Just in time for irrelevance, I finally have a few minutes of airplane time to assemble my thoughts on the Cisco/IronPort merger. Overall, I think it was a smart move for Cisco, but not a good deal. $830 MILLION dollars borders on ridiculous for IronPort, who maybe booked $100 million in 2006 (which is a very generous estimate). But it won't even make a dent in Cisco's cash balance or profitability.

So what's with the price?

I've come up with three explanations for the price of the deal. First, Cisco has a set multiple on revenues that they typically pay for a security company. Sure IronPort has more top line than their typical deal, but they couldn't figure out how to unlock that cell in the spreadsheet, so they just paid the money.

Second is that IronPort found something in John Chamber's email that was "unflattering." Being the gateway provider for Cisco for years (can't tell you how many times I saw that goddamn customer slide from IronPort), these guys could have found something "nice" (in Borat speak) and used that as leverage. Yes, I'm joking.

Finally, the most likely situation is a bidding war. It seems that neither Cisco nor EMC (they bought RSA for an inflated $2.1 Billion) likes to lose a deal, even if it costs them a couple hundred extra million. What’s a couple hundred extra million between friends? I guess if you’re friends with Bill Gates or Warren Buffet that kind of holds. I suspect there was another party with a big checkbook interested (starts with a "J" and ends with a "uniper") and Cisco decided they just couldn't lose the deal.

Who looks like the smartest guy on the block? That’s easy, it’s John McNulty of Secure Computing. Relative to this price, he got a steal in taking out CipherTrust for less than $300 million. Personally, I thought CT was fairly valued and was not disappointed in the outcome - but Mr. Market says I was wrong.

Some other thoughts:

Better late, then never - Cisco is late to the content security party. Symantec has been in it for years. Secure Computing took out CipherTrust. And spam continues to grow at an astounding rate. You also have web filtering as a robust product category ready for a replacement cycle (exposing Websense to some negative fallout from this deal), so Cisco gets to play in all of these categories now, which they needed to. You have a lot of customers that like to buy everything from Cisco (even if it pisses off Dave Maynor), so now they can get their content stuff from them too.

Your reputation precedes you - A lot of folks have made a big deal of IronPort's SenderBase (and SpamCop) reputation network, which represents an effective way to block spam at the perimeter based on who is sending it. Reputation doesn't just apply to email, so having a big database of the relative "intent" of many of the IP addresses out there is a good thing. Cisco will leverage this heavily over the next few years, unless they are stupid - which they are not.

Encryption: sure we'll take some of that - IronPort had bought PostX in October for a song and a dance so now that goes along with the deal. But I suspect the secure envelope technology will get lost within Cisco, who barely understand that email is an application. The idea of statement delivery and other application level encryption is too much for Cisco to grasp right now. PGP and Voltage rejoice.

Losers

The most visible losers are the former CipherTrust shareholders, who evidently got swindled. Yes, I was one of them. But I don't play the woulda, shoulda, coulda game. Chaudhry got the deal done and in all likelihood walked away with more than Scott Weiss. Good for them, buy an airplane. That's all I have to say about that.

All but one of ProofPoint, Borderware, Tumbleweed, Mirapoint, and Barracuda are exposed. There is only one chair left and the music will probably stop by mid-year. Once Juniper makes its play, the rest of the folks are left holding the bag. If I had to bet, I'd say Juniper will take Proofpoint out. Borderware is a dark horse because the price would be significantly lower and they do have that SIP security box, which may interest Juniper - who knows a thing or two about networks.

Wherefore art thou IPO?

There is also a lot of speculation relative to whether another security IPO (after Guidance Software) will happen. Sourcefire has filed, though there is always the possibility they'll be taken out before they get it done. The UTMers - Fortinet and Crossbeam are the others frequently mentioned as IPO candidates.

I actually think both will file and one will get the deal done in 2007. Most of Big Security with Big Checkbook already has a UTM offering. Check Point could take out Crossbeam, which would make sense - but it's hard to envision who would take out Fortinet at a billion dollar valuation. Maybe when Alcatel-Lucent eats enough of whatever the French equivalent of Tums is, they'd be ready to get back into the enterprise game. Maybe Nortel. But probably not.

So I haven't given up on a Security IPO in 2007.