The commercial potential of open source security products won a financial

vote of confidence last week when the author of the hacker-busting freeware

program Snort pulled in $2 million in venture capital, and moved his

year-old start-up company out of his suburban Maryland living room.

Martin Roesch wrote Snort as a lightweight intrusion detection system in his

spare time in 1998. The program quickly became hugely popular: one vendor

estimates there are 100,000 Snort installations worldwide, and the project's

official Web site boasted nearly 10 million downloads in it's first year of

operation. The software's been ported to nearly every operating system

platform, and the documentation translated into at least seven different

languages.

What Snort lacked was the user-friendliness and commercial support demanded

by corporate IT departments. With that in mind, Roesch launched Sourcefire in January, 2001, to build a

commercial-grade appliance with Snort at the center. "You don't have to be

a guru to run it, and its faster and easier to run," says Roesch. "So the

guys that need to go to their bosses and get approval, if they need a

commercial entity backing their IDS engine, we give them a place to go."

Of course, others have had the same idea. Silicon Defense, which has

contributed to Snort, began offering commercial support for the free IDS

last March, and sells a sensor appliance of its own, while Guardent recently

rolled out an all-in-one open source security box that bundles Snort with

the IPTables firewall program and the Nessus vulnerability scanner.

IDC analyst Chris Christiansen says there are still more commercial

incarnations of Snort on the way.

"We've seen a number of companies that intend to sell Snort-based security

products on a commercial basis in the last few months," says Christiansen.

"It's gaining a lot of credibility. It's coming out of the open source space

and its looking like it going to be a significant revenue generator."

As the head of the open source project, Roesch hopes that Snort's

credibility will accrue to Sourcefire. Either way, he's gearing up for the

competition, moving the company into an 8,000 square foot furnished office

in Columbia, MD, interviewing for new hires and sniffing out a CEO. "We're

going to hire on the order of at least twenty to thirty people fairly

rapidly," says Roesch. ""I've started calling my friends and saying, it's

time to get on a plane. It's go time." By Kevin Poulsen