Sourcefire Advanced Malware Protection for FirePOWER™ provides users with the ability to protect against sophisticated network malware, advanced persistent threats (APTs) and targeted attacks – from point of entry, through propagation, to post-infection remediation.
Inline malware detection/blocking: Identify individual files as they cross the wire, create a fingerprint of the file, check that fingerprint against the Sourcefire collective security intelligence cloud to determine if the file is benign, unknown or malicious, and remediate according to your organization’s policies.
Continuous analysis: Track where a file has been and continue to analyze the file and how it is behaving if the file is unknown or even if the file has been previously deemed safe.
Retrospective alerting: Alert on files previously seen and thought to be safe but now, according to the latest threat information and analysis, are identified as malicious. Utilize targeted host and file analysis fingerprint information to speed remediation.
Real-time cloud security intelligence: Leverage Sourcefire intelligence feeds to automatically update blacklists to block communication to malicious sites including not only malware Command and Control servers, but also to spam, phishing, botnet, and open proxies and relay sources.