Sourcefire acquires Immunet for cloud-based anti-malware

Sourcefire today announced it has acquired start-up Immunet for $21 million, including $17 million paid at closing and $4 million expected to be paid over the next 18 months upon “achievement of product-delivery milestones related to the enterprise version of Immunet’s product.”

Tech M&A deals of 2010

John Burris, CEO of Sourcefire, which makes intrusion prevention products and shepherds the open-source Snort, called Immunet a “disruptive innovator in delivering cloud-based solutions with over 750,000 users in 192 countries.” Burris said in a statement the acquisition of Immunet would help Sourcefire accelerate its cloud initiatives. Executives acknowledge the Immunet acquisition puts Sourcefire in direct competition with traditional anti-malware providers.

In a call with analysts, Burris said Immunet enhances Sourcefire as a “strategic security provider” and said it helps Sourcefire make use of open-source Clam A/V, another acquisition.

Sourcefire founder Martin Roesch said the Immunet approach, which uses Clam A/V, is to leave anti-virus signatures in the cloud in a platform that Sourcefire expects to use for threat information-sharing over time with Snort, open-source Clam A/V and Sourecfire’s Razorback project. In terms of security, “we can now see what’s on people’s desktops,” said Roesch about the value of Immunet in expanding Sourcefire’s threat-monitoring capabilities.

Immunet offers both a free and paid version of its consumer product. In response to analysts’ questions, Burris acknowledged the number of paid subscribers is not “huge” today, without providing more detail. He also said some enterprise adoption is already evident.

Greg Fitzgerald, senior vice president of Sourcefire, said Immunet today has a consumer-based anti-malware product and the enterprise version would proceed in cooperation with Sourcefire, though it is not yet clear how the management console would be designed. Roesch said the enterprise version is expected to be ready in late 2011. Sourcefire will be promoting the consumer side of the product now.

Sourcefire is expected to retain Immunet personnel, including founders Oliver Friedrichs, Alfred Huger and Adam O’Donnell. In a statement, Friedrichs said adding Immunet will give Sourcefire a boost in endpoint protection.

Founded in 2008, start-up Immunet last year had about 10 employees. In a 2010 interview with Network World, Friedrichs called Immunet “the next-generation antivirus product” which is based on a “cloud-styled antivirus platform that will work with a fairly lightweight desktop agent to block and destroy malware.” Fredrichs also said Immunet received $2 million in funding from ALTOS Ventures and TechOperators.

Fitzgerald acknowledged the Immunet acquisition expands Sourcefire further into becoming a full-service security firm, putting it directly in competition with traditional anti-malware vendors including Symantec, McAfee and others.

The Immunet software is designed to coexist with other anti-malware software, but Fitzgerald adds, “Our angle in this is coexistence with existing technologies until enterprises recognize the protection this provides is quicker and more effective.”

Without going into detail about its finances prior to a February earnings announcement, Sourcefire acknowledged its business with the federal government is down substantially due to the government’s belt-tightening, though its commercial sales are strong.

In other technology initiatives, Sourcefire has committed to introducing a next-generation firewall later this year.

Read more about wide area network in Network World’s Wide Area Network section.