security – Page 20 – Inorganic Growth

More than one way to market

February 2, 2010 Brenon Daly

Apparently, UPEK really wants to be a public company. It put in its IPO paperwork back in mid-2007, only to pull it in March 2008. Unlike other former filers, however, the biometric security vendor hasn’t dusted off its S-1 in an attempt to hit the public markets. (In the past week, both Convio and GlassHouse Technologies have re-filed to go public.) Instead, UPEK wants to get on the Nasdaq by picking up a rival that already trades there.

UPEK lobbed an unsolicited offer at AuthenTec on Friday that basically envisioned consolidating the two companies, which make fingerprint sensors, into a single business. Equity ownership would be evenly divided between the two sides. For its part, AuthenTec has been a public company since mid-2007, although its shares have lost some three-quarters of their value in that time. On Monday, AuthenTec, advised by America’s Growth Capital, rejected UPEK’s ‘highly dilutive and speculative transaction.’

Charting the market

January 5, 2010January 6, 2010 Brenon Daly

Contact: Brenon Daly

To get a sense of the relative health of the overall M&A market, it’s often more revealing to look at a specific sector and chart the valuation fluctuations over time. Take the highly visible – and rapidly consolidating – market for governance, risk and compliance (GRC) software. (Or, as my colleague Paul Roberts would have it: GRC stands for governance, risk and consolidation.) Since GRC straddles a number of technology areas (security, BI, performance and policy management, and others), it’s natural that we’ve seen a steady flow of deals across this sector. (We highlighted that in a report last spring where we offered our own (admittedly weak) take on the GRC acronym: ‘Get Ready for Consolidation.’)

Conveniently enough, we’ve seen a number of GRC deals inked recently that encapsulate the state of the broader space. (This isn’t meant to be a comprehensive tally of deal flow in the sector, but rather a selection of illustrative transactions.) Back when the markets were soaring in 2006, SAP paid an estimated 10 times trailing sales for Virsa Systems. By late 2007, the multiple that Sun Microsystems paid for Vaau had come down to an estimated 7x trailing sales. (Incidentally, Sun announced that purchase right as the Nasdaq, which had been at its highest level since early 2001, began a protracted slide that ultimately cut the index by more than half. It still hasn’t recovered to the level of November 2007.)

A year later, the multiple had been cut in half, with Thomson Reuters paying an estimated 3x trailing sales for Paisley. The upheaval in the early part of last year put even more pressure on valuations, with McAfee paying just 2.5x trailing sales for Solidcore Systems. And then on Monday, EMC announced that it was making its own GRC play, reaching for industry veteran Archer Technologies. While terms weren’t disclosed, we’re pretty confident that Archer’s valuation rebounded from the level that Solidcore got just six months ago. We understand that Archer finished last year with about $32m in sales, and would guess that it sold at a price in the neighborhood of $200m, meaning they got twice the multiple Paisley got a year ago.

What a pair of startup sales tells us about the recession

December 7, 2009 Brenon Daly

Contact: Brenon Daly

If there was any doubt that the M&A climate has warmed since the beginning of this year, consider the relative exits for a pair of database-monitoring startups. Back in February, when venture funding was hard to come by and wind-down sales were plentiful, Tizor Systems sold to Netezza for just $3m. Fast-forward nine months, and Guardium sells to IBM for an estimated $230m. Viewed another way, Tizor returned just one-tenth the amount of venture funding it raised, while Guardium returned more than 10 times the funding it raised.

Granted, the relative returns of Guardium and Tizor probably have more to do with the business performance of the two rivals than what was going on in the economy. After all, Tizor was limping along with just $2m in sales, while Guardium was sprinting along at around $40m. (Both companies were founded in 2002.) That said, we’re pretty confident that the fact that the US is no longer (officially) in a recession certainly didn’t hurt the valuation of Guardium, a company we have thought has been in play for some time.

