Shaping Infosec: Palisade Systems' Legacy
Much has been written about the original, libertarian view of the earliest computer networks, including ARPAnet which would eventually become known as the Internet. Now referred to as Web 1.0, the Internet was envisioned as interoperable, free of permission or security, rooted in discovery and innovation. It was missing a resilience blueprint and remained blissfully unaware of the content transmitted. This openness, freedom, and lack of centralized control it spurred good and bad early.
The nature of interconnected computers gave rise to a doctoral thesis first defining a computer virus by Fred Cohen in 1986 at USC quickly followed by the first widespread worm written and unleashed by Robert T Morris at MIT. This was an interesting time in origins of security, and I was glad to be guided by Dr. Robert Franks, my own advisor at Central College, who’d directed me toward cryptography, a target of his earlier post-graduate work at Iowa State University (ISU).
Information Security, a transformational branch of computer science was establishing its beachhead at ISU in mid-1980s, unaware of its effects to be felt far beyond Ames for decades to come.
IDEs from Ames, Iowa
Faculty and students at research universities have built America’s innovation driven enterprises (IDEs) over decades and their departments of Engineering & Computer Science are no strangers to innovation. ISU was birthplace of the Atanasoff–Berry computer, regarded as the first computer in 1937. By the 1990s, the department was conducting original research and filing patents when applicable; it certainly wasn’t going to repeat its patent mistake with the Atanasoff-Berry computer.
Dr. Doug Jacobson began his undergraduate journey at ISU in 1976, obtained his Ph.D. there a few years later, and joined the faculty in 1995. His first patent filing came a year after through the ISU Research Foundation. Though the US Patent #5548649 to securely bridge two networks didn’t achieve commercialization, his second, #6044402 had a different future. He had discovered and patented a process for blocking unwanted network connections in a computer network. Palisade Systems, his third company in fifteen years, was born with initial funding through ISU’s new department of commercialization.
Stephanie Bridges, one of his research students, was one of the first to join the team. Doug’s wife, Gwenna, a Microware Systems employee at the time, was looking for a career shift and joined the team along with Stephanie’s husband, Gary. The quartet leased a 10x12 room at the nascent ISU research park and began building their first product.
ScreenDoor was launched in 1997 to block undesirable connections and found its first market in schools. It silently watched network traffic for ports, protocols and destination addresses and based on guidelines set by the school, terminated disallowed connections. A user in the school wishing to download pirated software, for example against school policy, would have their connection to the pirate site terminated.
PacketHound was launched thereafter to monitor the entire network. Delivered as a network appliance built using standard off-the-shelf PC hardware, it established network-wide rules to block, monitor, log, and throttle traffic. It expanded features such time-based rules and access, application-based rules, and more. Though a plethora of such appliances are available for networks large and small today, this nascent technology was transformative to those who understood and deployed it.
Product development itself can be expensive, even for small engineering teams using low-rent space at a research park. More cash soon became a necessity to grow.
Growing up in a VC world
Skip Knapp and Chuck Johns of Ames Seed Capital were the early seed investors who invested $15,000 in seed funds (yes, those were the days!). These seed funds were followed by the first 250K venture investment by John Pappajohn’s Equity Dynamics in 1999. New product development necessitated the next round of $1.3MM in 2000 followed soon thereafter with another $1MM in 2001.
These fresh rounds of funding facilitated the development of products such as FireBlock which used the company’s network monitoring ability to segment an internal network, presciently inventing a solution for the insider threat monitoring needs of the future.
Palisade’s use of venture capital happened amidst a wave of similar capital deployment across the US economy. Silicon Valley was abuzz with the dot com boom and networks were expanding from the age of dial-up to legacy-based frame-relay and ISDN networks. Large telecommunications companies and regional innovators were discovering ways to quickly and inexpensively lay fiber-optic cable by obtaining rights of way from gas and other pipeline owners, as well as along century old railway tracks. US Congress had finally given up its reticence toward using government funds in expanding the Internet to rural America.
Despite venture capital’s nearly thirty-year history with technology, venture monies in Iowa were a relative green space (a future story is in development to chronicle the funding landscape by Diana Wright and me - stay tuned). Unlike the freely available education about venture funds, investment types, and tools today, funding in the late 1990s was heavily obscured by complex legal documents written largely in favor of the parties providing the funding. Though Brad Feld and Jason Mendelsohn would solve that problem a few years later via their blogs and their seminal book, Venture Deals, Palisade was new to the game.
A Technical Product Early to the Security Game
Palisade’s products were, as mentioned earlier, technical by design and nature. First, they required an understanding of the underlying problem they’d been built to solve, Then, they required a networking culture able to use the products technically and administratively. Specialization and separation of information security was still years away from the network administration function.
A maxim permeates the startup world today and often begins with the question - who is your competition? Startups who struggle to identify competition generally need to raise far more funds to establish new markets for a product people don’t know they need. Palisade’s software faced such a market. The world of Web 1.0 (full trust) and Web 2.0 (ecommerce) remained new to network security and propriety and selling security appliances was an uphill climb.
Research conducted at ISU under the direction of Professor Charles Shrader and published in “Annals of Cases in Information Technology” in 2004 (citation at the end) identifies the core set of challenges facing the company. They identify the vast market ahead for the products already created, the growing universe of competitors, an expanding set of approaches to solving the identified problems, and the capital needed to address these broad challenges. They also identified a price pressure as competing vendors built some security solutions within the operating systems and others released them as open source.
