| Page 2 of 2 < |
Sourcefire Turns Failed Deal Into an Opportunity
|
TOOLBOX
   Resize
COMMENT
 Discussion Policy
 CLOSE
Comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions. You are fully responsible for the content that you post.
Who's Blogging  |
"One of the security virtues of open source is it's open to everybody's scrutiny," Crawford said. "You can look at every line of code, and in that sense, it's inherently more trustworthy. If there's a weakness that exists, it's more probable that someone will catch it because so many eyes are looking at it."
Anyone who uses Snort for commercial purposes must publish changes made to the software or to any software they create that links to Snort, said Roesch, who is Sourcefire's chief technology officer.
It's an honor system, he said, but ignoring the rules "results in the technology equivalent of accounting fraud. Someone figures it out and blows the whistle on you and everyone who writes open-source software basically blacklists you."
So how does a firm that offers its wares free make money?
By enhancing its offering.
The free Snort basically inspects traffic for potential threats to a network, but the money-making Snort adds to the technology by enabling it to make decisions about the flow of traffic and block attacks in networks on a global scale. Those added features, particularly the prevention aspects, are what companies and intelligence agencies find useful.
"It's one thing to give away the engine for free, and it's another thing to build the car," Jackson said. "We make the whole car and make it robust and fail-proof."
Most of the company's money comes from ready-to-use hardware loaded with Snort programs that sell for $6,000 to $125,000, depending on the rate of traffic it is capable of inspecting. The equipment fits directly into the customers' network. More money comes from distributing updates of Snort's detection rules in advance of their release on the Internet.
Greg Young, an analyst at information-technology research firm Gartner Inc., said the real value of open-source Snort is that it gives Sourcefire greater foot-in-the door recognition for selling the souped-up commercial product.
"There's a mistaken perception that Check Point was buying Sourcefire for open-source Snort," Young said. But they were really buying them for the intellectual property they have around the commercial product, he said.
