Sourcefire is the world’s leading manufacturer of cyber security solutions. Sourcefire’s flagship intrusion detection and prevention systems (IDS/IPS) are at the centre of its security solutions product family. Sourcefire includes Next-Generation IPS (NGIPS), Next-Generation Firewall with NGIPS and complementary products that can work standalone to protect your organisation.

What is Next-Generation Firewall?

Next-Generation Firewall (NGFW) is a network security device that provides features beyond a traditional, stateful firewall. While a traditional firewall typically provides stateful inspection of inbound and outbound network traffic, a next-generation firewall includes additional features such as application awareness and control, integrated intrusion prevention, and threat intelligence delivered via the cloud.

What is Sourcefire Next-Generation IPS?

Sourcefire Next-Generation IPS sets a new standard for advanced threat protection by integrating real-time contextual awareness, intelligent security automation and unprecedented performance with industry-leading network intrusion prevention. Sourcefire NGIPS offers visibility, automation, flexibility and scalability to protect today’s dynamic environments against increasingly sophisticated threats.

The Sourcefire Next Generation Intrusion Prevention System (NGIPS) is built from the ground up to equip security teams with the protection they need in today’s rapidly changing environments. Building on the core competencies of contextual awareness and automation, recognised by Gartner as key components of Next Generation Network IPS, and further enhanced by the Sourcefire FirePOWERTM performance platform and sophisticated Sourcefire FireSIGHTTM network intelligence, Sourcefire’s NGIPS offers features that set it apart from the competition.

Because of its open source flexibility and comprehensive interfaces (APIs), Sourcefire NGIPS solutions quickly and easily integrate with a variety of third-party technologies, including vulnerability management systems, security information and event management (SIEM) applications, network access control (NAC), network forensics and more.

Real-Time Contextual Awareness

See and correlate large amounts of event data about IT environments through applications, users, devices, operating systems, vulnerabilities, services, processes, network behaviour, files and threats.

Advanced Threat Protection

Protecting against the latest threats, Sourcefire offers the best in threat prevention, validated by independent third-party testing and thousands of satisfied customers worldwide

Smart Security Automation

Automated event impact assessment, IPS policy setting, policy management, network behaviour analysis and user identification significantly reduce total cost of ownership and improve the ability to adapt to changing environments.

Exceptional Performance and Scalability

Purpose-built devices feature a low-latency, single-pass design for unprecedented performance and scalability.

Application Control and URL Filtering

Reduce the attack surface area with on-demand granular control of more than 1200 applications and hundreds of millions of URLs in more than 80 categories.

Real-Time Contextual Awareness

A network security appliance that is not optimised to protect your unique network environment and configured with a “default” policy cannot properly defend your network because it does not know what it is protecting. But Sourcefire is different. Since 2003, Sourcefire has been aggregating network intelligence to provide “context” to network security defences.

Sourcefire FireSIGHTTM provides users with total network visibility, including physical and virtual hosts, operating systems, applications, users, content and potential host vulnerabilities.

Advanced Threat Protection

Sourcefire helps you combat next-generation threats to your network with FirePOWER. IP reputation blacklisting prevents connections to botnets, attackers, spam sources and other malicious IPs. Network Advanced Malware Subscription, optional for FirePOWER appliances, provides malware detection/blocking, continuous analysis and retrospective alerting, and leverages Sourcefire’s broad cloud security intelligence.

Through the combination of vulnerability-based IPS rules, custom IPS rule creation, security intelligence for IP, and file reputation capabilities, Sourcefire customers have more options than any other IPS provider to defend their systems.

Intelligent Security Automation

Automation is critical to keep pace with advanced threats despite resource limitations. IT security must strive to work smarter, not harder, to meet business demands. Sourcefire NGIPS uses contextual awareness to support intelligent automation.

Key Capabilities
  • Defence and system performance optimisation through automation of protection policy updates based on network changes
  • Reducing “actionable” security incidents by up to 99% by correlating threats and vulnerabilities to operating systems and applications
  • Alert in case of configuration policy violations or unauthorised system access
  • Detect malware based on “normal” network traffic and through the detection of network anomalies

Additional Protection Through Application Control and URL Filtering

Sourcefire NGIPS customers can take contextual awareness to the next level with optional Application Control and URL Filtering features. Exploiting applications is one of the most common threat vectors for attackers today. Organisations can go beyond identifying applications to achieve even greater protection by granularly controlling application usage and access. In addition, by controlling access to more than 280 million URLs in more than 80 categories, organisations can reduce complex client-side attacks and increase employee productivity. With granular control of applications and web access, organisations can improve their overall network security posture by reducing attack surface areas.

Key Capabilities
  • Snort IPS detection engine
  • Network intelligence
  • Impact assessment
  • User identification
  • Automatic policy setting
  • Network behaviour analysis
  • Basic level forensic
  • File type determination
  • Application control
  • URL filtering
  • Advanced malware protection

Complementary Sourcefire Products

Next-Generation IPS (NGIPS): A new standard for advanced threat defence. Real-time awareness integration, intelligent security automation and unrivalled performance. All this is brought to you by the leader of the IPS industry. The NGIPS solution is an expandable solution with Control Licences and application and user control functions.

Next-Generation Firewall (NGFW): This firewall, which includes the world’s most powerful NGIPS solution, is a high-performance security product with its granular structure and advanced firewall functionality.

Advanced Malware Protection for FirePOWER™: It is a solution that provides comprehensive defence, detection and blocking of malware. This solution enables continuous and historical analysis and leverages Sourcefire’s extensive cloud security intelligence. It can be activated with an additional subscription on the FirePOWER device. So you have this security software when you need it, without the need for an additional device.

Advanced Malware Protection (AMP) Device: It provides advanced detection and blocking of malicious software on your own network. It also provides continuous and retrospective analysis of these security processes. The device, which is designed specifically for this job, is aimed at the urgent and special protection needs of organisations against malicious software. The AMP device can be extended for other security needs by including Application Control. All purpose-built Sourcefire devices are managed in inline or passive mode and provide a standard with programmable features to ensure a stable network.