Cybersecurity_

Internal network security systems



The networks of today are known for their dynamics. Threats never stop evolving and become more and more sophisticated. Network security gaps keep emerging because the static protection (firewall, antivirus) is unable to secure dynamic networks against dynamic threats.

 

Real-time internal network security.

Protection of the internal network calls for a robust IPS (Intrusion Prevention System).

We used the rule-based Snort, which leverages Sourcefire IPS™, the actual standard of intrusion detection and prevention (IDS/IPS), as the foundation of the award-winning Sourcefire 3D® system.

 

Real-time network traffic is continuously analysed (event review system) and any unusual behaviours found in the network (repeated login attempts, scanning tests and many more) are blocked, while instant threat alerts are sent to administrators.

 

Sourcefire IPS uses powerful combinations of methods based on security gap and irregularity detection – with line throughput up to 10 Gbps – to analyse traffic and prevent threats which can damage your network. Whether implemented in the perimeter part of the network, in its demilitarised zone (DMZ), its core or critical parts, the easy-to-use IPS appliances will provide you with end-to-end protection against potential threats.

 

Virtual environment security

Virtualisation is attracting a lot of threats. They include VM expansion (their growth without proper coordination or control), missing division of duties, no insight in the virtual network communication and gaps in hypervisor protection.

Virtual hosts are very much like their physical counterparts – they must be secured, too:

3D Sourcefire are virtual sensors which launch Sourcefire IPS™ (an intrusion prevention system) can detect attacks against virtual machines as well as ones originating in them.

 

Sourcefire RNA® (Real-time Network Awareness), which is a real-time network monitoring technology implemented in virtual 3D sensors, can collect VM attributes while assuming the machines belong to the same network segment as the virtual 3D sensor. In order to be effective in preventing VM expansion, RNA recognises the vendors of network interfaces (NICs), both the physical and the virtual ones, which allows clients to identify new hosts as physical or virtual machines. If the new host is a virtual machine, IT security can be alerted to check its compliance.

 

 

Value for Customer:

 

Substantial improvement of internal network security. Internal network is protected against intrusion, any undesired patterns of behaviour are blocked, security incidents and suspicious behaviours are analysed and reported.

 

 PARTNERS:

PL / EN / RU