Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Dashboard monitoring of critical assets

Sourcefire : 22 April, 2008  (New Product)
3D System 4.8 from Sourcefire provides management ease for managing IT network protection and threat defence.
Open source innovator and Snort creator, Sourcefire has announced the latest version of the Sourcefire 3D System, continuing the company's tradition of delivering innovative solutions that enable customers to improve security while reducing management requirements. Sourcefire is positioned in the leaders quadrant of the recent Gartner IPS Magic Quadrant. The company is extending its leadership with the Sourcefire 3D System 4.8, providing users with a new customisable, role-based Dashboard and superior automation.

"As threats become more sophisticated, security solutions need to balance powerful protection with simplified management if they are to be truly effective," said Martin Roesch, Founder and CTO of Sourcefire. "Sourcefire leads the industry in delivering innovative solutions that address complex threats while removing much of the manual administrative burden from the end-user. With the 3D System 4.8, we are providing customers with powerful protection combined with unparalleled automation and customization that make it easier to defend the network against today's dynamic threats."

The 3D System 4.8 release features an enhanced Dashboard interface providing users with an easy-to-use, portal-like experience for monitoring security and compliance events. This highly customisable Dashboard is equipped with a library of more than two dozen drag-and-drop "Widgets" for monitoring IPS events, compliance violations, 3D Sensor performance, licence usage, and version information. It also includes an RSS Feed Widget for receiving security bulletins from Sourcefire, SANS, and other industry sources and a Top 10 Widget Builder for users to create new Widgets to monitor virtually any aspect of the Sourcefire 3D System.

Additionally, users can share configured Dashboards with colleagues having the same role within the organisation (eg, security analyst, IPS administrator). Users can also view graphical trends over time and drill down within certain Widgets to view underlying raw data or navigate to relevant Defence Centre interfaces, saving both time and effort.

Sourcefire's groundbreaking Adaptive IPS technology leverages network intelligence aggregated by Sourcefire RNA (Real-time Network Awareness) to automate the process of enabling and disabling Snort rules based on the environment the IPS is protecting. With the 3D System 4.8, Sourcefire is extending its Adaptive IPS technology even further. First, the new Adaptive Traffic Profiles feature improves the security and effectiveness of the IPS by processing segmented and fragmented traffic in the same manner as the targeted host operating system. This prevents hackers from disguising attacks to circumvent the IPS. Second, the new Non-Standard Port Handling capability ensures that Snort rules are automatically configured to monitor traffic on both standard and non-standard ports in use on the network, further increasing the security and effectiveness of the IPS. Both new Adaptive IPS capabilities rely on 24x7, passive network intelligence afforded by Sourcefire RNA, and both capabilities enable the IPS to automatically adapt to the dynamically changing network.

In addition to new Adaptive IPS enhancements, Sourcefire has also automated the process of downloading, importing, and applying Snort Rule updates. Customers can now opt to apply the best intrusion prevention rules in the industry in their recommended state with or without human intervention.

The Sourcefire 3D System 4.8 also delivers a number of new features that enhance overall usability, ease the burden of regulatory compliance, and provide new IPS and RNA detection capabilities:.

- Enhanced Compliance Capabilities - Enhances an organisation's ability to achieve regulatory compliance by limiting administrative access to only certain roles, by enabling administrators to temporarily disable user accounts, and by displaying the last successful logon date and time after each successful logon.

- Improved Packet-Level Forensics - Sourcefire's packet-level forensics enables users to gain a deeper understanding and validation of the source and nature of an attack. With 4.8, users now gain deeper application-layer insight (eg, protocol, message type) that previously could only be obtained using third-party network protocol analysis tools.

- Radius Support - Enables customers to take advantage of their existing Radius investment to manage 3D System user accounts, eliminating the need for local Sourcefire user accounts. This saves significant administration time and effort and enables the use of third-party, two-factor authentication systems, such as RSA SecurID".

- GRE and BitTorrent Decoding - Provides customers with an additional level of protection by enabling the IPS to decode GRE (Generic Routing Encapsulation) traffic and RNA to decode BitTorrent peer-to-peer traffic.

- Usability Enhancements - Simplifies the process of installing and managing the Sourcefire 3D System. These enhancements include a streamlined Defence Centre setup process, simplified backup and restore, rule view filtering, and more.

The Sourcefire 3D System 4.8 will be available in Q3 2008.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo