Sourcefire Targets Next-Generation Firewalls

Sourcefire is a vendor best known for its Intrusion Prevention System (IPS) technologies and its leadership of the Snort open source IPS. But while the IPS market remains a growth sector for Sourcefire, the company is now also gearing up to take aim at the market for next-generation firewall technology as well.

The move towards the firewall market comes as Sourcefire (NASDAQ:FIRE) reported solid third quarter 2010 financial earnings of $36.2 million, a 32 percent year-over-year increase. The firewall initiative could serve to expand the addressable market for the company, as well as to stave off competition from rivals into its core IPS business.

Sourcefire CTO Martin Roesch explained to InternetNews.comthat there has been some confusion in the market around next-generation firewalls. Next-generation firewall technology is defined as having a stateful packet inspection with application control, with IPS at a minimum.

“We decided to enter space since we see market opportunity there and we think we have a lot to say on the subject,” Roesch said.

A recent reportfrom Infonetics Research has forecast the IPS market to be worth $1.2 billion by 2014, and the sector was reportedly worth $800 million in 2009. Roesch noted that he expects the next-generation firewall market to be at least as big as the market for IPS in the years ahead.

With its core IPS technologies, Sourcefire has built its business starting with open source technologies as a base. But for the next-generation firewall effort, open source technology will not form the foundation.

“We are building the firewall from scratch in-house. We are not using an open source firewall for the basis of this,” Roesch said. “At this time we have no plans to produce additional open source projects others than the projects piloted by Sourcefire now.”

Sourcefire currently leads the Snort IPS, Clam Anti-Virus and Razorback security eventopen source projects.

“The utility of the classic firewall is becoming increasingly limited as time marches on,” Roesch said. “Just because you block the entire Internet except for port 80 — these days it means you’re not blocking anything, since everything is tunneled over HTTP. HTTP is the new TCP.”

Roesch added that many enterprises are now questioning the value of their firewalls, which is where the concept of next-generation firewalls is emerging. The next-generation firewall adds in application visibility features to help control and monitor application traffic.

The move towards a next-generation firewall is also something that other vendors including Palo Alto Networks and even networking giant Ciscoare taking aim at.

Sean Michael Kerner is a senior editor at, the news service of, the network for technology professionals.

Sean Michael Kerner
Sean Michael Kerner
Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

Top Products

Top Cybersecurity Companies

Cybersecurity is the hottest area of IT spending. That's why so many vendors have entered this lucrative $100 billion+ market. But who are the...

Top Endpoint Detection and Response (EDR) Solutions

Endpoint security is a cornerstone of IT security, so our team put considerable research and analysis into this list of top endpoint detection and...

Top CASB Security Vendors for 2021

Any cloud-based infrastructure needs a robust cloud access security broker (CASB) solution to ensure data and application...

Best SIEM Tools & Software for 2021

Security Information and Event Management (SIEM, pronounced "sim") is a key enterprise security technology, with the ability...

Related articles