Sourcefire’s comprehensive approach connects physical and virtual security elements, while also integrating network and application awareness with big data analytics for increased security intelligence. Continuous monitoring and threat protection ensures that users can structure appropriate network defenses and respond comprehensively and systematically across the entire security infrastructure.
“Any security control that depends on detecting information of interest from the network is ineffective in the virtual switch unless the control itself resides or can see the data traffic in the virtual network,” said Eric Ahlm, Research Director at Gartner. “The challenge is that not all network security controls have visibility into the virtual network that resides in the hypervisor. This can create blind spots in security controls that are monitoring only the physical network. Attacks that happen on the virtual switch will go undetected until they happen on a physical network with security controls.”1
Sourcefire® Virtual Real-Time Visibility, Control and Protection
FireAMP Virtual protects VMware virtual instances from advanced malware and stops threats that bypass other security layers. The technology leverages cloud-based detection capabilities to analyze and block malware and lets enterprises create custom signatures to address newly discovered threats. It also uses Cloud Recall™ to provide continuous analysis of historical file activity to discover and remediate threats that were previously missed. Designed for VMware environments, FireAMP Virtual increases efficiency through integration with the agentless VMware vShield architecture. Customers deploying both FireAMP and FireAMP Virtual benefit from having seamless visibility and control to identify and remediate advanced malware across their entire environment.
Virtual NGIPS overcomes the lack of visibility traditional physical intrusion prevention products have over virtualized environments, with the ability to deliver application control along with a virtual management console. Sourcefire Virtual NGIPS can inspect virtual machine (VM)-to-VM communications, providing full NGIPS capabilities to protect VMware-based virtual networks. It also provides optional URL filtering to reduce the surface area of attack.
Sourcefire, Inc. (Nasdaq:FIRE)
Sourcefire, the Sourcefire logo, Snort, the Snort and Pig logo, Agile Security and the Agile Security logo, ClamAV, FireAMP, FirePOWER, FireSIGHT and certain other trademarks and logos are trademarks or registered trademarks of Sourcefire, Inc. in the United States and other countries. Other company, product and service names may be trademarks or service marks of others.
1 Gartner “Market Trends: Virtual Data Center Security, Worldwide, 2012,” by Eric Ahlm, June 28, 2012
For further information, please contact:
OAK Consulting FZ LLC