The cat and mouse game
Network administrators in the early 2000s continued to contend with pornography and peer-to-peer (P2P) networks as the newest challenges to secure networks. The previous decade’s problems with computer viruses were being largely managed on small and large networks. This was the time of music sharing on networks like Napster and application sharing on Pirate Bay and torrent sites.
Unlike porn, P2P added further liability. In addition to consuming precious bandwidth and an array of network , it also potentially exposed the businesses to copyright issues. It established bi-directional flow of files and made the task of blocking rogue Internet sites significantly more complex.
To prove its understanding of this traffic, Palisade Systems provided prospective customers with a free software, PacketPup. Its older brother, PacketHound, leveraged the company’s ability to sniff traffic and extended it to seek telltale signs of P2P traffic via signatures in how P2P worked. Again, though such tools are commonplace in network administrators’ toolkits today, they were still nascent in the early 2000s.
PacketHound and Palisade Systems won awards such as the R&D100 award. An admirable win, it still highlighted the “R&D” nature of the product in the business world. Sales should’ve been widespread and by the tens of thousands. This market anomaly required an endless supply of capital to bolster a sales and marketing approach necessary to grow.
Continued R&D and Innovation
Early and mid-2000s were also a time of server vendors (e.g. Microsoft) realizing the outsized role of computer security. New instances of servers installed from CD, connected to the Internet, and left devoid of critical security patches could become targets of nefarious actors from around the world. These actors would use fast(er) Internet connections in the US to deliver illegal music and applications.
Palisade was one step ahead with such a solution. It created a new type of device, SmokeDetector, belonging to a type of computer lovingly called a honeypot. It was a hardware device that would sit amongst a company’s other servers and could alert administrators if their network was being probed to sense vulnerabilities.
This research and development remained a step ahead and by late 2000s had developed into a suite of products collectively known today as “Data Loss Prevention” suites. Though large enterprises were beginning to evaluate risks of data exfiltration and installing a new C-suite role, the Chief Information Security Officer (CISO), Palisade was burning precious venture capital to stay a step ahead.
Place & Time
It is evident that Palisade’s inventions and products were early to the market. Customers hadn’t yet experienced large enough financial losses to begin budgeting for protected networks. The hacking world was also limited to regions with existing fast and cheap access to the Internet. As the 2000s expanded Internet access, far larger numbers of criminals started to probe vulnerabilities.
It is also possible that Palisade Systems attempted to grow from a place not easily associated with infosec and might have succeeded differently if operating from Silicon Valley. Though the research was highly contemporary, its buyers were in far greater numbers in CA. Palisade Systems became one, certainly not the first, to be hurt by being early as many of the earliest Internet-first companies were surpassed by heavily funded companies that focused on accelerated growth at any cost, funded by venture capital.
The Palisade Systems Exit
The increase in cyber-crime came late for Palisade. They’d raised a number of rounds of venture capital from Equity Dynamics, DeWaay Investment Partners, Cedar Valley Venture Fund, Principal Life Insurance Company and others. With over a decade of product development and innovations, the funding entities were seeking a return on their capital.
Each round of venture capital is dilutive in value to the original founders. Just as the mighty Colorado river is reduced to a trickle by the time it reaches its delta in Mexico, each round of funding leaves lesser value to the original equity owners, occasionally trickling to zero.
A final recapitalization and increased focus on growth wasn’t able to turn the tide and Palisade Systems was acquired in June 2013 by Absolute Software Corporation of Vancouver, British Columbia, Canada. Many original employees and vestiges of the original suite of products transferred to and remain with Absolute Software.
ISU’s Information Security Impact
Dr. Doug Jacobson remains a dedicated and well-known name in information security. His research, teaching and innovation focus persists in protecting critical infrastructure and his students are in information security professions within Iowa companies and beyond. Ensuring security principles within IoT devices, public education, and embedded systems continues to ignite his passion.
Under his leadership as Director, nearly 40 faculty colleagues are shaping enterprise and government security at ISU’s Center for Cybersecurity Innovation & Outreach. The center’s advisory council comprises an admirable roster of infosec professionals from industry, government and academia. Funded by entities such as the department of Energy, they employ students who are creating new intellectual property, some of which will create royalty residuals for the university much like the original, now expired, patents. Infosec patents remain a part of ISU’s growing portfolio of tech transfer ready innovations, earning the university the title of one of America’s top entrepreneurial universities.
Sources:
Interview with Dr. Doug Jacobson, April 2025
Mahanti S., Bajwa P., Strader T., and Shrader, C., Palisade Systems - New Markets for Internet Security Products, Annals of Cases on Information Technology, v6, 2004
Atanasoff–Berry computer
Patrolling the Internet - Inside Iowa State - 1997
Patent #6044402-A
Patent# 5548649-A
PacketHound
Computer Monitoring... ISU research...2001 R&D 100 award
SmokeDetector...honeypot
Funding Round - 2009
I am a proud member of the Iowa Startup Collective, a group of writers exploring entrepreneurship across Iowa. Click the link above to checkout my peers’ work
Love these stories! Keep them coming.
Good read! I’d know bits of the story before so thank you for pulling this together