Linux Today: Linux News On Internet Time.

Intrusion Detection Systems: Sourcefire

Jan 05, 2009, 20:03 (0 Talkback[s])
(Other stories by Jeff Goldman)

"At the same time, Perry says a company that standardizes on another product and is unhappy with it will sometimes turn to Snort (rather than Sourcefire). "They'll throw up the Snort open source sensor in parallel so they can defend through that," he says. "That's one time when they might not have gotten approval to buy another product, so they'll run the free open source stuff." Enterprise threat management

"One of the key improvements in Sourcefire's latest release, Perry says, was the addition of a widget-based dashboard to the interface. Every customer, she says, wanted something different in the interface, so widgets seemed like the perfect answer. "You can decide which widgets are on your dashboard--what you want to see," she says. Another recent addition to the Sourcefire offering, Perry says, was RUA (Real-time User Awareness). "It lets you know who's at the machine that's being attacked or attacking, so you're able to start policing and forcing compliance in the network:"

Complete Story

Related Stories: