Sourcefire strengthens FirePOWER
Tools expanded to cover advanced malware
Cybersecurity solutions provider Sourcefire Inc today announced it has strengthened and expanded its FirePOWER appliance family, providing users with tools to protect against sophisticated malware, advanced persistent threats (APTs) and targeted attacks.
One of the additions is the introduction of advanced malware protection for FirePOWER, which the company said "provides visibility and control of modern threats on the network - from point of entry, through propagation, to post-infection remediation".
"Network-based antimalware detection solutions provide defence in depth for organisations looking to reduce their exposure; however, if performed inline, it should have minimal impact on network performance," said Neil MacDonald, vice president and Gartner Fellow. "Enterprises want solutions that don't require the purchase of an additional appliance, learn and adapt over time and provide historical visibility for retrospective analysis."
Sourcefire also introduced additions to the FirePOWER 7000 Series appliance lineup, and new 5.1.1 software featuring file type detection and control, as well as security intelligence for IP reputation and blacklisting. With the new models, Sourcefire said its performance range now spans from 50 Mbps to 40+ Gbps.
"FirePOWER appliances provide industry-best threat protection with proven performance leadership, and comprise Sourcefire Next-Generation Intrusion Prevention Systems (NGIPS), with and without application control, and Next-Generation Firewall (NGFW) models on a universal platform," the company said.
FirePOWER's advanced malware protection is designed to operate inline to provide continuous network protection and minimise propagation of advanced malware by creating forensic fingerprints of files to identify known malware, track file movement and identify attack targets for focused remediation. Using Sourcefire's security big data analytics, this protection delivers continuous file analysis and retrospective alerting, so that users can be notified of malicious files, even if they were previously deemed safe.
Advanced malware protection for FirePOWER integrates with the collective intelligence of Sourcefire's FireAMP solution. This provides similar protection for devices, enabling visibility into malware trajectory and delivering rapid defence and cleanup to avoid reinfection.
Sourcefire's 5.1.1 software, which is also being announced today, serves as the foundation for FirePOWER- and virtual appliance-based solutions, and includes several new features that enhance network awareness and further strengthen threat prevention.
Features include detection and control of all file types, file protocols and file direction; security intelligence for IP Reputation blacklisting and the alerting to and blocking of botnets, attackers, spam sources and other malicious IPs; Context Explorer to visualise and explore contextual information about most-used applications, hosts and user identity; and updated dashboards and event reporting to provide graphical summary views.
Sourcefire is also expanding the FirePOWER appliance line with the introduction of three new models - extending the FirePOWER performance range from 50 Mbps to 40+ Gbps. The new appliances include the FirePOWER 7010 (50 Mbps), the FirePOWER 7020 (100 Mbps) and the FirePOWER 7030 (250 Mbps). The FirePOWER appliance family provides customers with a powerful universal security platform with the flexibility to support evolving security needs --NGIPS, App Control, NGFW and advanced malware protection -- with scalability to address the widest range of enterprise requirements.
"With this release, Sourcefire has continued to innovate and deliver industry-leading threat protection and performance that can easily scale and evolve with an organization's security needs," said Martin Roesch, founder and interim CEO at Sourcefire.
"Adding advanced malware protection for FirePOWER significantly expands these benefits, helping combat threats before, during and after an attack. This is critical for organizations taking a proactive stance to mitigating the impact of sophisticated malware that can quickly permeate a network."