Blue Coat Systems, Inc., was a company that provided hardware, software, and services designed for cybersecurity and network management. In 2016 it was acquired by and folded into Symantec and in 2019 as part of Symantec’s Enterprise Security business it was sold to Broadcom.
The company was known as CacheFlow until 2002.
The company had "a broad security portfolio including hardware, software and services."[1] The company was best known for web gateway appliances that scan internet traffic for security threats, authenticate users and manage encrypted traffic, as well as products to monitor and filter employee internet activity.[2][3] It also produced consumer products, such as parental control software.[4] The company's products were initially sold to internet service providers, but later products were intended for large companies.[5]
The company's goal was to develop appliances that would increase website speed by storing frequently accessed web data in the cache.[7][8][9][5]
In October 1996, Benchmark Capital purchased 25% of the company for $2.8 million, equivalent to a price of 87.5 cents per share.[5] By February 1997, the company had raised $5.1 million.[10] In December 1997, U.S. Venture Partners acquired 17% of the company for $6 million.[5]
In January 1998, the company released its first product, the CacheFlow 1000. It cached website objects that users were likely to use repeatedly, to increase load speed.[12] In October 1999, the CacheOS operating system was released.[13]
In April 1998, the company released the CacheFlow 100.[14]
In mid-1998, during the dot-com bubble, the company made its first sales, earning just $809,000 over three months, and investors started pushing for an initial public offering (IPO).[8][9][5]
In March 1999, Technology Crossover Ventures invested $8.7 million for 7% of the company, equivalent to a price of $4.575 per share.[5]
In September 1999, the company released the CacheFlow 500, with a list price of $9,995.[15] A competitive review of caching appliances in PC Magazine gave the CacheFlow 500 Editor's Choice. The editor said it had "excellent performance", a "plug-and-go" setup, and "good management tools". The review noted that its "most noteworthy features" were its DNS caching and object pipelining techniques, which allowed page data to be delivered in parallel, rather than sequential, streams.[15]
In early November 1999, Marc Andreessen invested $3.1 million in shares, at a price of $11.04 per share.[5][16]
On November 19, 1999, during the peak of the dot-com bubble, the company became a public company via an initial public offering, raising $132 million. Shares rose fivefold on its first day of trading. However, the company was not profitable and its product was unproven.[17] At that time, the company had $3.6 million in revenue and $6.6 million in losses in the prior 3 months.[5][18][19] The company had initially hoped to price its shares at $11-13 each and raise $50 million but due to strong demand, it priced its shares at $26 each. One month later, they traded as high as $182 each.[11]
In 2000, it introduced the CacheFlow Server Accelerator product family, which offloads content delivery tasks from web servers.[20] Tests by Network World found the Server Accelerator 725 increased website load speed eight-fold.[21] The CacheFlow Client Accelerator 600 product family was also introduced in 2000. It was the company's first product family for corporate networks, caching Web or multimedia content directly on the corporate network.[22]
Revenues grew from $7 million in 1998, to $29 million in 1999 and $97 million in 2001. It already had 25% of the overall market for caching and 35% of the caching appliance market [7] and was still not profitable.[7]
In May 2000, the company updated CacheFlow OS to cache multimedia content, including RealNetworks' RealSystem, Microsoft's Windows Media and Apple's Quicktime formats.[24]
In June 2000, the company acquired Springbank Networks, an internet device company, for $180 million.[25][26]
In December 2000, the company acquired Entera, a digital content streaming company, for $440 million.[27][28]
In 2001, new features specifically for streaming media were introduced under the name "cIQ".[7][29][30]
Later in 2001, the company was renamed to Blue Coat Systems to focus on security appliances and simultaneously released the SG800. The appliance sat behind corporate firewalls to filter website traffic for viruses, worms and other harmful software. It had a custom operating system called Security Gateway and provided many of its security features through partners, like Symantec and Trend Micro.[7][31][32]
The company lost 97% of its value from October 2000 to March 2001 as the dot-com bubble burst. The company continued to lose money.[31][33] By 2002, several competing internet caching companies had abandoned the market, due to slow adoption of caching technology and most of CacheFlow's revenues came from its IT security products.[31]
In February 2002, the company closed its Redmond, WA office and laid off about 60 workers there. Around a dozen Redmond workers were offered transfers to the Sunnyvale, CA office.[34]
In April 2002, the company launched fifth version of its operating system. The Security Gateway 600/6000 Series was the company's newest product family. It had a range of security features, such as authentication, internet use policies, virus scanning, content filtering, and bandwidth restrictions for streaming video applications.[35]
In August 2002, the company started adding IT security features.[36]
Also in August 2002, the company changed its name to Blue Coat Systems. The new name was intended to evoke the image of a police officer or guard.[7] It then focusing on internet security appliances.[9][31] Its products were primarily used to control, monitor and secure internet use by employees. For example, a company could limit employee access to online gaming and video streaming, as well as scan attachments for viruses.
The shift in focus was followed by smaller losses and revenues at first[7][9] and eventually company growth.[37] Losses in 2002 after the rename were $247 million, about half of the prior year's losses.
