The Ashimmy Blog

By now you probably have heard that Endforce has been acquired by Sophos, the UK based anti-virus vendor.  For Sophos this is another step on the path they have been following seeking to diversify beyond just anti-virus.  They have added application control and HIPS as well.  They are seeking to take on McAfee, Symantec and the other big boys, but make no mistake, they are clearly a tier 2 or 3 player.

For Endforce though, I think it is another story.  I had heard rumors of Endforce being shopped pretty hard around town, as customer acquisition and revenue was not keeping pace with the burn. Endforce, for those not aware had already been through several iterations and business models.  In one, their name was SmartPipes, in another they were primarily a VPN provider.  When NAP came along their current technology direction dovetailed pretty well with the concept and they were a fairly early entrant in the NAC market.  They supported TCG and NAP frameworks.  Frankly, I think what hurt them early on was they were strictly agent based, though I believe they have a web based client now as well. They did in fact win a few enterprise deals. However, like many of the stand alone NAC vendors, I think the time from the hype to the period of revenue flowing in was just too long for them. Truth be told for such an over hyped market such as NAP, many vendors are having a hard time cashing in.  Too many also rans, who don't have the mojo to see it through.

Now I know what you are saying, Alan, Endforce did not go out of business, they were acquired and the investors were able to get some money out. It is not a bad thing.  I say bull.  Lets face it Sophos is no Cisco or Juniper. I would be very, very surprised if they paid anything over 20 to 25 million dollars for Endforce.  With the amount of money that has been invested in the corporate entity that is Endforce, I would bet the investors took a bath on this one and they grabbed at the first life raft that floated by and lent a hand.  You want to say I am a competitor and am spinning this for my own purposes.  Sure, go ahead and say it, you have every right too.  However, I have been around the block more than once and this is my take on exactly what happened here.  Now, twenty to twenty-five million is a lot of money. If this was based upon just 5 or 7 million being invested in Endforce, it would not be a bad return.  But in this case it is a fraction of what was pumped into Endforce.

This is more a case of Sophos doing a little bottom feeding, akin to Checkpoint's acquisition of NFR a few weeks back.  It is a lot better than closing the lights and the technology can find a home.  The question is, if it was not good enough to stand alone, will it be good enough in the new entity.  In the case of Checkpoint, their market share may allow them to successfully use the NFR technology. In the Sophos case, unless it is a Sophos only shop I don't think it is going fly.  Fact is usually in these kind of cases the talent leaves as soon as the options can be cashed or a better offer comes along. Successfully integrating acquisitions is not easy.  My question to you is:  Is this the new trend in security?  Will we see consolidation more as a result of companies getting something for their IP, rather than just closing the lights?  Is that really consolidation?  Fact is there are too many security companies and this is one way to get rid of them, but is it the best way?