Intrusion-prevention system expert Sourcefire is expanding into the next-generation firewall market with a new context-aware appliance that analyzes applications on the network.
Sourcefire is expanding its
network-security portfolio with a new next-generation firewall to provide context
awareness and deep packet-inspection capabilities.
The new product line
combines next-generation firewall, context-aware technologies, integrated application
control and intrusion-prevention systems into a single appliance, the company
said Dec. 5. Expected to ship Dec. 23, the two appliances provide enterprises with
visibility, adaptive security and advanced threat protection, the company said.
The 3D8140 NGFW Edition is a
1U appliance with up to 10G bps firewall stateful packet inspection and 6G bps
threat inspected throughput. The 3D8250 NGFW Edition is 2U in size, and provides
up to 20G bps of packet inspection and 10G bps threat-inspected throughput. The
appliances combine the company's existing intrusion-prevention system with the
new firewall capabilities. The company plans to expand the next-generation
firewall line by integrating the capabilities into the existing IPS platform,
"As enterprises seek to
increase their protection efforts, they are looking for solutions that offer
the agility to be effective in the face of modern threats," said Martin Roesch,
Sourcefire founder and CTO.
Organizations are beginning
to question the efficiency of traditional firewalls, which generally scan and
block traffic on the port level, Roesch wrote on the Sourcefire blog. Customers
were interested in the application controls available with next-generation
firewalls, but "were hesitant" to make the shift due to performance
and quality concerns, Roesch said. Existing products "cobble together
inferior components" that are linked to traditional firewalls and are
"bolted on" to basic intrusion-detection systems, according to
The new Sourcefire
appliances can be a next-generation firewall, intruder-prevention system, or an
IPS with application control. "Large organizations need flexibility and
scalability in their organizations and that doesn't just come down to speeds
and feeds," Roesch wrote.
Sourcefire announced their
plans to enter the firewall space just over a year ago. Next-generation
firewalls add filtering capabilities for the application layer to give
administrators some context for the packets flowing across the network. The IPS
market is expected to reach $2 billion by 2014, and the market for next-generation
firewalls will reach $4 billion, Sourcefire said.
The next-generation firewall
provides increased protection for Sourcefire customers by combining the ability
to identify and provide granular controls for more than 1,000 applications,
Sourcefire said. Despite the importance of application controls and threat-prevention
capabilities, Sourcefire does not downplay the need for firewalls, Roesch said.
Customers are expected to
gradually deploy context-aware controls to understand what kinds of
applications are being used even while they keep traditional firewalls in
place, according to Sourcefire.
Companies want "true
integration at the engine level," Roesch wrote.
An optional URL Filtering
Service provides granular control over Website access and content. The
FireSIGHT intelligence technology provides context awareness to give
administrators and security professionals total visibility of what is happening
on the network as well as to take advantage of intelligent security automation
to block threats. The Sourcefire 3DS system split out the packet-filtering
classification from the decision and analysis components in the firewall so
that it can be load-balanced across multiple processors.