Intrusion Detection Prevention Solution With Sourcefire
Content
Symantec™ Intrusion Detection/Prevention
Solution with Sourcefire®
One-stop solution for critical next-generation network intrusion protection
Data Sheet: Symantec Managed Security Services
Over
Overview
view
Symantec™ Intrusion Detection/Prevention Solution with Sourcefire® offers a
complete next-generation intrusion detection and prevention (IDP) solution
comprising industry-leading technology available as a simple subscription contracting
model. It is an ideal solution for companies that prefer to use operating expense
budget rather than capital acquisition budget for procuring their security solutions.
Sourcefire
Sourcefire®® Next Generation
Intrusion Prevention S
Sys
ystem
tem
(NGIPS) Provides:
• Best in category detection Sourcefire rated #1 in tuned
detection by NSS Labs in every
Symantec Intrusion
Intrusion/Detection
/Detection Prevention Solution with Sourcefire
test since 2010. Sourcefire's
Symantec Managed Security Services has teamed with market-leader Sourcefire to
testing resulted in 98.9%
provide a complete network IDP solution. Managed Security Services and the
overall protection across all
Sourcefire NGIPS products required to implement the services are both available
products tested
through subscription choices, and are included in the service-level agreements (SLAs)
1
• NSS Labs rated #1 in stated
offered by Symantec. Symantec’s collection agent was ported to work directly on
performance versus actual
Sourcefire Defense Center™ and Sourcefire 3D™ Sensor products through a combined
performance (Sourcefire's
effort of Sourcefire and Symantec and is fully supported by both companies. This
products run at the speeds
reduces the number of physical devices customers need to install on their networks.
advertised)
Sourcefire support is bound by contractual performance guarantees with
2
• Sourcefire's NGIPS is based on
the Symantec Security Operations Centers (SOCs), ensuring quick and efficient
Snort®, which is owned and
response time and paths to problem resolution.
operated by Sourcefire and is
the most widely deployed
intrusion technology in the
world
3
• Sourcefire's NGIPS provides
packet captures giving
Symantec SOC engineers more
insight into an actual attack
• Sourcefire's NGIPS has been a
leader in the Gartner Magic
4
Quadrant since 2006
1.
NSS Labs Product Analysis, 2012
NSS Labs Product Analysis, 2012
3. Sourcefire Website, http://www.sourcefire.com/security-technologies/network-security/next-generation-intrusion-prevention-system
4. Gartner “Magic Quadrant for Intrusion Prevention Systems” by Greg Young and John Pescatore, 5 July 2012 (ID Number: G00222572). Gartner does not endorse any
vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner
research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties,
expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
2.
1
Data Sheet: Symantec Managed Security Services
Symantec™ Intrusion Detection/Prevention Solution with Sourcefire®
Key benefits
• Proven products - Select from the catalog of Sourcefire products that best meet your price and performance needs.
• Ease of purchase - One-stop shopping for hardware and support.
• Ob
Obsolescence
solescence pro
protection
tection - Guaranteed support for the life of the contract. Sourcefire maintains ownership of the hardware
and will support technology refresh.
• Sub
Subscrip
scription
tion pricing - Recurring subscription fees for hardware devices. Utilize operating budget without capital
acquisition.
Off
Offerings
erings and k
key
ey ffeatures
eatures
Sourcefire is a recognized leader with a broad IDS/IPS line consisting of the following product families:
• Sourcefire NGIPS - Sourcefire NGIPS is built on the core technology of Snort, the world’s most popular intrusion prevention
software, developed by Sourcefire. Snort technology gives Sourcefire IPS the most effective detection and prevention coverage
5
available in the industry. Sourcefire IPS, the foundation of the award-winning Sourcefire 3D® System, uses a powerful
combination of vulnerability- and anomaly-based inspection methods—at line speeds of up to 40 Gbps—to analyze network
6
traffic and prevent threats from damaging your network.
• Sourcefire Def
Defense
ense Center - With Sourcefire Defense Center or Sourcefire Virtual Defense Center™ management console,
customers can analyze events, configure and push IPS policies, automatically download and apply Snort rule updates, and
more. Powered by the Snort detection engine, Sourcefire IPS excels with detailed packet-level forensics and sophisticated,
customizable workflows for investigating security events as they occur.
