The company behind the iconic Snort, Sourcefire, has increased its Intrusion Detection and Prevention line to include Red Hat Enterprise’s virtualization offerings. With this addition, Sourcefire’s virtual offerings now cover the markets most used platforms including VMWare and Xen.
Red Hat’s Virtualization rests on top of the open source Kernel-based Virtual Machine, the adoption of which is the focus for the Open Virtual Alliance. The OVA was founded by Red Hat, along with HP and Intel to foster the industry use of the Kernel-based hypervisor, in order to offer stronger security and integration, while allowing organizations the ability to virtualize parts of the infrastructure without adding additional hardware.
The problem with virtualization, at least for most large-scale infrastructures, is visibility. VM-to-VM monitoring, protection, and scaling doesn’t always work using the same practices and methods developed to secure physical deployments. Sourcefire had previously developed virtual IDS/IPS solutions, so the Red Hat addition is just a natural progression for them.
Sourcefire’s Virtual Sensor and Defense Center products will now cover VMware, the RHE Virtualization stack, and Xen in one setting. To ensure that they are kept in the loop and can contribute to furthering the KVM world, they have also joined the OVA.
“As virtualization proliferates across organizations in a variety of industries, Sourcefire’s support for Red Hat Enterprise Virtualization on KVM… [allows customers to] extend their technology investments, in both their preferred virtual and physical platforms, while adding the latest intrusion prevention capabilities,” said Richard Park, senior product manager at Sourcefire.
When it comes to deployment itself, Virtual Sensor allows simultaneous execution of IPS functions, while Virtual Defense Center can monitor any combination of up to 25 physical / virtual censors throughout the network.
