Interview: Sourcefire's Martin Roesch

How long have you been in the Australian space and what are your short and long-term plans for the market?

Sourcefire has been doing business in the Australian market for about 4 years now. Through relationships with a number of loyal partners we’ve established strong traction in Australia.

The short-term goal in the Australian market is to set up an Australian presence to better serve our customers, partners and prospects. To that end we’ve recently announced Sourcefire’s expansion in Australia.

Our long-term goal is to become the leading network security provider in all of Australia.

What verticals do you currently target in the Australian market?
While SNORT®, the Sourcefire 3D™ System, and Enterprise Threat Management (ETM) are all designed as horizontal applications, they certainly work effectively in specific industries where network security and policy and regulatory compliance are top IT priorities.

Some of our most successful deployments in the Australian market have been in the Financial Services, Government/Public Sector, Law Enforcement, and Power and Utilities industries

How will Sourcefire better develop its relationship with Australian channel partners and resellers – are you planning any special initiatives planned?
Sourcefire works with many leading resellers and system integrators in Australia.

We service the market through our distributor UNIXPac, as well as OEM relationships with Nokia, Crossbeam and others. Sourcefire plans to bolster our partner relations and programs by deploying a local Sourcefire presence in Australia.

This Australian based team will be able to support our relationships with these partners and resellers. Also, it is important to note that virtually all Sourcefire sales to date in Australia have been driven through the channel.

The ClamAV acquisition allowed Sourcefire to integrate anti-virus and anti-malware technology to your intrusion prevention technology. What other categories of security is Sourcefire interested in and will they be achieved through further acquisitions or through internal R&D?
Sourcefire’s Enterprise Threat Management approach is based on bringing a number of security technologies together under a single console. Today those technologies are IPS (intrusion prevention), NAC, NBA (network behavioural awareness) and VA (vulnerability assessment).

Our product strategy is to increase the capabilities and reach of the 3D System. We expect to evaluate some smaller acquisitions as well as continue our investment in internal development

You have previously suggested that the ClamAv acquisition will trigger Sourcefire’s move towards ‘more intriguing new markets’. What would you consider as new emerging markets are?
Many critical market segments depend on ClamAV’s ability to identify deeply embedded threats, such as viruses, spyware and other forms of malware. These include:

• Unified Threat Management (UTM) Systems
• Secure Web Gateways
• Secure Mail Gateways

Each of these segments potentially is a logical extension of Sourcefire products.

Sourcefire’s share price has significantly dropped since its original public offering in March – what were some of the main factors behind this downturn and what steps is Sourcefire taking to recover from it?
Sourcefire doesn’t speculate on the potential reasons behind market fluctuations in our stock price. Our focus is 100 percent on executing on our plan to deliver value to our customers and shareholders.

Experts claim that security needs to be proactive rather than the traditionally reactionary approach – how does Sourcefire provide a proactive approach to threats?
To be proactive you need to approach security in a continuous, coordinated manner to manage threats before, during and after an attack. Sourcefire’s ETM approach consolidates core security technology to manage threats across this entire continuum. Based on real-time intelligence, Sourcefire can determine what is on your network and if those assets are adhering to security and configuration policy. This enables you to harden assets and minimise risk before an attack.

During an attack Sourcefire correlates this data with security event data to determine the potential impact, alert appropriate personnel and/or automatically block the attack. After the attack you’ve got to minimise the damage by knowing what assets were affected and what actions to take. By brining together IPS, NBA, NAC, and VA technologies Sourcefire provides continuous protection.

Where do you see open-source security technology fitting into the security landscape in the next three years and what will be the main security concerns throughout this time. In your view will threats evolve further?

With the speed at which the threat landscape changes, it’s difficult to predict what specific concerns will emerge over a three-year time frame. What we can be certain about is that threats will continue to evolve and become more sophisticated and that the pace of evolution will accelerate.

Over the past few years we’ve seen open source security technology evolve into a critical part of the security tool kit of F1000 and G500 companies as well as government agencies. Sourcefire expects this growth trend in mainstream adoption of open source to continue.

Sourcefire combines the hallmarks of open source - rapid innovation, open standards and flexible architecture with the dedicated, support, training and professional services that enterprise customers demand.

opensourcesecuritysourcefire