• Sourcefire Virtual 3D Sensor - Sourcefire Virtual 3D Sensor extends the 3D System to the far corners of the network, where
IT security resources don’t exist or the deployment of physical 3D sensors is impractical (for example, retail locations, remote
offices). It also provides the capability to inspect virtual machine-to-virtual machine communications, offering full IPS
capabilities to protect VMware®-based virtual networks.
• FireSIGHT® - Provides the network intelligence and context you need to respond to changing conditions and threats.
FireSIGHT technology provides total network visibility, including physical and virtual hosts, operating systems, applications,
services, protocols, users, content, network behavior as well as network attacks and malware.
• Sourcefire Application Control - Granular control over port- and protocol-hopping applications, including mobile
applications, that evade traditional firewalls. Enforcement of acceptable use policies and bandwidth controls.
• Sourcefire Adv
Advanced
anced Malware Pro
Protection
tection ffor
or FirePO
FirePOWER™
WER™ - A comprehensive malware defeating solution for networks that
enables malware detection/blocking, continuous analysis, and retrospective alerting and leverages Sourcfire's vast cloud
security intelligence.
In addition to Sourcefire technology, Symantec provides the following service:
• Ho
Hossted Sourcefire Management Console - Utilize our SOC-hosted Sourcefire Defense Center, the nerve center for Sourcefire
3D Systems. The hosted Defense Center is fully operated and managed by Symantec SOC experts and is covered by our SOC
7
uptime service-level warranty.
5.
NSS Labs Product Analysis, 2012
NSS Labs Product Analysis, 2012
7. Limitations apply. Please contact Symantec Sales for more details.
6.
2
Data Sheet: Symantec Managed Security Services
Symantec™ Intrusion Detection/Prevention Solution with Sourcefire®
Symantec Managed Securit
Securityy Ser
Services
vices off
offerings
erings
In addition to the Symantec Intrusiton/Detection Prevention Solution with Sourcefire, other services available include:
• Symantec Securit
Securityy Monitoring Ser
Services
vices - Provides enterprise-wide log retention and real-time security monitoring of
networks and security infrastructures, enabling clients to protect their information assets, and demonstrate compliance with
industry regulations.
• Symantec™ Managed Pro
Protection
tection Ser
Services
vices - Provides expertise to help secure and manage security architectures by remotely
8
delivered change, lifecycle, and incident/fault management for network security infrastructure.
• Symantec DeepSight™ Securit
Securityy Intelligence Solutions - Provides organizations with timely, relevant, actionable intelligence
about emerging threats, threat sources, and vulnerabilities through a customizable web portal and integrated data feeds.
Summar
Summaryy
Partnering with Symantec experts can help your organization dramatically reduce risks and achieve a greater return on your
security investments. By combining the security protection leadership of Symantec Managed Security Services with
Sourcefire's industry-leading security technology, you get optimal security protection in an easy-to-purchase integrated
solution.
More Information
Visit our website
http://go.symantec.com/mss
To speak with a Product Specialist in the U.S.
Call toll-free 1 (800) 745 6054
To speak with a Product Specialist outside the U.S.
For specific country offices and contact numbers, please visit our website.
About Symantec
Symantec protects the world's information and is a global leader in security, backup, and availability solutions. Our innovative
products and services protect people and information in any environment—from the smallest mobile device to the enterprise
data center to cloud-based systems. Our industry-leading expertise in protecting data, identities, and interactions gives our
customers confidence in a connected world. More information is available at www.symantec.com or by connecting with
Symantec at go.symantec.com/socialmedia.
Symantec World Headquarters
350 Ellis St. | Mountain View, CA 94043 USA
+1 (650) 527 8000 | 1 (800) 721 3934 | www.symantec.com
8.
Management Support is limited IDS/IPS management only. Other limitations apply. Please see sales associates for more details.
Copyright © 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec logo, adn the Checkmark logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S.
and other countries. Sourcefire, Snort, and Sourcefire FireSIGHT are trademarks or registered trademark of Sourcefire, Inc. in the United States and other countries. Other names may be trademarks of their
respective owners.
