Sourcefire releases advanced protection appliance
Network monitoring, post-incident analysis deliver coverage of entire threat lifecycle
Cyber-security solutions provider Sourcefire, Inc today introduced its dedicated Advanced Malware Protection (AMP) appliance, which is designed to defend against sophisticated network malware, from the point of entry, through propagation, to post-infection remediation.
Expanding Sourcefire's AMP offering, the dedicated appliance is built on the FirePOWER platform and, according to Sourcefire, provides increased deployment flexibility for organisations needing immediate protection against advanced malware.
"Given today's threat landscape, advanced malware detection and protection discussions should extend beyond blocking/prevention and highlight security intelligence, analytics, incident detection/response and lessons learned," said Jon Oltsik, senior principal analyst, Enterprise Strategy Group, Sourcefire.
"Organisations need to shift from tools that are mere gateways to an enterprise network security approach for better protection against a broader range of threats and vulnerabilities over time."
Deployed inline, the AMP appliance delivers network protection with malware detection and blocking, continuous file analysis and retrospective security. The solution creates forensic fingerprints of files to identify known malware; tracks file movement; and identifies attack targets for focused remediation. Using Sourcefire's big data analytics, the solution delivers continuous file analysis and retrospective alerting, so that users can be notified of malicious files that have entered their environment, even if they were previously classified as safe.
In addition to the new dedicated appliance, Sourcefire offers AMP for FirePOWER, a license option for next-generation intrusion prevention systems and next-generation firewall solutions. The dedicated AMP appliance includes 100 seats of FireAMP, Sourcefire's advanced malware protection solution for endpoints, mobile devices and virtual networks.
"The combination of the appliances and FireAMP connectors delivers unmatched visibility across the entire enterprise and all threat vectors," Sourcefire said. "Users can see how malware enters, infects and moves through an environment, and can then respond decisively to threats and quickly remediate. Sourcefire is the only vendor to address all of these dimensions of the advanced malware problem.
"Customers also have the flexibility to easily increase protection in the future by enabling application control and additional security functionality on the same device. Today's announcement extends the company's leadership in maximising security effectiveness while minimizing total cost of ownership."
"Networks are constantly evolving and expanding and attackers are taking advantage of any gaps to permeate a network and accomplish their mission," said Martin Roesch, Sourcefire founder and interim CEO.
"Thwarting attacks isn't just about blocking but also about using retrospective security to mitigate the impact once an attacker gets in. Sourcefire's threat-centric approach to security gives organisations continuous visibility, analysis and control across their environment and along the full attack continuum - before, during and after an attack."