By 2003, the company had 250 employees and $150 million in annual revenue.[38]
In 2003, 3 new products were introduced for small and medium-sized businesses (SMBs) with 50, 100 or 250 users in bundles with Websense; and Secure Computing, although the Websense partnership was later at least partially dismantled and the two vendors were "slinging mud at each other" in the VAR community.[39][40] This was followed by a second generation of the ProxySG product family, which added security features for instant messaging. A review in eWeek said the new ProxySG line was effective and easy to deploy, but the ongoing maintenance fees were expensive.[41]
In October 2003, the company acquired Ositis Software, maker of antivirus appliances, for $1.36 million.[42][43]
In July 2004, the company acquired Cerberian, a URL filtering company, for $17.5 million.[44][45]
In 2005, the company introduced an anti-spyware appliance called Spyware Interceptor and the following year it announced upcoming WAN optimization products.[46] This was followed by SSL-VPN security appliances to secure remote connections.[47]
In 2005, the company was profitable for the first time.[7]
In 2006, the company introduced a free web-tool, K9 Web Protection, that can monitor internet traffic, block certain websites, identify phishing scams. In a November 2008 review, PC World gave it 4.25 out of 5 stars.[48]
In March 2006, the company acquired Permeo Technologies, an end point security company, for $60 million.[49][50]
In June 2006, the company acquired NetCache assets from NetApp, which were involved in proxy caching, for $30 million.[51]
In June 2008, the company acquired Packeteer, engaged in WAN optimization, for $268 million.[52][53][54]
In 2009, the company introduced a plugin for PacketShaper to throttle applications such as Spotify.[55] A review of the PacketShaper 12000 in IT Pro gave it four out of five stars. The review said that "you won't find superior WAN traffic management anywhere else," but "the hardware platform could be more up to date considering the price."[56]
In November 2009, the company went through a restructuring that included layoffs of 280 of its 1,500 employees and the closing of facilities in Latvia, New Jersey and the Netherlands.[57]
In February 2010, the company acquired S7 Software Solutions, an IT research and development firm based in Bangalore, for $5.25 million.[58][59]
In August 2010, Michael J. Borman was named president and CEO of the company.[60][61]
In August 2011, CEO Michael Borman was fired for failing to meet performance goals and was replaced with Greg Clark.[62]
In December 2012, the company acquired Crossbeam Systems, maker of the X-Series of security appliances.[66][67][68]
In May 2013, the company acquired Solera Networks, involved in big data security.[69]
In December 2013, the company acquired Norman Shark, an anti malware firm.[70]
In 2014, Elastica's technology was incorporated into Blue Coat products, with its Audit subscription service being merged into the Blue Coat Appfeed in the ProxySG gateways.[71]
In June 2015, the company acquired Perspecsys, involved in cloud security.[72]
Also in March 2015, the company integrated technologies from its acquisitions of Norman Shark and Solera Networks to create a cloud-based product family called the Global Intelligence Network.[73]
Also in March 2015, the company pressured security researcher Raphaël Rigo into canceling his talk at SyScan '15.[74] Although Raphaël's talk did not contain any information about vulnerabilities on the ProxySG platform, the company still cited concerns that the talk was going to "provide information useful to the ongoing security assessments of ProxySG by Blue Coat." The canceling of the talk was met with harsh criticism by various prominent security researchers and professionals alike who generally welcome technical information about various security products that are widely used.[75]
In March 2015, Bain Capital acquired the company from Thoma Bravo for $2.4 billion.[76] Bain indicated that it hoped to launch another IPO[77][78] and several months later, anonymous sources said the company was looking for investment banks for that purpose.[79][80]
In August 2015, the company launched the Alliance Ecosystem of Endpoint Detection and Response (EDR) to share information about IT security threats across vendors and companies.[81] Its first channel program was started that March[82] and the Cloud Ready Partner Program was announced the following April.[83]
In November 2015, the company acquired Elastica, involved in cloud security, for $280 million.[84][85]
By 2015, the company had $200 million in annual profits and about $600 million in revenues, a 50% increase from 2011.[86]
On June 2, 2016, the company once again filed plans for an initial public offering.[87] However, on June 13, 2016, the company abandoned its IPO plans and announced that Symantec agreed to acquire the company for $4.65 billion.[88][89][90] The acquisition was completed on August 1, 2016 and the company's products were integrated into those of Symantec.[91][92]
Blue Coat CEO Greg Clark was named CEO of Symantec[93] and Blue Coat COO Michael Fey was named president and COO of Symantec.[94]
Use by repressive regimes
Blue Coat devices are what is known as a "dual-use" technology, because they can be used both to defend corporate networks and by governments to censor and monitor the public's internet traffic.[95] The appliances can see some types of encrypted traffic,[96] block websites or record website traffic.[2]
In October 2011, the U.S. government examined claims made by Telecomix, a hacktivist group, that Syria was using Blue Coat Systems products for internet censorship.[97][98][99] Telecomix released 54GB of log data alleged to have been taken from 7 Blue Coat web gateway appliances that depict search terms, including "Israel" and "proxy", that were blocked in the country using the appliances.[100] The company later acknowledged that its systems were being used in Syria, but asserted the equipment was sold to intermediaries in Dubai for use by an Iraqi governmental agency.[2]
Despite the systems consistently sending "heartbeat" pings directly back to Blue Coat, the company claimed not to be monitoring the logs to identify from which country an appliance is communicating.[2] Blue Coat announced that it would halt providing updates, support and other services for systems operating in Syria.[2] In April 2013, the Bureau of Industry and Security announced a $2.8 million civil settlement with Computerlinks FZCO, a Dubai reseller, for violations of the Export Administration Regulations related to the transfer to Syria of Blue Coat products.[96]
The company's devices were also used to block the public from viewing certain websites in Bahrain, Qatar, and U.A.E., among others.[2] By 2013, Citizen Lab had published 3 reports regarding the company's devices being found in countries known for using technology to violate human rights.[96] It identified 61 countries using Blue Coat devices, including those known for censoring and surveilling their citizens' internet activity, such as China, Egypt, Russia, and Venezuela.[95] However, "it remains unclear exactly how the technologies are being used, but experts say the tools could empower repressive governments to spy on opponents."[96]