21042031-2 07/13
3
Solution with Sourcefire®
One-stop solution for critical next-generation network intrusion protection
Data Sheet: Symantec Managed Security Services
Over
Overview
view
Symantec™ Intrusion Detection/Prevention Solution with Sourcefire® offers a
complete next-generation intrusion detection and prevention (IDP) solution
comprising industry-leading technology available as a simple subscription contracting
model. It is an ideal solution for companies that prefer to use operating expense
budget rather than capital acquisition budget for procuring their security solutions.
Sourcefire
Sourcefire®® Next Generation
Intrusion Prevention S
Sys
ystem
tem
(NGIPS) Provides:
• Best in category detection Sourcefire rated #1 in tuned
detection by NSS Labs in every
Symantec Intrusion
Intrusion/Detection
/Detection Prevention Solution with Sourcefire
test since 2010. Sourcefire's
Symantec Managed Security Services has teamed with market-leader Sourcefire to
testing resulted in 98.9%
provide a complete network IDP solution. Managed Security Services and the
overall protection across all
Sourcefire NGIPS products required to implement the services are both available
products tested
through subscription choices, and are included in the service-level agreements (SLAs)
1
• NSS Labs rated #1 in stated
offered by Symantec. Symantec’s collection agent was ported to work directly on
performance versus actual
Sourcefire Defense Center™ and Sourcefire 3D™ Sensor products through a combined
performance (Sourcefire's
effort of Sourcefire and Symantec and is fully supported by both companies. This
products run at the speeds
reduces the number of physical devices customers need to install on their networks.
advertised)
Sourcefire support is bound by contractual performance guarantees with
2
• Sourcefire's NGIPS is based on
the Symantec Security Operations Centers (SOCs), ensuring quick and efficient
Snort®, which is owned and
response time and paths to problem resolution.
operated by Sourcefire and is
the most widely deployed
intrusion technology in the
world
3
• Sourcefire's NGIPS provides
packet captures giving
Symantec SOC engineers more
insight into an actual attack
• Sourcefire's NGIPS has been a
leader in the Gartner Magic
4
Quadrant since 2006
1.
NSS Labs Product Analysis, 2012
NSS Labs Product Analysis, 2012
3. Sourcefire Website, http://www.sourcefire.com/security-technologies/network-security/next-generation-intrusion-prevention-system
4. Gartner “Magic Quadrant for Intrusion Prevention Systems” by Greg Young and John Pescatore, 5 July 2012 (ID Number: G00222572). Gartner does not endorse any
vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner
research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties,
expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
2.
1
Data Sheet: Symantec Managed Security Services
Symantec™ Intrusion Detection/Prevention Solution with Sourcefire®
Key benefits
• Proven products - Select from the catalog of Sourcefire products that best meet your price and performance needs.
• Ease of purchase - One-stop shopping for hardware and support.
• Ob
Obsolescence
solescence pro
protection
tection - Guaranteed support for the life of the contract. Sourcefire maintains ownership of the hardware
and will support technology refresh.
• Sub
Subscrip
scription
tion pricing - Recurring subscription fees for hardware devices. Utilize operating budget without capital
acquisition.
Off
Offerings
erings and k
key
ey ffeatures
eatures
Sourcefire is a recognized leader with a broad IDS/IPS line consisting of the following product families:
• Sourcefire NGIPS - Sourcefire NGIPS is built on the core technology of Snort, the world’s most popular intrusion prevention
software, developed by Sourcefire. Snort technology gives Sourcefire IPS the most effective detection and prevention coverage
5
available in the industry. Sourcefire IPS, the foundation of the award-winning Sourcefire 3D® System, uses a powerful
combination of vulnerability- and anomaly-based inspection methods—at line speeds of up to 40 Gbps—to analyze network
6
traffic and prevent threats from damaging your network.
• Sourcefire Def
Defense
ense Center - With Sourcefire Defense Center or Sourcefire Virtual Defense Center™ management console,
customers can analyze events, configure and push IPS policies, automatically download and apply Snort rule updates, and
more. Powered by the Snort detection engine, Sourcefire IPS excels with detailed packet-level forensics and sophisticated,
customizable workflows for investigating security events as they occur.