Indeed, as we look down our list of recent IT security deals, we can’t help but notice that the three largest transactions – all of which saw marquee tech companies paying above-market multiples – have come in the past four months. In addition to the sale of Guardium to IBM at an estimated 6x trailing sales, we’ve also seen Cisco Systems pay the same multiple for ScanSafe and McAfee pick up MX Logic for an estimated 4x trailing sales. A few more of these types of deals and we may start to believe that we are indeed out of the recession.

Patient Smith Micro is big on M&A

October 23, 2009

-Contact: Thomas Rasmussen, Chris Hazelton

Up until the credit crisis knocked the economy into a recession, mobile software company Smith Micro Software had been a fairly active acquirer. The Aliso Viejo, California-based firm closed five deals worth $93m in 2007 alone. However, as the economy slid into a tailspin, Smith Micro pretty much stepped out of the market. Last year, it announced only a pair of tuck-in acquisitions, which we estimate cost just $3m total.

We suspect Smith Micro may be looking to return to a quicker M&A pace. Last month, it announced its second-largest deal, picking up Mountain View, California-based Core Mobility for $18.5m. (We understand the two sides discussed a deal back in 2007, but couldn’t get together on price.) Smith Micro will hand over $10m in cash and cover the rest of the Core Mobility purchase in stock, which will hardly limit its ability to do future deals. The debt-free company, with a market cap of $340m, claimed $44m in cash and short-term investments (at least before announcing the Core Mobility purchase). Moreover, it recently filed a shelf offering intended to fatten its treasury toward additional deals. At current prices, the four million-share offering will effectively double Smith Micro’s cash on hand. So where might it be looking to shop?

The Core Mobility acquisition reached into a new market segment. But we believe any significant future deal would see the company aiming to bolster its core mobile enterprise VPN offerings. That is where it shopped before putting the breaks on its M&A program in late 2007, when it picked up PCTEL’s mobility assets and Ecutel Systems. Potential targets include Norwegian Birdstep Technology, Swedish Columbitech, Seattle-based NetMotion Wireless and Canadian vendor ipUnplugged.

Although all four would make excellent tuck-in acquisitions, we view publicly traded Birdstep as a particularly good fit for Smith Micro. The Norwegian company has trailing revenue of about $18m, which would be a not-insignificant boost to Smith Micro’s revenue. But more importantly, acquiring cash-burning Birdstep would provide a much-needed foot in the door to the Nordic/European markets to help Smith Micro expand beyond the Americas, which currently accounts for more than 90% of revenue. Birdstep can likely be had at a discount too, as the company currently sports a market cap of about $30m, a mere one-fifth of its 2007 levels. Patience might be the operative word for Smith Micro’s M&A strategy, and it looks like it’s paying off.

Smith Micro’s historical M&A

Period	Number of acquisitions	Total deal value
2009 YTD	1	$18.5m
2008	2	$2-3m*
2007	5	$93m

Source: The 451 M&A KnowledgeBase * official 451 Group estimate

DLP deal flow

September 29, 2009 Brenon Daly

Contact: Brenon Daly, Steve Coplan

When Trustwave recently reached for Vericept, the Chicago-based security services company joined a long list of acquirers of data-loss-prevention (DLP) technology. Over the past three years, we’ve seen roughly a baker’s dozen DLP deals, with the total spending on the transactions hitting $850m, according to our 451 M&A KnowledgeBase. Not surprisingly, both the size and valuations of recent DLP deals have declined sharply, sinking to 1-2 times trailing sales, which is down from a high of about 10x trailing sales.

The list of buyers of DLP, which basically works to snuff out insider threats and control the flow of data, includes all of the obvious IT security giants. Symantec gobbled up Vontu for $350m in November 2007, while McAfee has taken smaller bites. It paid $20m for Onigma in October 2006 and then followed that up almost two years later with the $46m purchase of Reconnex. Additionally, Websense, CA Inc, RSA and even Raytheon have made sizeable DLP acquisitions in recent years.

