Menu
Menu
Sourcefire

Sourcefire

Sourcefire competes in the active intrusion prevention system (IPS) market, moving a step beyond the straightforward signature-based detection of intrusion across the perimeter common with first-generation firewalls.

HQ: Columbia, Maryland, US Website: www.sourcefire.com

Global leader: John Burris, CEO

Core activity: Network security

Revenue: US$55.9 million (FY07 ended December)

Key customers: UBS, Woodside, TVNZ, TransUnion, National Center for Missing and Exploited Children, Federal Home Loan Bank of New York, Reading Football Club (UK)

Employees: 321, full-time and contractual

Sourcefire competes in the active intrusion prevention system (IPS) market, moving a step beyond the straightforward signature-based detection of intrusion across the perimeter common with first-generation firewalls.

Many of the firewall manufacturers have been laggards in moving into this space, says analyst firm Gartner, and this has left the sector open for specialist IPS providers such as Sourcefire.

In an analysis of IPS published in February this year, Gartner placed Sourcefire among the leaders both for “completeness of vision” and “ability to execute”. Sourcefire was founded in 2001 by Martin Roesch, the creator of Snort, a well-respected open source technology for intrusion detection and prevention.

Sourcefire’s current suite is known as 3D — for Discover, Determine, Defend. This combines four security technologies:

Intrusion Prevention: Use of the Snort engine and correlation of security events with threat, endpoint and network intelligence aimed to reduce false positives and negatives.

Network Behaviour Analysis: Prevent the spread of worms, trojans and other malware inside an organisation by establishing normal traffic patterns (“baselining”) and detecting subsequent network anomalies.

Network Access Control: Create and enforce IT network compliance policies.

Vulnerability Assessment: Use of “passive” listening and “active” scanning technologies, to catalogue assets and uncover vulnerabilities.

All four measures are controlled from one console. Stephen Bell

Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!

Error: Please check your email address.
Show Comments