The FireSIGHT Management Center unifies the critical security functions of the Sourcefire next-generation network security platform using FireSIGHT real-time awareness and security automation technology. Real-time awareness technology provides the network intelligence and contextual awareness you need to respond to changing conditions and threats. The visibility and automation that this provides make networks more secure and reduces operational costs.
Gain total visibility into everything on your network – physical and virtual hosts, operating systems, applications, services, protocols, users, content, network behavior, as well as network attacks and malware.
Acting as the central nervous system for all Sourcefire network security solutions, the Sourcefire FireSIGHT Management Center enables you to:
- Gain full stack visibility, correlate events and automate security to respond to changing conditions and new attacks with ease
- Configure protection and access policies and control multiple Sourcefire appliances from a single management console
- Aggregate and evaluate all security and compliance events
- Conduct forensic analysis, trends analysis, reporting and alerting
- Control and monitor the health and performance of network security appliances
- Optimize defenses and system performance by automating protection policy updates based on network changes
- Reduce the number of “actionable” security events by up to 99% by correlating threats against target operating systems and applications and their inherent vulnerabilities
- Know instantly who to contact when an internal host is affected by a client-side attack
- Be alerted when a host violates a configuration policy or attempts to access an unauthorized system
- Baseline “normal” network traffic and detect network anomalies
- Detect and block malware ‘inline’ utilizing cloud-analytics and Sourcefire Collective Security Intelligence
- Gain the same monitoring and management controls over virtual appliances with the Sourcefire Virtual FireSIGHT® Management Center
- Integrate with a variety of third-party systems, such as firewalls, routers, log management, Security Information Event Management, or SIEMs, trouble ticketing, patch management systems and other technologies