Cisco buting (Edit: buying) SourceFire



  • http://www.net-security.org/secworld.php?id=15270

    Cisco will acquire Sourcefire, a provider of cybersecurity solutions. The acquisition adds a team with deep security DNA to Cisco and will accelerate delivery of Cisco's security strategy of defending, discovering, and remediating advanced threats.

    Under the terms of the agreement, Cisco will pay $76 per share in cash in exchange for each share of Sourcefire and assume outstanding equity awards for an aggregate purchase price of approximately $2.7 billion, including retention-based incentives.

    The acquisition has been approved by the board of directors of each company.

    – more at link --

    And from Cisco...

    http://www.cisco.com/web/about/ac49/ac0/ac1/ac259/sourcefire.html


  • Rebel Alliance Developer Netgate

    And so begins its downward spiral. No good can come of that.

    I know it's a typo in the subject, but "buting" is probably a more accurate description of what Cisco will do to Sourcefire.



  • If you can't beat em buy em. 
    (Then gut em and dismantle em)



  • Aside from not being able to type I'm wondering just how this will impact folks using Snort, both free and paid versions.

    Cisco taking over Spamcop.net (via IronPort purchase) didn't seem to do any damage as far as I could tell but the takeover/dumping of LinkSys was a pretty grim situation.


  • Rebel Alliance Developer Netgate

    Own the typo! buting = buying + gutting :-)

    Sourcefire runs clamav, too, which I find more worrisome than snort being bought out.

    I suppose they could be forked, if anything really drastic happened, but the engines themselves aren't nearly as useful as the rules and associated databases that need constant care.



  • Crap.  It would suck if Clam AV got taken out.
    I'd have to start using Linux and FreeBSD and stuff like that. 
    I'd feel butgutted.
    There are many reasons to take over perfectly good working opensource initiatives that provide good security that works.
    Some of those reasons can at times be less obvious than others.



  • Just saw this as a Snort alternative: http://www.linux.org/threads/suricata-the-snort-replacer-part-1-intro-install.4346/

    I didn't look to see if/how BSD is uspported but at least folks are looking at the Cisco problem and working on solutions.

    From the Suricata website: “The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. “ So, what we’re looking at here is where Snort left off before it went commercial. It aims to essentially revolutionize the IDS & IPS fields in IT security, and make do with what it can as well.

    Perhaps, however, the biggest advantage Suricata has over the competition (i.e.: Snort) is that it is multithreaded. This can be viewed similar to web servers. You can build a simple web server that serves 1 page a request, or you can build a slightly more advanced one that serves 1+ page a request, and doesn’t interrupt other requests in doing so. Suricata is able to process multiple events at once without interrupting another and also load balance itself across how many cores your CPU has. This often leads to better performance across the board.

    Suricata: http://suricata-ids.org/


  • Rebel Alliance Developer Netgate

    There is also Bro

    http://www.bro.org/

    And Bro is BSD licensed, which is nice.