US.gov probes Sourcefire acquisition
Check Point under foreign investments microscope
Israeli-based security firm Check Point faces a rare full-blown US government investigation over its proposed acquisition of intrusion detection firm Sourcefire. AP reports the Committee on Foreign Investments in the US is to look into the $225m deal following concerns raised by the FBI and Pentagon over the wisdom of allowing the development of technology that forms a linchpin in defending critical systems against hacker attack to move overseas.
The Committee on Foreign Investments in the US is an inter-agency committee which reviews proposed foreign acquisitions of US companies in order to "protect national security while maintaining the credibility of the United States' open investment policy". Sourcefire specialises in intrusion detection software - put crudely hi-tech burglar alarm systems - but Check Point is already a market leader in firewalls, which are arguably every bit as important as intrusion detection systems in combating hacker attack. Check Point's FireWall-1 is in widespread use by government, utilities, and financial institutions worldwide. So from a technical perspective, at least, the Bush administration's special interest in Sourcefire is at least curious.
Check Point said last month that it and Sourcefire were both "committed to working cooperatively with the committee during its investigation", which is expected to last 45 days. The proposed acquisition of Sourcefire by Check Point, announced in October, has already received US anti-trust approval. AP reports that the ongoing Foreign Investments Committee investigation into the Sourcefire deal is only the twenty-sixth time any of 1,600 acquisitions it has considered have undergone a detailed review, following the customary 30 day period of consideration.
Sourcefire founder Martin Roesch developed the popular Snort intrusion prevention software before helping to build Sourcefire as a commercial developer of intrusion prevention and real-time network awareness products. Check Point plans to combine Sourcefire's technology with Check Point's InterSpect internal security gateway and Integrity endpoint security suite to bolster its portfolio of internal security products post-acquisition.
Approximately 10 per cent of Sourcefire's estimated $35m revenues in 2005 came from protecting classified US government systems, Jeffrey W Englander, a software security analyst at America's Growth Capital, told AP. He says Check Point would sooner agree to extricating itself from US government contracts than queering the deal. ®