If we had to guess which large security provider will go shopping next in the DLP space, Check Point would probably be our choice. The vendor, which is best known for its firewall offering, could use additional security on the network edge. Check Point also shifted earlier this year to an appliance model, where distinct software ‘blades’ cover specific security threats. Among other benefits, that makes it much easier to plug acquired technology into Check Point’s existing platform. DLP startups that might be of interest include Verdasys, GuardianEdge and Safend, among others.

Select DLP deals

Date announced	Acquirer	Target	Target revenue	Deal value
September 10, 2009	Trustwave	Vericept	$10m*	$20m*
January 5, 2009	CA Inc	Orchestria	$22m*	$30m*
November 5, 2007	Symantec	Vontu	$30m	$350m
October 25, 2007	Trend Micro	Provilla	Not disclosed	$15m*
September 20, 2007	Raytheon	Oakley Networks	$33m*	$193m
August 9, 2007	RSA [EMC]	Tablus	$6m*	$50m*

Source: The 451 M&A KnowledgeBase *451 Group estimate

Unexpected partners in e-discovery dance

September 2, 2009September 2, 2009 Brenon Daly

Contact: Brenon Daly

After a flurry of more than a half-dozen e-discovery acquisitions from mid-2007 to mid-2008, deal flow has dried up in the sector. Buyers during the active period included companies that, broadly speaking, have an interest in storing, managing and searching electronic information, including such tech giants as Seagate Technology, Iron Mountain and Autonomy Corp. Collectively, spending on all the e-discovery deals in that one-year period topped $800m.

And then, like the rest of the M&A market, e-discovery activity dropped off dramatically. In this vacuum, rumors started bouncing around. The main one, which we noted last October, had Symantec looking closely at Kazeon. The two companies have been partners for a year, with Kazeon able to integrate with Symantec’s Enterprise Vault and Enterprise Vault Discovery Accelerator. (We also did a broader matchmaking report on the sector right around that time.)

And while a pairing between Kazeon and Symantec may well have made sense, the e-discovery vendor ended up selling to EMC on Tuesday. (Terms were not disclosed, but one report put the price at $75m. We think that may well turn out to be a bit higher than the amount EMC actually paid, particularly since we understand that Kazeon was only running at about $10m in sales.) So we were a bit off on our pairing for Kazeon, just as we were off on our assumption that EMC would reach for its longtime e-discovery partner, StoredIQ. Undeterred by that, we find ourselves nonetheless wondering if StoredIQ will end up at Symantec. There’s certainly some logic to that pairing. But then again, that was also true for the other deals we came up with that never got signed.

NICE Systems double-dips on deals

September 1, 2009 Brenon Daly

Contact: Brenon Daly

Less than three months after indicating that it was looking to step back into the M&A market, NICE Systems announced two deals back-to-back. The Israeli company reached for Hexagon System Engineering on Monday, and followed that up immediately with the much more substantial purchase of Fortent. Together, the transactions run NICE’s tally of acquisitions to a baker’s dozen since 2002.

Hexagon will add location-based services technology for cell phones to NICE’s portfolio. NICE will hand over $11m in cash for Hexagon, which we estimate was generating revenue in the low single digits of millions of dollars. As an aside on this deal, we would note that it marks the first time that NICE has shopped in its home market. (Although Actimize, NICE’s largest target, was founded in Israel and still does much of its R&D there, Actimize had moved its corporate headquarters to New York City several years before NICE picked it up.) In its other acquisitions, NICE has been a bit of a globetrotter, buying companies based in Australia, the Netherlands, Germany, the UK and the US.

Meanwhile, NICE (through its Actimize subsidiary) will pay $73.5m in cash for Fortent. We estimate that Fortent was running at about $30m in revenue, with most of that coming from sales of its anti-money-laundering (AML) product. Actimize competed with Fortent in the AML market, but also offers products for fraud detection and trading compliance. Actimize, which NICE acquired in July 2007 for $280m, has now inked three deals as part of NICE. The Actimize business, combined with Fortent, is expected to top $100m in revenue next year, roughly triple where it was when NICE bought it two years ago.

