Sourcefire has strengthened and expanded its FirePOWER appliance family, providing users with the unmatched ability to protect against sophisticated malware, advanced persistent threats (APTs) and targeted attacks. One of the latest innovations is the introduction of advanced malware protection for FirePOWER, which provides visibility and control of modern threats on the network – from point of entry, through propagation, to post-infection remediation.
"Network-based anti-malware detection solutions provide defence in depth for organisations looking to reduce their exposure; however, if performed inline, it should have minimal impact on network performance," said Neil MacDonald, Vice President and Gartner Fellow. "Enterprises want solutions that don’t require the purchase of an additional appliance, learn and adapt over time and provide historical visibility for retrospective analysis."
Sourcefire also introduced additions to the FirePOWER 7000 Series appliance lineup, and new 5.1.1 software featuring file type detection and control, as well as security intelligence for IP reputation and blacklisting. With the new models, Sourcefire’s performance range now spans from 50 Mbps to 40+ Gbps. FirePOWER appliances provide industry-best threat protection with proven performance leadership, and comprise Sourcefire Next-Generation Intrusion Prevention Systems (NGIPS), with and without application control, and Next-Generation Firewall (NGFW) models on a universal platform.
Advanced Malware Protection for FirePOWER
FirePOWER’s advanced malware protection operates inline to provide continuous network protection and minimise propagation of advanced malware by creating forensic fingerprints of files to identify known malware, track file movement and identify attack targets for focused remediation. Using Sourcefire’s security big data analytics, this advanced malware protection delivers continuous file analysis and retrospective alerting, so that users can be notified of malicious files, even if they were previously deemed safe. Advanced malware protection for FirePOWER integrates with the collective intelligence of Sourcefire’s FireAMP solution. This provides similar protection for devices, enabling visibility into malware trajectory and empowering rapid defence and cleanup to avoid reinfection.
Enhanced Awareness and Threat Protection
Sourcefire’s 5.1.1 software, which is also being announced, serves as the foundation for FirePOWER - and virtual appliance-based solutions, and includes several new features that enhance network awareness and further strengthen threat prevention.
* Detection and control of all file types, file protocols and file direction
* Security intelligence for IP Reputation blacklisting and alerting / blocking botnets, attackers, spam sources and other malicious IPs
* Context Explorer to visualise and explore contextual information about most-used applications, hosts and user identity
* Updated dashboards and event reporting to provide graphical summary views
Expanded FirePOWER Appliance Range
Sourcefire is also expanding the FirePOWER appliance line with the introduction of three new models – extending the FirePOWER performance range from 50 Mbps to 40+ Gbps. The new appliances include the FirePOWER 7010 (50 Mbps), the FirePOWER 7020 (100 Mbps) and the FirePOWER 7030 (250 Mbps). The FirePOWER appliance family provides customers with a powerful universal security platform with the flexibility to support evolving security needs --NGIPS, App Control, NGFW and advanced malware protection -- with scalability to address the widest range of enterprise requirements.
“With this release, Sourcefire has continued to innovate and deliver industry-leading threat protection and performance that can easily scale and evolve with an organisation’s security needs,” said Martin Roesch, founder and interim CEO at Sourcefire. “Adding advanced malware protection for FirePOWER significantly expands these benefits, helping combat threats before, during and after an attack. This is critical for organisations taking a proactive stance to mitigating the impact of sophisticated malware that can quickly permeate a network.”