Security News and Opinions
What is Sourcefire?
In response to recent news that Cisco Systems has purchased Sourcefire, I thought I would begin by telling you a bit about the latter technology. Sourcefire is a network security company offering solutions such as Next-Generation firewalls and IPS, as well as malware protection applications. Probably the most widely known Sourcefire product is their open source IPS, Snort. Billed as a powerful, effective IDS/IPS, Snort offers the technically savvy administrator hands-on, CLI-interface views into IPS technology.
Persuant to Snort, Sourcefire offers an enterprise-ready IPS solution. These appliances protect your network from unauthorized attackers through adaptive rule bases that use awareness and automation calculations to ensure your data is kept free of unwanted malware, attacks and other malicious code. The appliance monitors your network and analyzed the behavior to keep up to date adjustments on which rules to apply and what traffic to stop from entering your environment.
Malware is on the rise and companies are looking for ways to prevent infections before they occur. New technologies, like Sourcefire's FireAMP, show that traffic can be analyzed before a full-blown attack can take place. The system is metamorphic and can analyze traffic for known malware along with suspicious patterns to defend your perimeter. FireAMP helps administrators find out where a malware infection began as well as what triggered it.
Cisco Systems is known for their superb, yet pricey, networking equipment so it comes as no surprise that they would purchase Sourcefire in an attempt to increase their play in the network security market for enterprises. With a large portions of customers in the networking niche already, Cisco, I assume, hopes to become more involved in protecting the very equipment and infrastructure that they have spent many years perfecting.