Sourcefire has leveraged years of experience in protecting some of the largest and most demanding network environments in the world to develop the industry’s first—and only—adaptive intrusion prevention solution, the Sourcefire 3D® System. The 3D System uniquely identifies and responds to changes in network infrastructure. With a detailed understanding of the devices, applications, and services deployed on the network, and their potential vulnerabilities, the 3D System escalates warnings of meaningful attacks, while suppressing unimportant and irrelevant events—allowing security analysts to focus their time and attention on the attacks that represent a real threat.
The award-winning Sourcefire 3D System is comprised of three purpose-built appliance product lines—Sourcefire Defense Center®, Sourcefire 3D® Sensors, and Sourcefire SSL Appliances.
Based on the award-winning Snort® rules-based detection engine, Sourcefire® provides best-in-class network intrusion detection with extensive analytics, powerful reporting, and unrivaled scalability. Through the use of Sourcefire 3D® Sensors and one or more Sourcefire Defense Center® management consoles, Sourcefire IPS deployed as an Intrusion Detection System uses a powerful combination of vulnerability- and anomaly-based inspection methods to detect attacks targeting thousands of vulnerabilities.
The Sourcefire® Next-Generation IPS (NGIPS) raises the bar for IPS technology by integrating real-time contextual awareness into its inspection. By passively scanning the network, the Sourcefire NGIPS becomes fully aware of network devices, applications, behaviors, and identities on your network. This information is then used to automatically prioritize events, configure IPS rules, block suspicious behavior, and quickly resolve user identities from IP addresses. This increased level of contextual awareness reduces Intrusion Prevention System administration and enables automation by:
* Enabling IPS rules based on network composition
* Reducing the number of intrusion alerts by prioritizing events
* Blocking suspicious behaviors by comparing traffic flows to baselines
* Identifying users by quickly resolving IP addresses to identities
Defending Virtualized Environments Today
The Sourcefire 3D System as it exists today is well suited to defend both physical and virtual environments. By placing physical Sourcefire 3D sensors at ingress and egress points to your virtualized systems, Sourcefire can detect, alert and block threats that emerge from inside and outside your virtualized environment.
New in the 3D system 4.8 release is a capability to help combat the ever-growing concern over "VM Sprawl". This phenomenon relates to IT personnel, and in many instances end-users, creating and deploying new virtual machines (VMs) without following established configuration and c