Security Experts:

Sourcefire Unveils Next Generation Firewalls

In October 2010, Sourcefire announced its planned expansion into the Next Generation Firewall (NGFW) market. Just over a year later, the Columbia, Maryland based company has officially made its launch into the NGFW space and will begin shipping the devices by the end of this month.

Building on its experience with Next-Generation IPS (NGIPS) technology, and leveraging its FirePOWER platform, Sourcefire’s Next-Generation Firewall line combines IPS threat prevention, integrated application control, and firewall capabilities into a single, high-performance appliance.

Sourcefire Next Generation Firewall In September of this year, Sourcefire announced its “Agile Security” vision, emphasizing the need for informed, adaptive and automated security products to protect today's dynamic IT environments from constantly changing threats.

Applying its vision of Agile Security to the emerging NGFW market, the company is delivering a context-aware and adaptive NGFW solution, including the ability to identify and provide granular control for more than 1,000 applications with strong visibility, intelligent automation and threat prevention.

Sourcefire’s NGFWs leverage the company’s single-pass engine that delivers deep inspection while maintaining high performance. For deployment flexibility, the FirePOWER platform can be configured at the customer’s choice as an NGIPS, an NGIPS with application control or an NGFW, providing customers with the ability deploy appliances to match their infrastructure needs and scale over time.

Utilizing its FireSIGHT technology, Sourcefire delivers increased visibility into applications, users, content, hosts, attacks, vulnerabilities, behavior and changes in a user’s environment. This information can then be correlated with user identity and reputation intelligence to assess risks and threat impact to make better enforcement decisions.

Sourcefire’s NGFWs employ “intelligent security automation” to increase protection through contextual awareness and collective threat intelligence, something the company says results in more meaningful policy recommendations and automated adjustments. The intelligent automation also helps security teams optimize remediation efforts by reducing actionable alerts and filtering out events that don’t necessarily matter in a particular user’s environment.

The initial hardware lineup includes the Sourcefire 3D8140 NGFW Edition and the 3D8250 NGFW Edition. In a 1U stackable form-factor, the 3D8140 NGFW provides up to 10Gbps of stateful inspection, with 6Gbps of threat-inspected throughput, and comes with 3 network module slots and 12 ports. The bigger 3D8250 provides 20Gbps of stateful inspection, 10Gbps with threat-inspection turned on and comes in a 2U form-factor with seven network module slots and 28 ports.

As would be expected, the NGFW allows users to customize defenses and policies to their specific requirements, and the option of a URL filtering service provides control over user website access and content.

The initial release of Sourcefire’s NGFW does not support remote VPN functions, so enterprises looking to completely replace an existing firewall with an all in one appliance will still need to maintain another solution to handle VPN connections. VPN support is in the product roadmap, and will be able to be added via software update without the need additional hardware, Dave Stuart, Director of Product Marketing at Sourcefire, told SecurityWeek.

Additionally, the product line does not provide on board SSL decryption, so organizations looking to take advantage of many of the granular controls offered by the NGFW will need to offload SSL decryption to another device. SSL (https) traffic, is increasingly being adopted by many services including Google, Facebook, Twitter and more, so in order to have visibility into these types of services SSL decryption is required. Sourcefire does offer a standalone SSL decryption appliance that enables inspection of inbound and outbound SSL traffic.

The units start shipping on December 23rd, with list pricing starting at $140,000 for the 3D8140 NGFW Edition.

view counter
For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.