News Stay informed about the latest enterprise technology news and product updates.

Cisco acquires SaaS security vendor ScanSafe

Cisco said the move would complement its line of IronPort appliances by offering customers Web security gateway services in the cloud.

Cisco Systems Inc. announced today its acquisition of Web software-as-a-service security provider ScanSafe for $183 million, a move that could complement its appliance-based IronPort Web security gateway products.

To get security news and tips delivered to your inbox,  click here to sign up for our free newsletter.

The announcement comes just two weeks after Barracuda Networks acquired Purewire another SaaS Web security company, which had been in business for just over a year. This leaves only Zscaler

"The competitive need is that Web content filtering makes sense to move into cloud," said John Kindervag, senior analyst for Forrester Research. "To compete Cisco would have to build their or buy to a SaaS model to integrate with their IronPort on-premise products, and Cisco would rather buy than build."

Cisco has been a player in the Web security gateway and email security markets since its acquisition of IronPort in 2007, focusing on the enterprise market with high-end appliances. But competitors have been offering host-based Web security services, which appeal to midmarket companies. These competing vendors are also selling hybrid offerings, with appliances or software at large corporate sites, and cloud-based services for remote workers and smaller branch offices.

Web security gateway in the cloud:

Barracuda acquires Purewire expanding Web security reach:
The acquisition broadens Barracuda's delivery model for URL filtering and securing Web applications through software as a service (SaaS) and hybrid approaches. 

SaaS startups enter Web security gateway market
: Web security vendors Zscaler Inc., Purewire Inc. enter growing Software as a Service (SaaS) space dominated by appliance vendors.

Whitelists, SaaS modify traditional security, tackle flaws: It is time for IT professionals to transform security into a capability that is as dynamic as the attack landscape, says security expert Eric Ogren of the Ogren Group.

"With the acquisition of ScanSafe, Cisco is executing on our vision to build a borderless network security architecture that combines network and cloud-based services for advanced security enforcement," said Tom Gillis, vice president and general manager of Cisco's Security Technology Business Unit.

The announcement leaves only Zscaler, which debuted the same day as Purewire, as a major independent host-based Web security service provider. Messagelabs was acquired Symantec Corp., followed quickly by McAfee's purchase of MX Logic. Other competitors include Websense Inc., Blue Coat Systems Inc., Trend Micro Inc., Aladdin Knowledge Systems, Sophos, Webroot Software Inc., FaceTime Communications Inc. and Anchiva Systems Ltd.

Email security vendors frequently offer Web security products and/or services as well, either their own or through OEM deals—and vice versa. ScanSafe has a number of such OEM partnerships, including Google/Postini and Kaspersky Labs.

Web security gateways grew out of URL filtering products, designed primarily to monitor and enforce Web usage policy for HR reasons, such as keeping employees off porn sites, and productivity. The rise in Web-based malware has shifted much of the focus on scanning for user calls to malicious or compromised Web sites. The third common feature is application control over things like instant messaging, P2P apps and Skype.

Email and, to a lesser extent, Web filtering, have been significant in the trend to host-based security services, as more and more IT functions move to the cloud.

"I've heard that Cisco will build more cloud-based infrastructure," said Kindervag. "This would be part of a larger strategy that Cisco will try to put more services in the cloud."

Dig Deeper on Web application and API security best practices

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.