Sourcefire Takes ClamAV


Sourcefire , the company behind leading open
source intrusion detection system Snort, is acquiring the open source antivirus
project ClamAV. The move joins two widely used open source security tools
under one corporate umbrella, as Sourcefire ramps up its efforts in the
multi-billion-dollar security gateway market.


Wayne Jackson, CEO of Sourcefire, noted on an investor conference call that
there is strategic significance in bringing together two of the industry’s
most important open source technologies together.


“This acquisition broadens and effectively doubles Sourcefire’s open source
footprint, and it also opens substantial new opportunities in a large and
rapidly growing commercial market,” Jackson said.


Financial terms of the deal are not being publicly disclosed at this time.
As part of the deal Sourcefire will be obtaining all of the ClamAV
trademarks, copyrights and domain names, as well as the project itself and its
five core members.

Sourcefire has pledged that the core ClamAV project will
remain available under an open source license.


The ClamAV project currently boasts that almost 1 million unique IP
addresses contact the project’s servers every day to get the latest malware
updates. ClamAV does antivirus scanning and can run on Windows clients and servers.


Jackson explained that Sourcefire has a three-phase business plan for
ClamAV. The first phase, which will kick off in the fourth quarter, will offer support and training services for ClamAV.


The second phase, which should roll out in the first quarter of 2008, will make
a commercial version of ClamAV available for vendors that don’t want an open
source version.


By 2008 the third phase will kick in where Sourcefire is expected to have a
physical product offering that will fit into Sourcefire’s network gateway
security portfolio.


But don’t expect to see Sourcefire rolling out a commercial desktop solution
based on ClamAV.


“Our principal focus is the network layer,” Jackson said. “The desktop layer
is not our current focus.”

ClamAV is part of numerous solutions already, including those from open
source network gateway vendors Untangle and Vyatta. Untangle actually has
alleged that there has been a conspiracy by testing labs to not properly
rank ClamAV.

A Fight
Club event
at LinuxWorld occurred as an attempt to try and prove that
ClamAV is as good, if not better than, proprietary vendors’ solutions.


The acquisition might also prove that open source
antivirus has a commercial future.


“This is an important deal with ramifications in the open source and
proprietary software and enterprise security software industries,” 451 Group
analyst Nick Selby wrote in a blog post.

“The acquisition, Sourcefire’s
first since going public, extends and builds upon Sourcefire’s successful
Snort efforts, proving the community/commercial hybrid model can not only
work but work in such a way as to support a company which (current stock
price woes aside) is publicly traded.”

Get the Free Newsletter!

Subscribe to our newsletter.

Subscribe to Daily Tech Insider for top news, trends & analysis

News Around the Web