Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

6/25/2009
10:39 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Sourcefire Announces Virtual Appliances

Sourcefire 3D System 4.9, with the new Sourcefire Virtual 3D Sensor and Sourcefire Virtual Defense Center, enable users to deploy the company security solutions within their virtual environments

COLUMBIA, Md., June 25, 2009 " Open source innovator and Snort' creator, Sourcefire, Inc. (Nasdaq:FIRE), a leader in Cybersecurity, today announced the Sourcefire 3D System 4.9, with the new Sourcefire Virtual 3D Sensor and Sourcefire Virtual Defense Center. These new virtual appliances will enable users to deploy the company's leading security solutions within their virtual environments, increasing protection for both physical and virtual assets. Available during the second half of 2009, the Sourcefire 3D' System 4.9 also features the industry's first Policy Layering capabilities that deliver increased customization for large or multi-organizational networks, including cloud or virtual implementations.

With the new Virtual 3D Sensor and Virtual Defense Center, Sourcefire is enabling customers to:

  • Secure virtualization " Protecting virtual infrastructure from internal and external attacks with virtual security appliances
  • Virtualize security " Leveraging cost- and energy-saving benefits of virtual security appliances to improve security efficiency

    As part of the Sourcefire 3D System 4.9, the new virtual appliances allow organizations to inspect traffic between virtual machines, while also making it easier to deploy and manage sensors at remote sites where resources may be limited. They also enable Managed Security Service Providers (MSSPs) and cloud computing companies to easily implement Sourcefire's leading security solutions for increased protection. MSSPs can configure multiple Virtual Defense Centers to support multiple customers from a single VMware server, increasing the efficiency of management efforts.

    "As companies move more of their critical information and applications into virtual environments, it is becoming increasingly important to implement innovative security solutions to protect those assets," said Tom McDonough, President and COO at Sourcefire. "The new Virtual 3D Sensor and Defense Center deliver leading protection for both physical and virtual environments, so that our customers are never forced to sacrifice security or efficiency. They will have the flexibility to select the physical or virtual solution to meet their specific infrastructure requirements."

    Users can deploy Virtual 3D Sensors on VMware ESX and ESXi platforms to inspect traffic between two or more virtual machines (VMs), while also using physical Sourcefire 3D Sensors to inspect traffic going into and out of a VMware virtual environment. Deployed as software running within VMs, the Virtual 3D Sensor also makes it easier for users to inspect traffic on remote segments of the network where local IT security resources may not exist (e.g., retail stores, remote offices) or where little rack space remains in the datacenter.

    The Virtual 3D Sensor will provide simultaneous execution of Sourcefire IPSTM, RNA' (Real-time Network Awareness) and RUA (Real-time User Awareness) functions. Customers can deploy the Virtual Defense Center to monitor any combination of up to 25 virtual or physical 3D Sensors. They can also opt to monitor their Virtual 3D Sensors from the same physical Defense Center they use to monitor their physical 3D Sensors.

    Policy Management, Visibility and Control for Cloud, Virtual and Large Network Deployments In addition to the new virtual appliances, Sourcefire 3D System 4.9 delivers new policy management capabilities that allow organizations to easily customize security to support the varying user requirements of expansive multi-department/organization networks, as well as virtualization and cloud computing implementations. With the industry's first Policy Layering capability, Sourcefire users can create policy "building blocks" to capture specific Intrusion Prevention System (IPS) requirements by organization, by site, by department, or even by user.

    Sourcefire is enhancing its market-leading dashboard to include new custom query widgets, providing users with increased control over the way data is presented. With Sourcefire 3D System 4.9, Sourcefire is also improving the overall manageability and detection accuracy of RNA to include new application and service detectors, auto-configuration and simplified packet-level forensics.

    The Sourcefire 3D System 4.9 release, including the Virtual 3D Sensors and Virtual Defense Center, will be available during the second half of 2009. For more information, please contact a Sourcefire Sales representative or your local reseller.

    About Sourcefire Sourcefire, Inc. (Nasdaq:FIRE), Snort creator and open source innovator, is a world leader in Cybersecurity solutions. Sourcefire is transforming the way Global 2000 organizations and government agencies manage and minimize network security risks. Sourcefire's IPS and Real-time Adaptive Security solution equips customers with an efficient and effective layered security defense " protecting network assets before, during and after an attack. Through the years, Sourcefire has been consistently recognized for its innovation and industry leadership by customers, media and industry analysts alike " with more than 40 awards and accolades. Today, the names Sourcefire and founder Martin Roesch have grown synonymous with innovation and network security intelligence. For more information about Sourcefire, please visit http://www.sourcefire.com.

     

    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 7/2/2020
    Ripple20 Threatens Increasingly Connected Medical Devices
    Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
    DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
    Dark Reading Staff 6/30/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    How Cybersecurity Incident Response Programs Work (and Why Some Don't)
    This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
    Flash Poll
    The Threat from the Internetand What Your Organization Can Do About It
    The Threat from the Internetand What Your Organization Can Do About It
    This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-9498
    PUBLISHED: 2020-07-02
    Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed...
    CVE-2020-3282
    PUBLISHED: 2020-07-02
    A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attack...
    CVE-2020-5909
    PUBLISHED: 2020-07-02
    In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified.
    CVE-2020-5910
    PUBLISHED: 2020-07-02
    In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
    CVE-2020-5911
    PUBLISHED: 2020-07-02
    In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.