encryption, and compliance. The company purchased e-mail encryption firm PostX in November, adding message-level encryption to its product offerings. IronPort also announced a partnership with anti-spyware firm Webroot in October that combined the Webroot anti-spyware SDK with IronPort’s S-Series Web Security Appliances.

As IronPort’s technology expanded to meet more challenges, the company became more attractive to major enterprise IT players such as Cisco, said Jon Oltsik of the Enterprise Strategy Group.

In a security market that’s shifting from mere e-mail security to enterprise messaging security that includes IM, mobile devices, and policy management, Cisco needs to “climb the stack,” Oltsik said. “It’s not just about perimeter security,” he said. “It’s about network security, and that means you have to understand that traffic isn’t just packets and frames.”

Jeff Platon, VP of security marketing at Cisco, wouldn’t comment on how IronPort’s technology would be integrated with Cisco’s other products. He said, however, that IronPort was about more than spam. Cisco sees IronPort’s technology fitting into Cisco’s larger effort to embed intelligence services in Cisco networking solutions under the banner of Service Oriented Network Architecture, or SONA.

“This is a glimpse of what’s to come. It’s about network security, application security, and messaging security blending into a larger, converged marketplace,” Platon said.