ConSentry: more VC dollars for the NAC bonfire

August 27, 2009 Brenon Daly

Contact: Brenon Daly, Paul Roberts

It’s difficult – if not impossible – to point to any area of technology this year with a more consistently god-awful ROI than network access control (NAC). At this point, the return for VCs on their bets in the NAC market is literally pennies on the dollar. The latest addition to the imbalance between money invested and money returned: ConSentry Networks. As my colleague Paul Roberts recently noted, the company died earlier this month at least in part because it was counting on users defecting from either Cisco or Juniper Networks.

But that flawed business plan didn’t stop ConSentry from pulling down some $81m in backing over the past six years. The venture dollars incinerated by ConSentry brings the total amount burned by NAC vendors that have gone out of business in 2009 to at least $212m. Add to that the money raised by the one exit the NAC space has seen this year (Mirage Networks’ scrap sale to Trustwave), and the total swells to $252m. And the grand return on that quarter-billion-dollar cumulative investment? Mirage probably got about $10m for its business.

Sourcefire: No sale turns into a great deal

August 14, 2009 Brenon Daly

Contact: Brenon Daly

With Barracuda Networks looking to gobble up Austrian IT security vendor phion, we thought we’d look back on the other time the rapacious privately held firm eyed a public company. Last summer, Barracuda launched an unsolicited bid for Sourcefire, initially offering $7.50 per share but later raising that to $8.25. The bumped-up bid valued Sourcefire at roughly $215m, but that wasn’t enough for Sourcefire’s board of directors.

We’ve noted in the past that the decision by a company to go it alone can prove very costly to shareholders, at least in the near term. Removing the takeout premium and letting a company trade on its own fundamentals can end up crushing a stock. Recovering that lost ground can be a long and painful process. (Just ask shareholders of Yahoo and Mentor Graphics, who see shares in those companies changing hands these days at just half the level that suitors were willing to pay for them last year.)

However, it’s a completely different story for Sourcefire. It has actually turned out to be one of those rare cases where a target says a bid ‘undervalues’ the business and Wall Street agrees. After telling Barracuda to buzz off, Sourcefire shares got dragged down by the recession and traded below the bid until early April. But since then, the stock has surged to its highest level since the vendor went public in March 2007. Sourcefire shares are currently trading at about $20, or nearly 150% higher than the price Barracuda was willing to pay for them. Looked at another way, Sourcefire’s decision to stay independent has created more than $300m of additional value for its shareholders than the Barracuda bid would have delivered.

Will Fortinet go shopping after going public?

August 12, 2009 Brenon Daly

Contact: Brenon Daly, Paul Roberts

Not that Fortinet actually needs more cash to go shopping, but the company will likely substantially fatten its treasury by the end of the year. Officially, the security vendor, which has been generating cash for the past three years, said in its IPO prospectus this week that it plans to raise $100m. However, we suspect the actual amount that it raises could be as much as $200m, a fitting offering for a firm that may well hit the market with a valuation in the neighborhood of $1bn. (Which exchange Fortinet debuts on is still undecided. We can only imagine the fight between the NYSE and the Nasdaq over listing a big-time IPO like Fortinet in such a lean time for new offerings.)

Whatever the amount of money Fortinet ends up raising in the offering, it will have plenty to go shopping. (Not to mention the fact that it will also have freshly minted shares if it wants to do a larger deal.) My colleague Paul Roberts, who heads our security practice, put together a possible shopping list for the company back in April, based on our understanding that Fortinet was a few months away from filing to go public. Roberts discussed a number of possibilities for Fortinet, including network access control and perhaps WAN traffic optimization.

However, he argued that Fortinet would perhaps be best served by making a play for an enterprise security information management (ESIM) provider to make sense of all the information generated by the various offerings. And, as fate would have it, Fortinet already knows one ESIM vendor rather well. Since 2004, the company has been OEMing eIQnetworks’ Network Security Analyzer and reselling it as FortiReporter.