Next-Generation Intrusion Prevention System (NGIPS)

Improved Security and Reduced Administrative Burden through Contextual Awareness

Traditional IPS solutions have advanced significantly in their ability to defend networks against a barrage of attacks, yet the problem most often cited by IT security administrators remains Intrusion Prevention System management.

The root of the problem is determining which IPS rules to enable for your network and sifting through endless intrusion alert logs to separate what’s relevant from what’s not. In addition, PCI DSS and other regulations have further increased management burden by demanding visibility into which users are associated with specific IPS events and network activities. What’s needed is a level of automation to reduce the management burden required with a traditional Intrusion Prevention System.

The Sourcefire® Next-Generation IPS (NGIPS) raises the bar for IPS technology by integrating real-time contextual awareness into its inspection. By passively scanning the network, the Sourcefire NGIPS becomes fully aware of network devices, applications, behaviors, and identities on your network. This information is then used to automatically prioritize events, configure IPS rules, block suspicious behavior, and quickly resolve user identities from IP addresses. This increased level of contextual awareness reduces Intrusion Prevention System administration and enables automation by:

•    Enabling IPS rules based on network composition
•    Reducing the number of intrusion alerts by prioritizing events
•    Blocking suspicious behaviors by comparing traffic flows to baselines
•    Identifying users by quickly resolving IP addresses to identities

www.sourcefire.com

Click here to activate Sourcefire 3D® System Demo