Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Sourcefire 3D system uses adaptive approach to Internet Protection

Sourcefire : 18 September, 2007  (New Product)
Real time user awareness and network behaviour analysis provides adaptive approach to protecting network assets
Open source innovator and Snort creator, Sourcefire has announced the availability of the Sourcefire 3D System version 4.7 release, affording customers with the industry's first-ever Adaptive IPS. While traditional IPS vendors have subscribed to a "one size fits all" model, the 3D System 4.7 release sets Sourcefire apart, enabling customers to optimise the security and performance of their IPS systems based on the actual network assets they are protecting.

Sourcefire is also announcing the general availability of two other new products -Sourcefire RUA (Real-time User Awareness), which links user identity to security and compliance events, and Sourcefire NetFlow Analysis, which extends the reach of Sourcefire's Network Behavior Analysis (NBA) solution to corners of the network where Sourcefire RNA (Real-time Network Awareness) Sensors do not exist.

The 3D System 4.7 release encompasses over 30 new and improved capabilities, including:.

* RNA-Recommended Rules - A key component of Sourcefire's Adaptive IPS strategy, RNA can now recommend which Snort IPS rules to enable and disable based on actual network assets protected.

* Sourcefire RUA (Real-time User Awareness) - Links Active Directory and LDAP users to security and compliance events, enabling customers to resolve incidents more quickly when time is of the essence.

* Sourcefire NetFlow Analysis - Extends Sourcefire's NBA capabilities by aggregating and analysing NetFlow traffic on network segments where Sourcefire RNA Sensors do not currently exist.

* Nmap Integration - The popular open source scanning tool from Insecure.Org is now integrated within the Sourcefire 3D System, extending Sourcefire's ability to collect endpoint intelligence for Impact Flag and compliance assessment.

* Host Input API - Ability to integrate a variety of third-party active scanning, patch management and vulnerability assessment solutions into the Sourcefire 3D System.

* Custom Service Detection - Sourcefire customers can create custom service "fingerprints" to exploit RNA to detect virtually any network service.

* Usability and Performance Enhancements - Includes new setup wizard, latency thresholding, improved compliance reporting and more.

Sourcefire's new Adaptive IPS technology provides users with increased network protection by making use of endpoint intelligence aggregated by Sourcefire RNA, Nessus, Nmap and other endpoint intelligence solutions to propose Snort IPS rules to enable and/or disable based on the actual assets protected on the network. RNA-Recommended Rules can be generated on an ad-hoc or scheduled basis. RNA's recommendations can be manually approved or implemented without human intervention. For the first time, IPS technology can actually "adapt" to the network it is protecting, thus maximising security, minimising false positives and negatives, and optimising IPS hardware resources.

Sourcefire RUA, announced by Sourcefire earlier this year, is also now available, enabling customers to link user identity to security and compliance events. RUA leverages existing investments in Active Directory or LDAP systems by pairing usernames with host IP addresses involved in security and compliance events. Additional user attributes—including first name, last name, email address, phone number and department—are also available at your fingertips. Now security and compliance events can be addressed quicker than ever, when time is of the essence.

Strengthening Sourcefire's position as a leading NBA provider, the Sourcefire 3D System now aggregates NetFlow data, extending the reach of Sourcefire's NBA solution to corners of the network where Sourcefire RNA Sensors don't currently exist. The combination of RNA and NetFlow data provides customers with the ability to baseline "normal" network traffic across the enterprise, enabling security analysts to detect suspicious deviations (i.e., worm propagation) from established baselines. Further, the ability to analyse NetFlow also provides network managers with the network usage intelligence required to identify performance bottlenecks and/or areas of the network where too much bandwidth has been allocated.

"The Sourcefire 3D System 4.7 release is our largest product release yet, significantly expanding the capabilities of our IPS and NBA Enterprise Threat Management (ETM) solutions," said Martin Roesch, CTO and Founder of Sourcefire. "Sourcefire has a strong history of innovation and we are again stepping out in front of the competition with our new Adaptive IPS technology and our new Sourcefire RUA and Sourcefire NetFlow Analysis products. These new capabilities, combined with our tightly integrated management framework, afford Sourcefire customers with unparalleled protection against both internal and external threats."

The Sourcefire 3D System 4.7 release, including Sourcefire RUA and Sourcefire NetFlow Analysis, is available now through Sourcefire or through Sourcefire Solutions Network channel partners, including Crossbeam, Nokia and Nortel.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo