Sourcefire Officials Hopeful Over Sale

Sourcefire Inc. executives, from left, Wayne Jackson, Tom McDonough, Martin Roesch and Todd Headley. The firm has agreed to be acquired for $225 million by Check Point Software Technologies Ltd. of Israel.
Sourcefire Inc. executives, from left, Wayne Jackson, Tom McDonough, Martin Roesch and Todd Headley. The firm has agreed to be acquired for $225 million by Check Point Software Technologies Ltd. of Israel. (By Michael Williamson -- The Washington Post)

Network News

X Profile
View More Activity
By Ellen McCarthy
Washington Post Staff Writer
Friday, March 3, 2006

Executives of Sourcefire Inc., the Columbia company whose sale to an Israeli firm has been delayed pending a national security review, said yesterday that they believe the concerns surrounding the deal can be resolved.

In early October the information security firm announced an agreement to be acquired for $225 million by Check Point Software Technologies Ltd., the firm run by Israeli tech pioneer Gil Schwed. Though based in Ramat Gan, Israel, the firm has a U.S. headquarters in Redwood City, Calif., and is publicly traded on the Nasdaq Stock Market.

The Sourcefire deal nevertheless has come under scrutiny, apparently because of the company's contracts with sensitive government clients, and is being investigated by the Committee on Foreign Investments in the United States.

"I'm pretty stunned. Who would've figured 140 people in Columbia, Maryland, would be embroiled in a world controversy?" said Wayne Jackson, Sourcefire's chief executive.

CFIUS is the interagency panel that is reviewing the potential purchase by a company from the United Arab Emirates of a British firm that operates U.S. ports.

Five-year-old Sourcefire sells software that monitors computer networks for potential threats. About 13 percent of its revenue comes from federal clients, including civilian and defense agencies, Jackson said.

Tony Fratto, a spokesman for the Treasury Department, which leads CFIUS, said, "Certain members of the committee have outstanding concerns that there's potential risks to national security were the transaction to proceed."

Sourcefire is something of a darling of the local tech sector, in part because of its roots in the open-source community. The company was founded in 2001 by Martin Roesch, a programmer who started working on the basic product, "Snort," in an open-source forum that allows anyone to see the programming code and contribute to it. Though the product was eventually commercialized and Sourcefire brought in more than $30 million in revenue last year, the basic code remains freely available to anyone with an Internet connection.

"What nobody's talking about is the fact that Snort, which is at the center of all this hubbub, is open source. . . . China could be using it. Iran could be using it. North Korea could be using it," Jackson said. "Nothing's being transferred except control, and those are issues that could certainly be addressed with the committee."

Because such investigations are often kept secret, even from the parties involved, executives of Sourcefire and CheckPoint may not know which aspects of the deal are raising red flags for regulators. The companies would not comment on the details of the investigation or on their discussions with government officials.

Still, Jackson said he is "confident that measures can be put in place to mitigate whatever risks the federal government believes might exist." He also said the firm will continue to serve its federal customers throughout the investigation, which is expected to conclude this month with a report to the president.

Check Point, the Israeli firm, manufactures a widely used firewall program and has a separate federal sales office to market to the U.S. government. It has acquired U.S. firms in the past, including San Francisco-based Zone Labs Inc. in 2004.

The Sourcefire deal is being closely watched regionally because it has a number of local investors, including Core Capital Partners LP of the District, New Enterprise Associates of Baltimore, and the Maryland Department of Business and Economic Development. Inflection Point Ventures of Newark, Del., and Sierra Ventures and Sequoia Capital, both of Menlo Park, Calif., also have invested in the firm.

None of the venture capitalists would comment publicly on the investigation. Ray Rice, a limited partner in Core Capital, said he is confident that Sourcefire will have a number of other suitors if the Check Point deal is killed.

"Frankly, I can wait six more months," Rice said.

Jackson said the company is committed to seeing the Check Point acquisition through and is cooperating with the committee.


© 2006 The Washington Post Company

Network News

X My Profile
View More Activity