Posted on

What is Sourcefire | IPS


Sourcefire Next-Generation IPS sets a new standard for advanced threat protection.





Real-time Contextual Awareness—See and correlate extensive amounts of event data related to IT environments—applications, users, devices, operating systems, vulnerabilities, services, processes, network behaviours, files and threats





Advanced Threat Protection—Protecting for the latest threats, Sourcefire delivers the best threat prevention .





Intelligent Security Automation—Automated event impact assessment, IPS policy tuning, policy management, network behaviour analysis.





Unparalleled Performance and Scalability—Purpose-built appliances incorporate a low-latency, single-pass design for unprecedented performance and scalability





Application Control and URL Filtering—Reduce the surface area of attack
through optional granular control of over 1200 applications and 100s millions of URLs in over 80 categories





Sourcefire has been aggregating network intelligence to provide “context” to network security defenses.
• Worms
• Triojans
• Backdoor attacks
• Spyware
• Port Scans
• VoIP attacks
• IPv6 attacks
• DoS attacks
• Buffer overflows
• P2P attacks
• Statistical anomalies
• Protocol anomalies
• Application anomalies
• Malformed traffic
• Invalid headers
• Blended threats
• Rate-based threats
• Zero-day threats
• TCP segmentations and
IP fragmentation









The Sourcefire NGIPS uses contextual awareness to fuel intelligent automation in the following ways:






• Optimize defenses and system performance by automating protection policy updates based on network changes
• Reduce the number of “actionable” security events by up to 99% by correlating threats against target operating systems and applications and their inherent vulnerabilities
• Know instantly who to contact when an internal host is affected by a client-side attack
• Be alerted when a host violates a configuration policy or attempts to access an unauthorized system
• Detect the spread of malware by baselining “normal” network traffic and detecting network anomalies





Sourcefire NGIPS takes advantage of the best hardware technology in the industry, providing IPS inspected throughput options ranging from 50Mbps to 40+Gbps







Write a comment