SOURCEFIRE GIGABIT INTRUSION SENSOR RECEIVES NSS GROUP CERTIFICATION

IS3000 Delivers Flawless Performance in All Real World Tests by Industry’s Leading Testing Organization; RNA Highlighted as ‘Impeccable’ Differentiator

Columbia, MD, March 21, 2005 - Sourcefire, Inc., the world leader in real-time network defense, today announced that its IS3000 gigabit intrusion detection/prevention solution has been awarded the “NSS Approved” ranking from The NSS Group.  The IS3000 underwent rigorous testing, and was the only one of the five vendors recently evaluated that attained certification at the gigabit level. The NSS Group is one of the world’s foremost independent security testing facilities.

“The NSS testing provides technical validation to support all of the awards Sourcefire’s technology is winning,” said Martin Roesch, Founder and CTO of Sourcefire. “NSS’s high praise for the Sourcefire’s 3D System and its Gigabit capabilities sends the message that our solutions are not just innovative, but they also provide customers with the ability to significantly increase the security of their networks.”

According to The NSS Group report, “the system performed consistently and reliably throughout the entire process.” The NSS report states that the IS3000 is “a true 1Gbps device under all normal network conditions,” turning in a flawless performance in all real world tests.  It goes on to note that "Out of the box, the Sourcefire IS 3000 handled 1 million open connections easily, and the device appeared to be immune to stateless attack replay tools such as Stick and Snot."

“We were pleased to see that Sourcefire’s Intrusion Sensor performed extremely well in our real-world testing,” said Bob Walder, President of The NSS Group, “Specifically, we felt that the IS3000’s detection and decoding of fragmented and obfuscated attacks delivers a level of performance to which we would like to see all other IDS and IPS products aspire."

The report also recognizes Sourcefire’s RNA technology as a key strategic differentiator, stating: "The ‘crown jewels’ of Sourcefire 3D come in the shape of RNA which provides much needed context to intrusion alerts via the use of extensive passive scanning and vulnerability analysis.  This allows the Defense Center to accurately determine the impact on a particular host of a particular vulnerability and set the Impact Flag accordingly.  This should greatly enhance the analyst's ability to focus on exactly those alerts which pose the biggest security concerns on his network, and this should go a long way to removing one of the perceived problems of IDS Systems - analyst overload from too many irrelevant alerts. Throughout our testing, this feature worked impeccably, and is a very compelling reason on its own to purchase this product.”

About The NSS Group
The NSS Group is the world’s foremost independent security testing facility. With British headquarters, and security and network infrastructure testing facilities in the South of France, The NSS Group offers a range of specialist IT, networking and security-related services to vendors and end-user organizations world-wide.

The NSS Group security testing laboratories are available to vendors and end-users for fully independent testing of networking, communications and security hardware and software. Output from the labs, including detailed research reports, articles and white papers on the latest network and security technologies, are made available on the NSS web site at http://www.nss.co.uk.

About Sourcefire’s 3D System
Sourcefire’s 3D Approach – Discover, Determine, Defend – to securing real networks in real-time provides proactive defense-in-depth through an integrated process of discovering risks, vulnerabilities and threats; determining their business impact ;and taking the appropriate action to defend the network. Sourcefire’s 3D System, including Sourcefire Intrusion Sensors and Agents, Sourcefire RNA Sensors and the Sourcefire Defense Center, provides companies with the most effective security possible.

The Sourcefire 3D System offers the most flexible and precise intrusion prevention and network discovery technologies worldwide.  Sourcefire Intrusion Sensors utilize the award-winning Snort™ rules-based detection engine, bringing the benefits of signature, protocol, and anomaly-based inspection methods to all network traffic at speeds up to 8 gigabits per second.  In addition, Sourcefire RNA Sensors passively monitor a network to deliver highly detailed, real-time profiles of all network assets including their configuration, behavior, potential vulnerabilities and associated changes.  By tightly integrating and correlating the threat information provided by Sourcefire Intrusion Sensors and Agents with the network intelligence provided by Sourcefire RNA Sensors, the Sourcefire Defense Center easily prioritizes the millions of security events to determine the most critical events to an organization’s business and takes the appropriate actions.  These actions follow the ABCs of Defense – Alert, Block, Correct – all in real-time to deliver the most effective security.

About Sourcefire
Sourcefire, Inc., the world leader in real-time network defense solutions, is transforming the way organizations manage and minimize network security risks with its 3D Approach - Discover, Determine, Defend - to securing real networks in real-time. The company's ground-breaking network defense system unifies intrusion and vulnerability management technologies to provide customers with the most effective network security available. Founded in 2001 by the creator of Snort, Sourcefire is headquartered in Columbia, MD and has received numerous accolades including being named the Frost & Sullivan 2005 Network Security Infrastructure Protection Company of the Year. At work in leading Fortune 1000 and government agencies, the names Sourcefire and founder Martin Roesch have grown synonymous with innovation and intelligence in network security. For more information about Sourcefire, please visit www.sourcefire.com.