News Stay informed about the latest enterprise technology news and product updates.

Sourcefire unveils adaptive IPS

Sourcefire, maker and seller of the wildly popular Snort IDS tool, has just unveiled 3D System version 4.7, which it bills as the industry’s “first-ever” adaptive IPS.

While traditional IPS vendors have subscribed to a “one size fits all” model, Sourcefire says 3D System 4.7 lets customers optimize the security and performance of their IPS systems based on the actual network assets they are protecting.

The company also announced the general availability of Sourcefire RUA (Real-time User Awareness), which it says links user identity to security and compliance events, and Sourcefire NetFlow Analysis, which “extends the reach of Sourcefire’s Network Behavior Analysis (NBA) tool to corners of the network where Sourcefire RNA (Real-time Network Awareness) sensors do not exist.”

More from the press release: “Sourcefire’s new Adaptive IPS technology provides users with increased network protection by leveraging endpoint intelligence aggregated by Sourcefire RNA, and other endpoint intelligence solutions to propose Snort IPS rules to enable and/or disable based on the actual assets protected on the network. RNA-Recommended Rules can be generated on an ad-hoc or scheduled basis. RNA’s recommendations can be manually approved or implemented without human intervention.For the first time, IPS technology can actually ‘adapt’ to the network it is protecting, thus maximizing security, minimizing false positives and negatives, and optimizing IPS hardware resources.”

Now, I get suspicious whenever a vendor bills a release as the “first of its kind.” But Sourcefire has been moving aggressively this past year to branch out in different directions. First the company went public, then it bought ClamAV, and now this. Anything the company does is worth following these days.

And so I’m looking for a few willing Sourcefire customers to take this new product for a spin and report back to me with some analysis on the good and/or the bad.

Any takers?

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

Congratulations on unveiling such IPS. But "first ever" is questionable. We at CounterSnipe Technologies have been shipping Surrounding Asset Knowledge based IPS for at least a year. CounterSnipe system gathers information about network assets, network applications and vulnerabilities. Based on this information our IPS system assesses the relevance of an attack and manages alerts accordingly. As a consequence CounterSnipe IPS is much more efficient and reliable. As CounterSnipe do not charge for open source components, our solutions are more economical for our customers. So please do not worry about being seen as the "first of its kind" as you are not. Regards Amar Rathore