The Snort user community may get its wish after all.
Check Point Software Technologies Ltd.'s pending $225 million
Check Point, located in Ramat Gan, Israel, hopes to acquire Columbia, Md.-based Sourcefire to augment its intrusion detection and intrusion prevention systems (IPS). But according to a report from the Associated Press, the FBI and the Pentagon expressed strong reservations about the deal because Snort is used to safeguard classified U.S. military and intelligence data.
The transaction is now being reviewed by the Committee on Foreign Investments in the United States (CFIUS), the same Treasury Department panel involved with the controversial review and approval of United Arab Emirates-based Dubai Ports World's $6.85 billion acquisition of Britain's P&O, which operates a half dozen major U.S. shipping ports.
In an interview with the Washington Post, Sourcefire CEO Wayne Jackson said he was "stunned" that his 140-person company could be at the center of an international controversy, but added that he remains "confident that measures can be put in place to mitigate whatever risks the federal government believes might exist."
Members of the Snort user community have been wary of the acquisition all along, but for different reasons. Some fear Check Point would allow Snort to languish, as some feel it has done since it acquired the popular free ZoneAlarm desktop firewall application as part of its $205 million purchase of Zone Labs in 2003. Others fear Check Point would seek to further monetize Snort by no longer allowing it to be an open source product.
But in a recent interview with SearchSecurity.com, Sourcefire CTO Martin Roesch said those fears are unfounded.
"There's a lot of skepticism from the Snort users right now because they're in wait-and-see mode, so we need to prove to them that we mean it when we say Snort's going to get a lot better," Roesch said. "We're not going to try to close it or anything like that. Once they see how much benefiting, they're going to be really happy."
According to the AP, Check Point was notified of the inquiry on Feb. 6, but it is unclear when the ongoing, 45-day CFIUS review of the acquisition will be completed. One analyst estimated that Sourcefire earned about 10% of its $35 million in 2005 revenue by guarding classified U.S. computers.