Sourcefire is a world leader in intelligent cybersecurity solutions.Next-Generation Intrusion Prevention System (NGIPS)
Automate Security with Contextual Awareness

Today's networks are highly dynamic. New technologies add complexity, and the number and type of applications and systems on your network continues to grow. Information security risks multiply in number and scale as attackers become more sophisticated—and stealthy.

Sourcefire Next-Generation IPS raises the bar for IPS technology by integrating real-time contextual awareness into its inspection. The system gathers information about network and host configurations, applications and operating systems, user identity, and network behavior and traffic baselines. By having the utmost visibility into what's running on your network, NGIPS offers event impact assessment, automated IPS tuning, and user identification to significantly lower the total cost of ownership.

How the NGIPS Uses Contextual Awareness to Fuel Intelligent Automation
Network Awareness
Continual network visibility, including new hosts entering the network, network and host configuration changes, and IT policy compliance.
Automated Tuning & Impact Assessment Reduces Costs
Automatically determine threat relevancy, threat severity, and self-tune to defend against attacks; increasing security, maximizing throughput, and reducing operational costs.
Application Awareness
Identify application traffic that is traversing the network to define application policies and management.
Application Policy Management Improves Visibility
Control your acceptable use policy (AUP) by automatically identifying the types of applications on your network and recognizing policy violations.
Identity Awareness
Improve audit controls and regulatory compliance by linking events directly to individual users.
User Identity Tracking Speeds Incident Resolution
Automatically link Active Directory and LDAP users to events so you know exactly who to contact when time is of the essence.
Behavior Awareness
Detect and quarantine internal threats by establishing "normal" traffic baselines and detecting network anomalies.
Network Behavior Analysis Increases Network Visibility
Monitor bandwidth consumption, troubleshoot network performance degradation, and automatically quarantine internal hosts with malware before it spreads.

Sampling of Application Awareness Provided by NGIPS

  • AIM
  • Clarizen
  • eTrade
  • Facebook
  • Gmail
  • Jabber
  • Lotus
  • NetBotz
  • Oracle
  • Outlook
  • Scottrade
  • Skype
  • WebEx
  • Windows Messenger
  • Twitter
  • Yahoo Mail

Leveraging the Open Architecture

SnortPowered by Snort
Created by Martin Roesch, the founder of Sourcefire, Snort is the single most widely deployed intrusion detection and prevention technology in the world. With nearly 4 million downloads and over 326,000 registered users, collaboration with the Snort community offers advanced threat protection. Plus, the open architecture provides the ability to view, edit, and create Snort rules. Each commercial Sourcefire IPS integrates the power of Snort:

Vulnerability Research Team (VRT)Backed by Sourcefire Vulnerability Research Team™ (VRT)
The Sourcefire VRT is a group of leading security experts that maintain the open source community rule set and develop the official Snort rules used by the Sourcefire IPS solutions. The comprehensive threat protection offered by Sourcefire is consistently ranked number one. View the NSS Labs Network IPS Individual Product Test Results for the most recent proof. The Sourcefire VRT:

Seamless Third-party Integration
Because of its open source flexibility, you can quickly and easily integrate Sourcefire IPS solutions with a variety of third-party technologies. Our technology partners include vulnerability management systems, security information and event management (SIEM) applications, network access control (NAC), network forensics, and more. System interoperability provides numerous benefits:

IPS and NGIPS Hardware and Technology

Sourcefire IPS and NGIPS solutions take advantage of the best hardware technology in the industry, providing IPS inspected throughput options ranging from 20Gbps down to 5Mbps. Upgrading Sourcefire IPS to NGIPS is as easy as adding a license to your software.

The new Sourcefire 3D8000 Series appliances offer interface modularity, expandability, and scalability. Modularity provides a low entry-price and enables you to choose the number of ports and media type for your network and swap out interface types as needed. Expandability gives you the option to pay for network interfaces as you grow. Scalability enables you to add additional processing power through appliance stacking.

At the heart of the new 3D8000 Series appliances lies the breakthrough FirePOWER™ acceleration technology, providing market-leading performance with greater energy efficiency.

All Sourcefire 3D Sensors operate in either inline intrusion prevention or passive intrusion detection modes and come with fail-open capabilities standard to safeguard constant network availability.

Looking for something else? We offer a range of IPS solutions as well as several complementary products to protect your network. Check out the Sourcefire 3D® System offering to find the solution that's right for you.