Feds serve up a stormy cup of tea to Check Point & Sourcefire

Government fears over national security have slowed the completion of Check Point Software Technologies' $225 million acquisition of Sourcefire.

The Committee on Foreign Investment in the United States (CFIUS) recently informed Check Point, whose global headquarters are located in Israel, of a 45-day investigation it is conducting of the deal. CFIUS is an interagency committee, chaired by the secretary of Treasury, that examines foreign acquisitions of U.S. companies that may have national security ramifications. It routinely analyzes deals during a 30-day review period, occasionally continuing probes with an additional 45-day investigation.

"We spend a great deal of time trying to work with the policies of the parties involved to eliminate any concerns that the government may have about national security," said Tony Fratto, spokesperson for the U.S. Treasury. "When we get to the end of the review period, if those concerns remain, the negotiation goes on to an extended investigative period."

The Associated Press reported today that major objections are related to government use of Sourcefire's Snort-based intrusion detection software to protect classified military and intelligence systems information from the Federal Bureau of Investigation (FBI) and Pentagon. Snort is a widely-used intrusion detection and prevention program that was created by Sourcefire founder Martin Roesch in 1998.

Fratto noted that the need to extend the review process into an investigation is "rare," and would not comment further on the particulars of the Check Point investigation, saying that the ultimate decision rests in President Bush's hands once CFIUS finishes its examination and provides recommendations.

Check Point acknowledged that its acquisition was under inspection in a February press release. However, due to the confidential nature of CFIUS hearings, no official word from any interested parties will be released until proceedings are complete. Officials close to the investigation said that the committee is currently midway through the investigation.

Though Sourcefire does layer proprietary software on top of Snort to create its intrusion detection solutions, the underlying code for Snort is hardly top secret. As an open-source product, it is freely available for download. Since 1998 users across the globe have downloaded Snort over 3 million times, said Michelle Perry of Sourcefire.

"Snort has a tremendous following both domestically and internationally," she said. "That whole openness aspect is huge for the community."

Irrespective of the open source issue, Paul Stamp of Forrester Research said that the federal investigation is fueled by politics more than anything else.

The political furor raised by CFIUS green-lighting the $6.8 billion ports management acquisition by a United Arab Emirates firm put foreign deals under intensified scrutiny.

"I can't help thinking that this is just a little bit of unfortunate timing," Stamp said. "I think the fears are more political than security-based. It is just a storm in a teacup."

In his opinion, the government should have very little to fear allowing a foreign-owned company to take over Sourcefire's technology.

"It would be highly parochial for anybody to block this deal on national security fears," he said. "Unless there are gross errors in configuring the network, any solution that is there to detect attacks is not going to cause any types of threats to national security, whether it is American-owned or foreign-owned."

If CFIUS were to suggest the president put the brakes on this deal, Stamp said that the decision would bear poorly on the government's ability to shop for security products in the future.

"If the U.S. government is only going for products that are solely developed and owned over here, then the shopping list is going to be pretty small," Stamp said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.