RealTime IT News

Sourcefire Device Busts Bottlenecks at 10Gbps

As enterprise data centers move from 1 gigabit to 10 gigabit-per-second (Gbps) connectivity, security can often be a traffic bottleneck.

Sourcefire  is aiming to break this bottleneck barrier with Sourcefire 3D9800 Sensor, a new appliance that offers intrusion prevention (IPS) , network access control (NAC) , vulnerability assessment (VA) and network behavior analysis (NBA) at 10Gbps speeds.

Of course, pledging such a full suite of security analysis at 10Gbps is not without its challenges.

"Challenges include quickly identifying the most critical threats at multi-gigabit speed, handling full inspection capabilities while minimizing latency and maximizing throughput," Steve Piper, Sourcefire's director of product marketing, told internetnews.com. "And reducing the number of events security analysts need to evaluate in a large traffic stream."

To tackle those challenges, Sourcefire is throwing considerable technology heft into the new Sensor appliance.

The 3D9800 Sensor, which includes 6 1.5 gigahertz (Ghz) dual-core Freescale CPUs, 24 gigabytes (GB) of RAM and 73 GB of disk capacity, also features a unified IPS (in the form of Source's Snort engine), NAC, VA and NBA approach.

By correlating intrusion events with endpoint intelligence collected by Sourcefire RNA (Real-time Network Awareness), impact flags are sent for each intrusion event, enabling security analysts to distinguish high-profile events.

"This can reduce the quantity of actionable intrusion events by up to 99.7 percent, saving massive amounts of time evaluating events and significantly improving overall levels of security," Piper explained.

The 3D9800 Sensor, expected to be available later this year, will also play nice with NAC solutions from other vendors. Piper noted that though Sourcefire has its own NAC technology, users can use Sourcefire's Remediation API  to integrate with third-party NAC solutions, including Cisco NAC, TNC and Microsoft NAP.