ValueSYS for Information Technology
Software Service Made Superior
ValueSYS Products
SunSystems
Juniper SSG
Juniper SRX
Juniper SSL VPN
Citrix XenApp
Websense
Sourcefire IPS™ PDF Print E-mail

Built on the legacy of the award-winning SNORT® rules-based detection engine, Sourcefire IPS uses a powerful combination of signature, protocol, and anomaly-based inspection methods — at throughputs and line speeds up to 10 gigabits per second — to stop threats before they impact your network. Deployable in both inline and/or passive modes, Sourcefire IPS analyzes network traffic and prevents critical threats from affecting your network, and can integrate with the Sourcefire 3D System to contain threats by remediating to other devices including firewalls and routers.

Inline or Passive Deployments


Sourcefire IPS appliances can be deployed in both inline and/or passive modes in many areas of the network: at the perimeter, at the core, or at remote or branch offices. With throughput options from 5 Mbps to 10 Gbps, latencies as low as 100 microseconds, Intel® and ASIC-based appliances, and fully redundant configurations, Sourcefire IPS appliances scale to suit your organization’s deployment needs.

 

New 10 Gigabit Capabilities
Sourcefire offers intrusion prevenion at line speeds and throughputs up to 10 Gbps to handle today's throughput and bandwidth requirements at the core. In high-traffic environments, Sourcefire IPS lets you monitor multiple networks from one central core, reducing the effort and complexity of threat management. The Sourcefire IPS device for 10 Gbps networks supports both copper and fiber networks, with high port density and a highly redundant, scalable architecture.

Comprehensive Protection Ahead of the Threat
Sourcefire IPS is powered by vulnerability-based Snort rules, which protect against zero-day threats by detecting all possible exploits of vulnerabilities. These Snort rules, provided by the Sourcefire Vulnerability Research Team (VRT), protect against:

  • Worms
  • Trojans
  • Port scans
  • Buffer overflow attacks
  • Denial-of-service attacks
  • Spyware
  • Protocol anomalies
  • Malformed traffic
  • Invalid headers
  • VoIP attacks
  • IPv6 attacks
  • Fragmentation attacks and evasions
  • Zero-day attacks

Open Standard Rules
The Snort rule format, developed by Sourcefire, is an open standard that is by far the most widely used format in the industry, with over 100,000 active users. Unlike competitors’ rule formats, Snort rules can be viewed, edited, and created right from a Sourcefire IPS appliance or Defense Center.

Detailed Forensics
Using Sourcefire IPS, customers can easily see exactly why an attack has occurred and what steps if any they need to take in response. For every event, Sourcefire IPS provides users the full packet data that triggered that event. It gives users sophisticated, highly customizable, easy-to-use workflows for investigating security events when they occur.

Adaptive IPS for More Accurate Intrusion Prevention
Leveraging the capabilities of Sourcefire RNA, customers can achieve even more with Sourcefire IPS. RNA can automatically provide a set of recommended rules for Sourcefire IPS based on the operating systems and services actually seen in customer environments. Unlike competitors, Sourcefire IPS can use RNA information about the hosts on a network to model attack traffic to the operating system that is actually being attacked, ensuring accurate prevention and stopping evasions.

Plug-N-Protect Architecture and Blocking “Out-of-the-Box”
Right out of the box, users can put their sensors in inline blocking mode using a VRT-recommended set of Sourcefire IPS rules. Customers can rely on the VRT to provide them an up-to-date, recommended ruleset that offers full protection against the very latest reported vulnerabilities. Appliances are available in a Plug-n-Protect architecture that allows sensors to be up and running in minutes.

Sophisticated Reporting System
Sourcefire offers a highly flexible and customizable reporting system, providing users with complete control over each report’s content and display of the data. This flexibility enables administrators to easily define templates for managers, analysts, or compliance auditors. Reports can be output in CSV, HTML, PDF, or text formats, and can be automatically distributed periodically to email recipients.

IPv6 Compliance
Sourcefire's commitment to IPv6, the newest version of the Internet Protocol, enables you to extend the intrusion prevention capabilities of Sourcefire IPS into next-generation networks. Support for IPv6 traffic includes full packet analysis of regular and tunneled attacks, as well as features to stop evasions and normalize traffic in IPv6 networks.

SourceFire 3D Throughput
 

Home - About Us - Solutions - Products - Services
©2008 ValueSYS, All Rights Reserved