The deal between Check Point Software, the one-time leading firewall vendor, and Sourcefire is in jeopardy thanks to a review by the Committee on Foreign Investments in the United States. See this Washington Post article for details. Where do these government agencies pop up from? Who ever heard of the CFIUS before the Dubai Port imbroglio? According to this web site the inter agency committee is chaired by the Treasury department:
“CFIUS seeks to serve U.S. investment policy through thorough reviews that protect national security while maintaining the credibility of our open investment policy and preserving the confidence of foreign investors here and of U.S. investors abroad that they will not be subject to retaliatory discrimination.”
Being the advocate of free and open markets that I am I am in favor of this particular group of bureaucrats backing off from their involvement in this case. Check Point, while Israeli based, is one of the foundations of the security industry and poses no threat to our national security by acquiring Sourcefire, the company that controls the open source IDS software, Snort.
That said there are two questions that this case highlights. First off the idea that the US defense department considers software for monitoring intrusions of vital National Security Importance. It may come as a surprise to you, as it did to me, but the defense department’s networks are woefully mismanaged when it comes to security. The inter- departmental friction (Navy vs Army vs Airforce) leads to wide open networks with all sorts of bad protocols running loose (like telnet for starters). The folks charged with keeping the defense department secure have their hands tied. All they can do is monitor and react if they discover nastiness like the next Harold Nicholson or Aldrich Ames. Should the Defense Department be doing intrusion detection? Because it is powerless to secure their own networks the answer, sadly, is yes.
The other question is: Should Check Point be acquiring Sourcefire? My answer is a resounding No! Check Point established and dominated the commercial firewall market from 1995-2000. With their talk of “owning the Internet Gateway” they frightened Cisco into purchasing the Wheel Group and developing the Pix firewall series. Then Netscreen (now Juniper Networks) displaced Check Point as the leader by bundling firewall software on an ASIC based hardware platform.
Wall Street, unhappy with the fact that Check Point cannot get back to the glory days of 2001, is pressuring Gil Shwed (CEO) to make acquisitions. So, instead of focusing on their core competency, network security, they acquired a desktop defense product from ZoneLabs and now they are attempting to acquire a network monitoring software company with an open source product. This makes no sense.
Check Point should concentrate on defending networks. Intrusion Prevention and DDos defense technologies are maturing and gaining market momentum during a rise in those threats. A firewall vendor should lead these charges. Check Point should also be looking at a hardware acquisition. Bivio or Crossbeam come to mind.
My pointed advice:
For the President: Let this one ride. Check Point + Sourcefire is not a National Security concern.
For the Defense Department: Get out of the ‘90’s and into the 21st century. Time to start securing your networks.
For Check Point: Use your best of breed technology to dominate the network security space.