Network World
Friday, April 18, 2014
Get information about your IP
IP Information
50+ On-demand DNS and network tools
Error 404--Not Found

Error 404--Not Found

From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:

10.4.5 404 Not Found

The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent.

If the server does not wish to make this information available to the client, the status code 403 (Forbidden) can be used instead. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address.

Check Point and Sourcefire get hitched

Related links

Security Notes RSS feed

E-mail Ellen Messmer

Security Notes archive.

Security forum
Discuss Security Notes and other Security topics.

By now you've probably heard that Check Point Software Technologies, that Israeli-inspired success story in the firewall business, intends to hook up with Columbia, Md.-based Sourcefire, founded by Martin Roesch in 2001 to commercialize his wildly successful intrusion-detection system (IDS) freeware, Snort.

Check Point CEO Gil Shwed and Sourcefire CEO Wayne Jackson last week announced a deal under which Check Point will buy privately held Sourcefire for $225 million, which, if anything, is good news for executives at Sourcefire, which still isn't turning a profit.

As in Hollywood, many in the IT industry are wondering about what will happen when two stars like Check Point and Sourcefire get hitched: Can they really be happy together? One person I asked who knows them well is Joel Snyder, senior partner at OpusOne, a consulting firm in Tucson, Ariz., who has done test reviews of both vendors' products over the years.

Says Joel: "I have personally been pretty concerned about Check Point for quite a while. They went from a position of massive innovation and creativity to a fairly stand-still position. I think the release of NG as more or less their peak, and the company has been in a holding pattern for a while since then.

"Of course, they have come out with three major products: their SSL VPN, IPS, and Security Event Management (SEM). Plus, they acquired Zone. So, it's not like they haven't been busy. However, while all their products met the basic bar of functionality, I have never thought they represented the best that Check Point has done in the past. Good, but never exceptional and innovative.

"The Sourcefire people I have known for quite a while (we were involved with them from the very beginning) and they have massive innovation and creativity going on. The push to take Snort from an engine to an enterprise-ready IPS/IDS, along with all of the management issues that come with it, has kept them very busy. I have seen that their products have moved very quickly and brilliantly from 'proof of concept' to 'ready to use.' In a sense, Sourcefire is displaying the innovation that Check Point did during the 1990's.

"To me, having these teams mix together seems like a recipe for success. The Sourcefire guys have a lot they can teach Check Point, and similarly, Check Point has a lot they can teach Sourcefire. I see this as a win-win for all involved: Sourcefire customers, Check Point customers, and for the two development teams."

OK, that's Joel wishing the happy couple the best in their new life together. But next, here's Joel starting to sound a bit more like "Dr. Phil," that unflappable TV marriage counselor:

"Of course, there is always the question of integration. The Check Point team is not known for being the easiest to work with, and the same claim might be made for Sourcefire. There is the potential for some disharmony and dysfunctional behavior early on. However, I know that Gil is a brilliant guy and hopefully cut the kind of deal where there are some strong incentives on all sides to keep the team together and succeed.

"So, to me, the greatest threat here is that there will be a problem integrating the two companies. Because if they do not integrate, then it's definitely going to be a massive flop. If they do integrate, the potential is great for Check Point to succeed in this venture. I certainly hope so, not just because I like all the people involved here (and know some of them personally) but because I think that it will be good for the industry."

That's Joel. To me, the deal has the potential to bring Check Point into a much stronger position in intrusion-prevention. However, that said, Sourcefire was slow to make that leap from IDS to IPS relative to other vendors that barreled into active blocking as opposed to passive monitoring as Gartner whipped the idea along in the "IDS is dead" era a few years ago (Martin Roesch voiced worries about false alerts and blocking. That caution, while admirable for its honesty, probably sacrificed market and mindshare for Sourcefire.)

However, in one of the innovations Joel alludes to, Sourcefire developed the Real-time Network Awareness (RNA) sensor for traffic analysis. That alone may be worth acquiring Sourcefire, and Check Point's Shwed, in a conference call last week with Wall Street financial analysts craving more detail, had high praise for RNA.

Network World's test review of RNA, conducted last year by Joel, can be found here.

While somewhat circumspect about the future of the planned Check Point and Sourcefire union, Shwed did let it be known that Sourcefire could account for between 6% to 8% of Check Point's earnings next year.

Let's hope this marriage of the stars fares better than it often does in Hollywood.

Back to Security Notes


Post a comment


E-mail address:



Remember info?