Long rumored as an acquisition candidate, Fortinet found itself at the center of M&A speculation again on Thursday. The buzz was making the rounds, with the unified threat management (UTM) vendor paired with the increasingly acquisitive Dell. Fortinet shares currently trade about twice the level they came public at back in November 2009, with a market cap of $4.1bn.

Even a standard one-third premium on Fortinet’s current trading value would put the price in the neighborhood of $5.5bn. That would make this (still rumored) transaction the second-largest deal in the information security market, trailing only Intel’s $7.68bn purchase of McAfee. (McAfee garnered a roughly 60% premium.) Fortinet recorded sales of $433m in 2011 and will likely generate about $520m in revenue this year, so the company would almost certainly pull in a double-digit multiple.

Fortinet was founded by Ken Xie – who, along with his brother, still owns a significant chunk of the business – who already has a multibillion-dollar security exit. He sold his company NetScreen Technologies to Juniper Networks for $4bn in equity back in 2004. In the past, Fortinet has attracted attention from Dell, Cisco Systems and IBM, among other tech giants.

A pairing with Dell would make a great deal of sense. Foremost, Dell has a tremendous product distribution channel that could push along Fortinet’s appliances. More broadly, it would also fit well with Dell’s previous significant security acquisition, SecureWorks. Fortinet would boost the SecureWorks’ portfolio and make for easy management of those offerings.

This post was primarily written by 451 Research’s M&A Research Director Brenon Daly with input from Andrew Hay. For more M&A speculation, confirmation and postulation please follow 451 Research’s Inorganic Growth blog.

In an unusual case of one information security consolidator buying another one, Trustwave has announced that it will pay an undisclosed amount for M86 Security. Although terms weren’t disclosed, we understand that the purchase is the largest ever by Trustwave by a considerable margin. Nearly all of Trustwave’s previous acquisitions – and there have been more than a half-dozen of them over the years – brought revenue of just $5-15m to Trustwave.

Trustwave is no stranger to accumulating product lines through M&A, and the addition of a Web gateway security and malware business would slot easily into its existing portfolio, as well as jibe with its recently unveiled ‘unified security’ and managed services strategy. Plus, Trustwave has been strongest in more traditional areas of security infrastructure where compliance requirements are well defined, while M86 has had far more of a specific security (and especially malware) focus. However, M86 is a much larger bite than Trustwave typically takes, and its technology is not as compliance-driven as the bulk of Trustwave’s portfolio.

Still, setting aside valuation for the moment, the deal is a compelling one for M86 from an operational perspective. Up against solid competitors like Symantec, Websense and BlueCoat Systems, the need for M86 was to build on its existing sales channels, as well as find ways of integrating its products within a broader set of security functionality and services. This transaction will present a path for Trustwave to expand into cloud security and provide a set of malware gateways (a niche where FireEye has been, well, on fire), and for the M86 business to resolve some of its operational challenges. But given the relative scale of the deal compared with past Trustwave acquisitions, the push into more security-driven sales and integration of the M86 products into its managed services environment should nonetheless pose a new set of execution challenges. Trustwave’s acquisition of M86 represents a significant gamble on its ability to integrate a large business.

Separately, Trustwave’s return to M&A indicates that it’s likely to look again to hit the public market, but at a much bigger size.
This report was written by 451 Research’s Enterprise Security Practice Senior Analyst Steve Coplan, M&A Research Director Brenon Daly and Andrew Hay.

(Read the full report here – 451 Research subscription required)

After acquiring primarily IT services and outsourcing shops in the past decade, ManTech International recently reached for cyber-security specialist HBGary’s assets – its first security software acquisition of 2012 and most recent purchase since its October 2011 Worldwide Information Network Systems buy. The transaction is notable as it is yet another acquisition in the growing line of cyber-security plays that includes deals announced by BEA Systems, Boeing and Raytheon, among others.

This report was written by both 451 Research’s Financial Markets Research Associate Ben Kolada and Andrew Hay.

(Read the full report here – 451 Research subscription required)