This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Sourcefire launches next generation firewall

Share this article:

Sourcefire has entered the next generation firewall sector with the launch of its latest appliance and platforms.

According to the company, the Sourcefire Next Generation Firewall combines powerful IPS threat prevention, integrated application control and firewall capabilities in a high-performance security appliance.

Speaking to SC Magazine, Sourcefire's director of product management Jason Lamar, said that businesses are now facing a dynamic environment and a solution hinges on next generation security. He also said that users want more contextual awareness of the environment that they are trying to protect.

He said: “We see it as a critical innovation: it is not just technology but how you use it. Today users make a compromise and are forced into a decision with just a firewall and a more evasion problems. If they know what they have got, then with contextual awareness they can suggest solutions for policy and prevention.”

Lamar said that the Sourcefire next generation firewall is built out of innovation in its next generation intrustion prevention system (IPS), and that it does not buy into the concept of the ‘next generation firewall'.

“You need app control, that is why we invented it in 2003, as a level is needed. But it is too simplistic to say ‘kill all of the attack vectors with policy ‘, as solutions should enable something that would otherwise be blocked,” he said.

“App control is a logistical extension to policies and another way to enforce policies, but it is not enterprise security. We believe customers want a better quality alternative and don't want an IPS with a firewall with a different user interface. They want layered benefits and a platform but do not want to give up prevention and performance in the firewall.”

According to Lamar, the Sourcefire next generation firewall is built on four concepts: app control; access control; threat prevention; and contextual awareness. Lamar said often solutions will have the first three of those, but its addition of contextual awareness is made possible with its FireSIGHT technology that gives a map of the network.

FireSIGHT, according to the company, is an extension of its real-time user awareness from 2003 and offers increased visibility into applications, users, content, hosts, attacks, vulnerabilities, behaviour and changes in a user's environment. It then correlates this information with user identity and reputation intelligence to assess risks and threat impact to make more precise enforcement decisions.

The company's existing FirePOWER platform delivers deep inspection and can be configured at the customer's discretion as an next generation IPS, a next generation IPS with application control or as a next generation firewall, providing the customer ultimate flexibility to deploy appliances to match their infrastructure needs and scale over time.

Lamar said: “This is a growth opportunity for us and we see it as an expectation of the market. Security is a big data problem and our focus is that users have security incident and event management (SIEM) for a reason; to understand what multi-product data is coming in but there is no closed loop. FireSIGHT gets the information and makes the decision so it is good for compliance and governance.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

Google and Facebook offer free cyber-security tools

Google and Facebook offer free cyber-security tools

Google and Facebook have both launched free open-source cyber-security tools this week, designed to help security professionals spot malware and cyber-attacks.

Mixed results for key Government cyber-initiatives

Mixed results for key Government cyber-initiatives

The Government's Verify scheme to confirm IDs is behind scheuduled uptake, but its CISP threat intelligence sharing scheme is ahead of target.

Hundreds of companies face 2,000 cyber-attacks in EU exercise

Hundreds of companies face 2,000 cyber-attacks in EU ...

The European Network and Information Security Agency (ENISA) conducted a 24-hour cyber-exercise in which more than 200 organisations from 25 EU member states faced virtual cyber-attacks from white hat hackers ...