Intrusion prevention systems (IPS) maven Sourcefire has finally revealed details of its long-awaited move into the next-generation firewall (NGFW) market.
Sourcefire’s take on the NGFW is to bring its next-gen IPS system into a single appliance alongside application control and firewall capabilities. The company says it is the first firewall to combine visibility, adaptive security and advanced threat protection.
The company claims that approaching the NGFW market from the IPS side can offer it the contextual awareness that traditional platforms cannot offer. In many cases, an IPS wrapped up in a firewall is nothing more than unified threat management (UTM), and is not capable of dealing with the changing threat landscape businesses are facing today, Sourcefire says.
The Sourcefire Next-Generation Firewall uses the company’s FireSIGHT technology to provide visibility into more than 1,000 applications as well as users, content, hosts, attacks, vulnerabilities, behaviour and changes in a user’s environment. It can then use identity and reputation intelligence to assess the threat level.
The NGFW also uses Sourcefire’s FirePOWER platform, which customers can configure to be an NGIPS, an NGIPS with application control or an NGFW.
Sourcefire’s approach to the NGFW market – coming at it from the IPS side – means it will be better equipped to protect users from modern day threats, CTO Marty Roesch told CBR earlier this year.
"If you look at the vendors that are building NGFW almost all are coming at it from the firewall direction to build IPS, and we’ve already got the best IPS on the planet. We think building application control is not as difficult as building a world class IPS," he said. "I think there is going to be a market for our approach, leveraging our awareness technologies for self-tuning systems and things like that. I think companies will want to work with a security vendor first, not a compliance or network management vendor."
Content from our partners
It offers granular controls over certain web applications, so for example all employees may be allowed to look at Facebook but only people in the marketing department are allowed to post to it. The platform also offers URL filtering so certain URLs can be blocked based on user and user group while non-business URLs can be filtered by category.
Management is done from a centralised dashboard, which offers visibility into devices, access policy management and reporting.
"Other NGFW solutions force customers to make tradeoffs between control, prevention, performance and manageability. The Sourcefire Next-Generation Firewall includes our industry- leading NGIPS and provides the user the power and confidence to prevent and respond to complex threats with the granular control required today," Roesch added in a statement.
Sourcefire’s NGFW is available in two models: The 3D8140 and 3D8250. The 8140 offers 10Gbit/s throughput (6Gbit/s threat-inspected throughput) with three network module slots and 12 ports, while the 8250 provides 20Gbit/s throughput (10Gbit/s threat-inspected throughput) and seven network module slots and 28 ports.
The release brings Sourcefire into direct competition with the likes of WatchGuard, Palo Alto Networks and StoneSoft.
