This blog is all about Cyber Security and IT

Thursday, March 7, 2019

What is Sourcefire | IPS

Sourcefire Next-Generation IPS sets a new standard for advanced threat protection.

Real-time Contextual Awareness—See and correlate extensive amounts of event data related to IT environments—applications, users, devices, operating systems, vulnerabilities, services, processes, network behaviours, files and threats

Advanced Threat Protection—Protecting for the latest threats, Sourcefire delivers the best threat prevention .

Intelligent Security Automation—Automated event impact assessment, IPS policy tuning, policy management, network behaviour analysis.

Unparalleled Performance and Scalability—Purpose-built appliances incorporate a low-latency, single-pass design for unprecedented performance and scalability

Application Control and URL Filtering—Reduce the surface area of attack
through optional granular control of over 1200 applications and 100s millions of URLs in over 80 categories

Sourcefire has been aggregating network intelligence to provide “context” to network security defenses.
• Worms
• Triojans
• Backdoor attacks
• Spyware
• Port Scans
• VoIP attacks
• IPv6 attacks
• DoS attacks
• Buffer overflows
• P2P attacks
• Statistical anomalies
• Protocol anomalies
• Application anomalies
• Malformed traffic
• Invalid headers
• Blended threats
• Rate-based threats
• Zero-day threats
• TCP segmentations and
IP fragmentation

The Sourcefire NGIPS uses contextual awareness to fuel intelligent automation in the following ways:

• Optimize defenses and system performance by automating protection policy updates based on network changes
• Reduce the number of “actionable” security events by up to 99% by correlating threats against target operating systems and applications and their inherent vulnerabilities
• Know instantly who to contact when an internal host is affected by a client-side attack
• Be alerted when a host violates a configuration policy or attempts to access an unauthorized system
• Detect the spread of malware by baselining “normal” network traffic and detecting network anomalies

Sourcefire NGIPS takes advantage of the best hardware technology in the industry, providing IPS inspected throughput options ranging from 50Mbps to 40+Gbps


Post a Comment