Professional Documents
Culture Documents
Next-Generation
IPS
• Network behavior analysis Prevention System (NGIPS) was built from the that changing threat
conditions and
ground up to arm security teams with the
• Packet-level forensics protection they need in today’s rapidly changing changing business
• File type determination environments. Based on core competencies and IT processes will
• Application control of contextual awareness and automation— drive network security
• URL filtering recognized by Gartner as key ingredients managers to increasingly
look for next-generation
• Advanced
protection
malware of a Next-Generation Network IPS—and
further fueled by the Sourcefire FirePOWER™ network IPS capabilities
performance platform and sophisticated at the next firewall or
Sourcefire FireSIGHT™ network intelligence, IPS refresh cycle.”1
Sourcefire’s NGIPS stands apart, offering: John Pescatore, Gartner
Greg Young, Gartner
• Real-time Contextual Awareness—See and correlate extensive
amounts of event data related to IT environments—applications,
users, devices, operating systems, vulnerabilities, services,
processes, network behaviors, files and threats
• Advanced Threat Protection—Protecting for the latest threats, Sourcefire delivers the
best threat prevention that money can buy as validated by independent third-party
testing and thousands of satisfied customers around the world
• Intelligent Security Automation—Automated event impact assessment, IPS policy tuning,
policy management, network behavior analysis, and user identification significantly lower the
total cost of ownership and enhance the ability to keep pace with changing environments
1
Source: “Defining Next-Generation Network Intrusion Prevention,” Gartner, 7 October 2011
Through a combination of vulnerability-based IPS rules, custom IPS rule creation, security
intelligence for IP and file reputation capabilities, Sourcefire. customers have more ways to
defend their systems than any other IPS provider. But don’t take our word for it.
Sourcefire is the leader in NSS Lab’s 2012 Security Value Map for IPS based on security
effectiveness and total cost of ownership (TCO). Figure 1 is a summary of our latest test
results in comparison to industry averages.
Sourcefire NGIPS is backed by the esteemed Sourcefire Vulnerability Research Team (VRT), a
group of leading security experts that develop and maintain the official Snort rules used by
the Sourcefire NGIPS. The Sourcefire VRT:
2
Source: NSS Labs 2012 Network IPS Product Analysis Report average from 10 tested vendors
FireSIGHT™ Detection
• Physical/virtual hosts
• Operating systems
• Applications
• Consumer devices
• Mobile phones
• VoIP phones
Figure 2. Sample FireSIGHT™ detection. • Network printers
• Routers
Intelligent Security Automation • Potential vulnerabilities
Automation is critical to keep pace with advanced threats despite
• Network
bandwidth
flow and
application
• Customizable dashboards
with numerous widgets
At the heart of the FirePOWER Series appliances lies breakthrough
acceleration technology, providing market-leading performance with
• Role-based administration
and workflow
greater energy efficiency.
• Extends your investment without major effort or upgrades “During our testing, one
• Simplifies your security deployment and planning activities vendor produced alerts on
• Provides the flexibility to interoperate security in any 80% of the traffic we threw
IT environment at it, but Sourcefire didn’t
produce a single alert. We
Protection For Physical & Virtual Environments brought the Sourcefire
engineer in because we
Sourcefire offers an impressive line of purpose-built Network Security
thought it wasn’t working,
Appliances with inspected threat prevention throughputs ranging
but he said that it wasn’t
from 50Mbps to 40+Gbps. All Sourcefire Appliances come standard
producing alerts because
with programmable, fail-open copper and/or fiber interfaces,
the boxes being attacked in
and most models come equipped with additional fault-tolerant
the test weren’t vulnerable
features, including dual power supplies, RAID drives and lights out
to what was being thrown
management (LOM).
at it...he showed me proof
Sourcefire also offers security solutions for VMware, Xen and Red that it was working, which
Hat virtual platforms. Sourcefire Virtual Sensors provide the capability was nice.”
to inspect VM-to-VM communications, providing the same control Jeremy Pratt, Network Manager,
and protection as their physical counterparts. L.A. Times
©2013 Sourcefire, the Sourcefire logo, Snort, the Snort and Pig logo, Agile Security and the Agile Security logo, ClamAV, FireAMP, FirePOWER,
FireSIGHT and certain other trademarks and logos are trademarks or registered trademarks of Sourcefire, Inc. in the United States and other countries.
Other company, product and service names may be trademarks or service marks of others.
4.13 | REV4B