One point about the deal worth noting is the fact that Cisco is looking to position itself for the next generation of enterprise IT, which faces a more complex threat landscape than it ever has in the past. While Sourcefire started out as an intrusion detection/intrusion prevention company, it has expanded far beyond those roots, adding next-generation firewall and advanced malware protection to the portfolio, along with tools for cloud and mobile security. And it’s Sourcefire’s expertise in the borderless, always-connected, cloud-enabled enterprise that will help Cisco fill in the gaps in its more traditional security portfolio, the companies said.
"The notion of the 'perimeter' no longer exists and today's sophisticated threats are able to circumvent traditional, disparate security products. Organizations require continuous and pervasive advanced threat protection that addresses each phase of the attack continuum," said Christopher Young, senior vice president of Cisco’s security group, in a statement.
"With the acquisition of Sourcefire, we believe our customers will benefit from one of the industry's most comprehensive, integrated security solutions – one that is simpler to deploy, and offers better security intelligence," Young added.
The two will combine their products into new bundles and solutions after the close of the deal, targeted at thwarting APTs and providing protection both inside and outside of a company’s brick-and-mortar footprint.
"Cisco's acquisition of Sourcefire will help accelerate the realization of our vision for a new model of security across the extended network," said Martin Roesch, founder and CTO of Sourcefire. "We're excited about the opportunities ahead to expand our footprint via Cisco's global reach, as well as Cisco's commitment to support our pace of innovation in both commercial markets and of the critical role the network must play in cybersecurity and threat defense, we have a unique opportunity to deliver the most comprehensive approach to security in the market."
The move is the largest cybersecurity acquisition since Intel bought McAfee for $7.68 billion three years ago. However, it is likely not the last, as other IT giants look to cybersecurity as a growth area. And it's only really by big deals like this that technology innovation can be bootstrapped – small companies doing R&D organically often don't have the resources to create big, holistic approaches to the market.
One analyst calls the deal a "gamechanger" for the industry. “We expect a surge of consolidation to take place over the next 12 to 18 months on the heels of strong secular trends, massive cyber threats, and as larger technology players look to become bigger players,” said Daniel Ives, an analyst at FBR Capital Markets, in a research note. He said that Juniper Networks, Symantec, EMC and IBM are among the companies that may look to buy their way into the advanced cybersecurity game. Takeover targets, meanwhile, include Fortinet, Check Point and Palo Alto Networks.
Under the terms of the agreement, Cisco will pay $76 per share in cash in exchange for each share of Sourcefire and assume outstanding equity awards. The acquisition is expected to close during the second half of calendar year 2013, subject to customary closing conditions and regulatory reviews. Once the transaction closes, Sourcefire will cease to operate as a separate company, and its employees will join the Cisco security group, led the open source community.
"Buy has always been a key part of our build-buy-partner innovation strategy," said Hilton Romanski, vice president of Cisco corporate development, in a statement. "Sourcefire aligns well with Cisco's future vision for security and supports the key pillars of our security strategy.”