Secure Computing acquires provider of identity-based monitoring solutions Securify

(04/09/2008)

Secure Computing Corporation has announced it has signed a definitive agreement to acquire Securify, a provider of identity-based monitoring solutions, for approximately $15 million plus an earn-out of up to $5 million. The purchase price is payable in cash or, at Secure Computing’s election, partially in shares of Secure Computing common stock. The acquisition is expected to close in the fourth calendar quarter of 2008, subject to certain closing conditions.

Securify, based in Cupertino, CA provides a solution for monitoring and controlling user access to applications within complex and rapidly changing networks. Its 'plug-and-play' appliance offers automatic discovery and policy development in intuitive business terms of users, groups and applications. By monitoring network traffic against these policies and leveraging transparent integration with user directories including Microsoft Active Directory, Securify’s solution immediately identifies and alerts organisations to out-of-policy behaviour in real time, whether accidental or intentional. Securify can also initiate automated blocking actions in routers, switches or, in the case of Secure Computing, in firewalls.

“In the near future, the combination of our products will facilitate a seamless workflow where out-of-policy behaviour can be analysed, reported and, in combination with Secure Firewall, automatically mitigated,” said Dan Ryan, president and chief executive officer of Secure Computing. “Longer term, combining Securify’s technology with Secure Firewall will allow us to deliver a unique, next-generation firewall that enforces business policy by enabling visibility and control over applications and user access, as opposed to the current paradigm of protocols and IP addresses.”

Increasing compliance demands and insider risk mitigation, coupled with accelerated opening of the network, are shifting the focus to internal user-based access control in the enterprise. This necessitates not only true application recognition, but more granular application-specific controls to balance adherence to business/mission policy, compliance and security needs. In this environment, control and availability gaps continue to grow as infrastructure complexities increase and business change accelerates.

“Old-school firewalls inspect packets and associate ports with protocols and applications, but this is inadequate for the Web 2.0 world,” said Chris Christiansen, program vice president, Security Products and Services at IDC. “Today, most Internet traffic is dynamic and applications run across multiple ports. In this dynamic environment, enterprises worry that the increasing use of Web-based applications may be responsible for leaked data, malware infections and policy violations. With this acquisition, Secure Computing now has the necessary capabilities for next-generation firewall technology that includes application inspection and user-aware access.”

“Securify sells primarily into federal government and other high-assurance markets, including financial services. This is consistent with Secure Computing’s core firewall market, and will provide a significant opportunity to deliver complementary value across existing and future customers both domestically and internationally,” said Buck French, chief executive officer at Securify. “By joining forces with Secure Computing and building upon their strength and expertise in the firewall market, we are uniquely positioned to deliver a true next-generation security solution to help customers control user access and behaviour while complying with today’s increasing audit and policy requirements.”

1. Application awareness and inspection that will enable organisations to monitor and control all regular and encrypted traffic going in and out of their network
2. Intrusion detection and prevention (IDS/IPS) using both signature and anomaly-based techniques
3. Global reputation and geo-location protection to provide immediate defence against zero-hour threats
4. Automatic baseline traffic discovery to help organisations understand their own typical network and application traffic patterns associated with their users
5. User and group-based policy development and enforcement to ensure protection of key corporate resources to prevent inadvertent data leaks

These capabilities, along with the stringent application-layer common criteria certifications already awarded to Secure Firewall will make this solution crucial to all enterprises upgrading their firewall security.

Related topics:  Firewall   Security Companies 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources