SOURCEFIRE Unveils FireAMP Virtual and Virtual Next-Generation IPS

Sourcefire, Inc., a leader in intelligent cybersecurity solutions, today announces its latest solutions to address critical customer needs for virtualized security -- FireAMP™ Virtual and Virtual Next-Generation Intrusion Prevention Systems (NGIPS) with application control.

The new solutions deliver Information Superiority by providing large enterprises and government organizations the visibility and control required to address the dynamic nature of constantly changing virtual deployments and evolving threats targeting those systems.

Sourcefire’s comprehensive approach connects physical and virtual security elements, while also integrating network and application awareness with big data analytics for increased security intelligence.

Detailed view of a threat detected by FireAMP Virtual

According to Soucefire Malaysia’s Country Manager, Ivan Wen that Sourcefire’s virtual solutions are just the latest example of the company’s commitment to protecting organisations from the most sophisticated attacks – whether on physical, mobile or virtual systems.

Garner’s Research Director, Eric Ahlm shares that any security control that depends on detecting information of interest from the network is ineffective in the virtual switch unless the control itself resides or can see the data traffic in the virtual network.

“The challenge is that not all network security controls have visibility into the virtual network that resides in the hypervisor. This can create blind spots in security controls that are monitoring only the physical network. Attacks that happen on the virtual switch will go undetected until they happen on a physical network with security controls,” adds Ahlm.

Sourcefire® Virtual Real-Time Visibility, Control and Protection

The Sourcefire’s FireAMP Virtual protects VMware virtual instances from advanced malware and stops threats that bypass other security layers. The technology leverages cloud-based detection capabilities to analyze and block malware.

It also uses Cloud Recall™ to provide continuous analysis of historical file activity to discover and remediate threats that were previously missed. Designed for VMware environments, FireAMP Virtual increases efficiency through integration with the agentless VMware vShield architecture.

In the other hand, the Virtual NGIPS overcomes the lack of visibility that traditional physical intrusion prevention products have over virtualized environments.

“The Sourcefire Virtual NGIPS can inspect virtual machine (VM)-to-VM communications, providing full NGIPS capabilities to protect VMware-based virtual networks. It also provides optional URL filtering to reduce the surface area of attack.”

“As with physical assets, security in a virtualized setting should be about more than just stopping attacks; organisations also need to continually drive visibility, control and management. Sourcefire’s virtual solutions give organizations the confidence to launch or expand virtualized systems by offering insight and protection throughout their changing enterprises,” ends Ivan.