The ClamAV technologies will also serve as the "foundation" for a range of specialized next-generation gateway security offerings, Jackson said. The company did not rule out a potential leap into the desktop security market.
Under Sourcefire's initial plans, it will extend new support and training services for existing ClamAV users during the fourth quarter of 2007, in a model similar to the one used by Red Hat for its enterprise Linux products, according to the CEO.
After a clean-up of the project's code base, Sourcefire will likely create a new license for third party providers of the technology during the first quarter of 2008.
While Sourcefire has promised to continue to distribute versions of ClamAv software that meet the parameters of the open source general product license (GPL), the OEM licensing model will not necessarily adhere to all elements of the GPL, Jackson said. The arrangement fits the same model Sourcefire has pursued with Snort.
During the latter half of 2008, the company plans to release its new product offerings that incorporate ClamAV into its own enterprise products.
Industry watchers observed that the ClamAV assets could become an intriguing opportunity for Sourcefire if it can devise an effective way to monetize its existing customer base and push the companies that have licensed its anti-malware engine for free, and continue to do so, to pay for updates or extensions to the technology.
In his blog, network access control guru Alan Shimel -- the chief strategy officer at rival network access control (NAC) technology provider StillSecure -- predicted that Sourcefire would likely pursue such a strategy.
"[Anti-virus] is not exactly a cutting-edge technology, but it can be a cash cow, there are lots of options in the AV market," said Shimel. "If I was a UTM provider or [managed services provider] using ClamAV right now, I would be exploring my options, waiting for the other shoe to drop here. I think this once again shows that if you are incorporating open source tools into your technology as a vendor, unless you own the copyrights, do so at your own risk."