View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
December 5, 2011

Sourcefire takes wraps off next-gen firewall

Contextual awareness and visibility are key to defending against modern threats, company says

By Steve Evans

Intrusion prevention systems (IPS) maven Sourcefire has finally revealed details of its long-awaited move into the next-generation firewall (NGFW) market.

Sourcefire’s take on the NGFW is to bring its next-gen IPS system into a single appliance alongside application control and firewall capabilities. The company says it is the first firewall to combine visibility, adaptive security and advanced threat protection.

The company claims that approaching the NGFW market from the IPS side can offer it the contextual awareness that traditional platforms cannot offer. In many cases, an IPS wrapped up in a firewall is nothing more than unified threat management (UTM), and is not capable of dealing with the changing threat landscape businesses are facing today, Sourcefire says.

The Sourcefire Next-Generation Firewall uses the company’s FireSIGHT technology to provide visibility into more than 1,000 applications as well as users, content, hosts, attacks, vulnerabilities, behaviour and changes in a user’s environment. It can then use identity and reputation intelligence to assess the threat level.

The NGFW also uses Sourcefire’s FirePOWER platform, which customers can configure to be an NGIPS, an NGIPS with application control or an NGFW.

Sourcefire’s approach to the NGFW market – coming at it from the IPS side – means it will be better equipped to protect users from modern day threats, CTO Marty Roesch told CBR earlier this year.

"If you look at the vendors that are building NGFW almost all are coming at it from the firewall direction to build IPS, and we’ve already got the best IPS on the planet. We think building application control is not as difficult as building a world class IPS," he said. "I think there is going to be a market for our approach, leveraging our awareness technologies for self-tuning systems and things like that. I think companies will want to work with a security vendor first, not a compliance or network management vendor."

Content from our partners
Powering AI’s potential: turning promise into reality
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline

It offers granular controls over certain web applications, so for example all employees may be allowed to look at Facebook but only people in the marketing department are allowed to post to it. The platform also offers URL filtering so certain URLs can be blocked based on user and user group while non-business URLs can be filtered by category.

Management is done from a centralised dashboard, which offers visibility into devices, access policy management and reporting.

"Other NGFW solutions force customers to make tradeoffs between control, prevention, performance and manageability. The Sourcefire Next-Generation Firewall includes our industry- leading NGIPS and provides the user the power and confidence to prevent and respond to complex threats with the granular control required today," Roesch added in a statement.

Sourcefire’s NGFW is available in two models: The 3D8140 and 3D8250. The 8140 offers 10Gbit/s throughput (6Gbit/s threat-inspected throughput) with three network module slots and 12 ports, while the 8250 provides 20Gbit/s throughput (10Gbit/s threat-inspected throughput) and seven network module slots and 28 ports.

The release brings Sourcefire into direct competition with the likes of WatchGuard, Palo Alto Networks and StoneSoft.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.