• Sourcefire Virtual 3D Sensor - Sourcefire Virtual 3D Sensor extends the 3D System to the far corners of the network, where
IT security resources don’t exist or the deployment of physical 3D sensors is impractical (for example, retail locations, remote
offices). It also provides the capability to inspect virtual machine-to-virtual machine communications, offering full IPS
capabilities to protect VMware®-based virtual networks.
• FireSIGHT® - Provides the network intelligence and context you need to respond to changing conditions and threats.
FireSIGHT technology provides total network visibility, including physical and virtual hosts, operating systems, applications,
services, protocols, users, content, network behavior as well as network attacks and malware.
• Sourcefire Application Control - Granular control over port- and protocol-hopping applications, including mobile
applications, that evade traditional firewalls. Enforcement of acceptable use policies and bandwidth controls.
• Sourcefire Adv
Advanced
anced Malware Pro
Protection
tection ffor
or FirePO
FirePOWER™
WER™ - A comprehensive malware defeating solution for networks that
enables malware detection/blocking, continuous analysis, and retrospective alerting and leverages Sourcfire's vast cloud
security intelligence.
In addition to Sourcefire technology, Symantec provides the following service:
• Ho
Hossted Sourcefire Management Console - Utilize our SOC-hosted Sourcefire Defense Center, the nerve center for Sourcefire
3D Systems. The hosted Defense Center is fully operated and managed by Symantec SOC experts and is covered by our SOC
7
uptime service-level warranty.
5.
NSS Labs Product Analysis, 2012
NSS Labs Product Analysis, 2012
7. Limitations apply. Please contact Symantec Sales for more details.
6.
2
Data Sheet: Symantec Managed Security Services
Symantec™ Intrusion Detection/Prevention Solution with Sourcefire®
Symantec Managed Securit
Securityy Ser
Services
vices off
offerings
erings
In addition to the Symantec Intrusiton/Detection Prevention Solution with Sourcefire, other services available include:
• Symantec Securit
Securityy Monitoring Ser
Services
vices - Provides enterprise-wide log retention and real-time security monitoring of
networks and security infrastructures, enabling clients to protect their information assets, and demonstrate compliance with
industry regulations.
• Symantec™ Managed Pro
Protection
tection Ser
Services
vices - Provides expertise to help secure and manage security architectures by remotely
8
delivered change, lifecycle, and incident/fault management for network security infrastructure.
• Symantec DeepSight™ Securit
Securityy Intelligence Solutions - Provides organizations with timely, relevant, actionable intelligence
about emerging threats, threat sources, and vulnerabilities through a customizable web portal and integrated data feeds.
Summar
Summaryy
Partnering with Symantec experts can help your organization dramatically reduce risks and achieve a greater return on your
security investments. By combining the security protection leadership of Symantec Managed Security Services with
Sourcefire's industry-leading security technology, you get optimal security protection in an easy-to-purchase integrated
solution.
More Information
Visit our website
http://go.symantec.com/mss
To speak with a Product Specialist in the U.S.
Call toll-free 1 (800) 745 6054
To speak with a Product Specialist outside the U.S.
For specific country offices and contact numbers, please visit our website.
About Symantec
Symantec protects the world's information and is a global leader in security, backup, and availability solutions. Our innovative
products and services protect people and information in any environment—from the smallest mobile device to the enterprise
data center to cloud-based systems. Our industry-leading expertise in protecting data, identities, and interactions gives our
customers confidence in a connected world. More information is available at www.symantec.com or by connecting with
Symantec at go.symantec.com/socialmedia.
Symantec World Headquarters
350 Ellis St. | Mountain View, CA 94043 USA
+1 (650) 527 8000 | 1 (800) 721 3934 | www.symantec.com
8.
Management Support is limited IDS/IPS management only. Other limitations apply. Please see sales associates for more details.
Copyright © 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec logo, adn the Checkmark logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S.
and other countries. Sourcefire, Snort, and Sourcefire FireSIGHT are trademarks or registered trademark of Sourcefire, Inc. in the United States and other countries. Other names may be trademarks of their
respective owners.
21042031-2 07/13
3
