Sourcefire 3D System

Sourcefire 3D System is a network security system which in real time adapts to the available threats and changes that allows to protect network to, in time and after the attack. 3D System catches any violations of security policies, correlates events of information security from all points of corporate network, for the purpose of identification of the difficult attacks, carries out risk analysis on the basis of which operations on minimization of unacceptably high risks are performed. Also Sourcefire 3d System allows to increase the level of security and to carry out updating of network devices for the purpose of minimization of damage from any attack. It is based on an open source code, it is considered the standard de facto for systems of detection of the attacks. This solution includes three simple stages of protection of the circle of the customer — IPS, adaptive IPS and management of threats of the enterprise (Enterprise Threat Management, ETM). Each stage is based on advantages and resources of previous and includes additional functions for optimization of protection of corporate network.

The solution Sourcefire 3D System (Intrusion Detection/Prevention System) with success passed all tests of independent laboratory NSS Labs and set a new record in the field of detection and an intrusion prevention, having reflected 98% of all attacks. Results of tests demonstrate that the IPS technology from Sourcefire is the most advanced in the market and offers the most effective methods of detection and blocking of invasions, in comparison with other solutions of this class.

For two years the solution IDS/IPS Sourcefire wins first place on the accuracy and completeness of detection and an intrusion prevention among all tested products and receives the highest rating of "Recommend" It ("is recommended") from NSS Labs. The declared capacity of the 3D IDS/IPS Sourcefire sensor of 4500 - 2 GB/sec., however during tests the indicator - 3.2 GB/sec. was reached that exceeds the level stated by vendor. Moreover, in this category it is the best result among all tested IDS/IPS models of solutions.

Other results of tests of efficiency of the solution of Sourcefire:

• For 98% protection against network invasions is provided;
• 99% of accuracy at detection of the purposeful attacks;
• 98% of accuracy in recognition of the vulnerabilities detected during the period from 2004 to 2010;
• 100% of efficiency in detection the technician of a bypass of the systems of protection against invasions.

Intended for the help to IT specialists in solving of tasks at the choice of products of information security, reports of independent laboratory NSS Labs provide the objective data obtained on the basis of the tests which are carried out in real working conditions. Using similar testing methodologies, the NSS Labs laboratory compared 13 IDS/IPS solutions of a corporate class. Systems were tested by 1179 relevant "exploits" (programs for the attacks and "cracking") and six various technicians of a bypass in 75 tests. All solutions were checked twice. The first time settings of security policies by default were used, in the second – settings of technical experts from each vendor were applied. Marks were put down on the basis of efficiency of security, performance, total ownership cost. On the basis of cumulative results tested, each product received the status "Recommend" It ("is recommended"), "Neutral" ("neutrally"), or "Caution" ("carefully"). Only the best products received the status It "is recommended". Extent of presence in the market, brand recognition or the size of the company were not taken into consideration.

Sourcefire 3D8000 Series

Sourcefire 3D8000 Series devices with FirePOWER technology set new standards for hardware solutions of the class IPS. They are developed taking into account all requirements of the corporate sector and have flexibility of a configuration, low initial cost and provide high-speed processing of network traffic. A new series of devices 3D8000 is based on advanced technology of acceleration of FirePOWER providing the highest performance at the reduced energy consumption and also offering the universal architecture supporting other solutions of information security of Sourcefire. The new hardware platform offers users capacity at the level of 40 GB/sec. and the speed of work of IPS in actual practice up to 20 GB/sec. Besides, thanks to put in 3D8000 of Series of scalability, new devices will be able to work in clusters with capacity of 80 GB/sec. and speed of IPS – 50 GB/sec. Thus, the most exact solution of the class IPS in the world now also the fastest.