Intrusion Detection Systems: Sourcefire
Jan 05, 2009, 20:03 (0 Talkback[s])
(Other stories by Jeff Goldman)
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
"At the same time, Perry says a company that standardizes on
another product and is unhappy with it will sometimes turn to Snort
(rather than Sourcefire). "They'll throw up the Snort open source
sensor in parallel so they can defend through that," he says.
"That's one time when they might not have gotten approval to buy
another product, so they'll run the free open source stuff."
Enterprise threat management
"One of the key improvements in Sourcefire's latest release,
Perry says, was the addition of a widget-based dashboard to the
interface. Every customer, she says, wanted something different in
the interface, so widgets seemed like the perfect answer. "You can
decide which widgets are on your dashboard--what you want to see,"
she says. Another recent addition to the Sourcefire offering, Perry
says, was RUA (Real-time User Awareness). "It lets you know who's
at the machine that's being attacked or attacking, so you're able
to start policing and forcing compliance in the network:"