John Katsaros

And who said that the bubble couldn't strike twice in the same decade!  We've followed the spam bubble for three years and it continues to grow.  This time around it was Cisco's announcement that it would acquire IronPort for $830M.  Since March, 2004, we've counted eight anti-spam startup company acquisitions in excess of $1.6B.  Cisco's purchase price of IronPort accounts for about half of the total.  Coming just six months after Secure's acquisition of CipherTrust, the eight times sales purchase price either makes Cisco look high or Secure look like geniuses for getting such a good deal -- time will tell.  It's important to put these numbers in perspective -- the total market for spam add on product sales in 2006 was around $1B.  Cisco claims that the market is twice that size but maybe we're counting different things.  If the market is still growing fast, let's say 40% a year, then you're talking about a $5B market and, if Cisco's IronPort unit can grow its share above 30% then that's a tidy $1.5B annual revenue stream.  But cut that growth in half and you're left with annual sales five years out less than what they paid to get into the business.  In either event, right now there's plenty of champagne to go around -- investors in all of these anti-spam companies have made money -- some far more than others.  But investors in the 25+ other companies anti-spam companies may start worrying since they are now competing in a market where both Cisco and Microsoft each want to grow share.  With Secure Computing and Symantec holding sizable market share as well, the tier 2 and 3 players will soon start to struggle.  Here's our updated "Spam Hall of Fame" table.

The first thing that comes to mind when you look at Cisco's purchase of IronPort is whether or not this is, finally, going to be the beginning of a direct confrontation between Cisco and Microsoft.  Up until now, both companies have nimbly avoided the appearance of a head to head battle despite the fact that they could go into direct battle in several areas (such as NAC and NAP).  And it has probably been a wise decision on the part of each to avoid a fight -- especially since most enterprise customers consider each to be strategic and would prefer them figuring out ways to work together.  But the IronPort acquisition positions Cisco directly against Microsoft's new Exchange 2007 Edge Server, a product built specifically to fit into the DMZ and reduce/eliminate the need for third party mail cleansing products.  Cisco might argue that their products apply more broadly than to just Exchange, but the spending in the market tells a different story as Exchange spending far exceeds the sum of the other enterprise e-mail systems.  Maybe this point wasn't that obvious to Cisco when it decided to enter this sector of the business -- up until recently, Microsoft didn't have much of an e-mail hygiene story.  But in the past Exchange 2007 is barely out of the starting gate -- it's going to be fun watching to see how this showdown shapes up.

IronPort's recent announcement of its acquisition of e-mail encryption specialist PostX comes at an interesting time.  For years, e-mail encryption companies have been knocking on enterprise doors but not getting much interest.  Combining e-mail encryption within an IronPort edge appliance is a good idea -- IronPort has a substantial installed base and has the capability to conveniently package PostX functionality to gain user adoption.  Plus, it gives IronPort more product functionality to sell to its installed base, always a good idea.  Interestingly, Microsoft's Exchange 2007 is also trying to make headway with secure mail functionality by offering opportunistic TLS encryption as part of its new edge functionality.  While these are "apples and oranges" security methods, the big question for IronPort is whether it can substantially gain adoption of its new PostX functionality ahead of the deployment of Exchange 2007.  But it may just be that the biggest obstacle to e-mail encryption -- user convenience -- is being solved by re-packaging the solution as a function of the edge.