Check Point, which has a lot to do with VPNs, is buying Sourcefire, which has almost nothing to do with VPNs, but does make intrusion-detection software based on Snort open source code.

This is part of a trend started by Check Point two years ago when it set down a roadmap to expand its network protection into three areas: Web, perimeter and internal. The company is offering layered security so if one layer fails other layers back it up.

In an effort to do so, the company is buying up technology, notably Zone Labs for its software that enforces remote computers to meet business security policies.

The company's firewall and VPN software already handled the perimeter and the company introduced other products to secure computers connecting to corporate networks, software to correlate security events and an internal security gateway.

With the $225 million cash acquisition of Sourcefire, Check Point is overlapping some with what it already has, but clearly trying to bolster its internal network security and security-policy enforcement. This sets it at odds with other vendors that are trying to convince businesses to upgrade their switches and client software to provide similar protection.

As this network-based approach to security screening and policy enforcement attracts more attention, business customers will have to decide whether they want to beef up their network hardware to do so or overlay software and security-enforcement devices on their networks.

Check Point is hoping businesses decide the latter, and will push this choice on its VPN customers that perhaps weren't thinking about comprehensive network security when they bought the Check Point gear.

Tim Greene is senior editor at Network World.