| Collateral |
| Corporate |
Corporate Backgrounder 
An overview of Sourcefire’s financial background, products/technology, awards/certifications, open source strength, management team, and services. |
Sourcefire 3D System Global Certifications
Independent IPS validation by ICSA, Miercom and NSS of the Sourcefire 3D System.
|
| Products |
Sourcefire IPS Overview
Learn about the power, flexibility, precision, scalability, and performance of Sourcefire IPS. |
Sourcefire Virtual 3D Sensor and Sourcefire Virtual Defense Center
The Sourcefire Virtual 3D Sensor and Sourcefire Virtual Defense Center enable users to deploy Sourcefire's leading cybersecurity
solutions within their virtual environments, increasing protection for both physical and virtual assets. |
Sourcefire 3D System - 3D9900 Sensor
A detailed look at the features, specifications and benefits of Sourcefire's 8Gbps IPS appliance. |
Sourcefire Defense Center (DC) Overview
The "nerve center" of the Sourcefi re 3D® System; Sourcefire Defense Center correlates attacks with real-time network and user intelligence and centrally manages network security and operational functions, including event monitoring, incident
prioritization, forensic analysis, and reporting. |
Sourcefire RNA Overview
The innovative, passive-sensing Sourcefire RNA technology transforms
how organizations defend their networks, providing network and security
administrators with unprecedented real-time network visibility. |
Sourcefire 3D System - Appliance Specifications
Specification matrix covering the full range of appliances within the Sourcefire 3D System family. (Sourcefire 3D Sensors and Defense Centers) |
Sourcefire NBA Overview
Understand the benefits of the latest generation of layered defense with Network Behavior Analysis (NBA), a key component of Sourcefire's ETM solution. |
Sourcefire RUA Overview
Learn about the benefits of integrated user awareness to Sourcefire's ETM solution. |
IS3000 - NSS Approved
NSS Group's test results of the Sourcefire IS3000 including, performance, security effectiveness, and usability. |
ICSA Labs Network IPS Certification Testing Report
ICSA Labs Network IPS Certification Testing Report for the complete line of Sourcefire 3D Sensors. |
Sourcefire 3D and QualysGuard Vulnerability Management Integration
Sourcefire partners with Qualys, to provide contextual network detail and more effective threat impact analysis, via the integration of QualysGuard vulnerability data into the Sourcefire 3D System. |
Sourcefire 3D for Bradford Networks' Access Solutions
Sourcefire and Bradford Networks have partnered to provide integration of Sourcefire IPS and Sourcefire RNA with Bradford Networks' Campus Manager and NAC Director™ for automated security remediation. |
Sourcefire 3D for Crossbeam - Miercom Lab Testing Summary Report
Miercom's test results of the Crossbeam-Sourcefire solution for scalability, throughput performance, high availability and multi-application capabilities. |
Sourcefire 3D for Crossbeam
Crossbeam factsheet addressing the benefits of choosing the Sourcefire 3D System for Crossbeam including: best-in-class integrated security, high availability, investment protection, performance/scalability, and ROI savings. |
 |
| Technology Briefs |
Sourcefire RNA
Sourcefire RNA® (Real-time Network Awareness) is a passive sensing technology assisting with
the daily tasks of intrusion analysis. |
PCI-DSS Compliance
Using the Sourcefire 3D® System, payment card merchants and service providers can improve their security and demonstrate key aspects of PCI DSS compliance without significant increases in personnel and IT costs. |
Sourcefire Adaptive IPS
Sourcefire's Adaptive IPS solution addresses an organization's need for better efficiency and effectiveness by significantly reducing the number of actionable security events and sharply reducing or eliminating the manual effort required to tune Sourcefire's IPS. |
The Sourcefire Ecosystem
The Enterprise Threat Management solution from Sourcefire, is a true, enterprise-class system
which combines several, highly complementary threat and vulnerability management technologies enhanced by shared intelligence and coordinated by a single management platform. |
The Sourcefire Approach to NBA
Bringing clarity to what NBA is, identifying and qualifying the value propositions, and exploring the advantages for today's enterprise security needs using Sourcefire's approach to NBA.
|
The Power of Sourcefire RUA
Sourcefire Real-time User Awareness (RUA) offers a solution to the problem of mapping IP addresses connected to a network with useable user identity information.
|
Extending Your Investment in Snort
Extending the solid foundation of open source Snort IPS with the Sourcefire 3D System to achieve a complete ETM solution.
|
The Impact of Virtualization on Network Security
Virtualization is a concept that has become highly
visible in the last few years because of its perceived benefits in reducing costs, enabling
rapid deployment, and improving system availability. With all of its benefits, however, virtualization also
creates many new security risks that security professionals should be aware of.
|
|
| Industry |
Sourcefire Telecommunications Overview
An overview of the need for network security within the ultra-competitive telecommunications industry. Issues include: the security demands of the booming wireless and VoIP technologies, and being able to offer a "multi-play" solution. The document also discusses how the Sourcefire 3D System components and Snort can provide next-generation protection for the telecommunications industry. |
Sourcefire Education Overview
An overview of the need for network security within the Higher Education community. Issues include: file sharing and copyright liability, diverse applications and technology, remote/distance learning, and broad population with unmanaged computing devices. The document also discusses how the Sourcefire 3D System components and Snort can provide next-generation protection for Higher Education. |
Sourcefire Energy Overview
An overview of the need for network security within the Power and Energy industry. Issues include: SCADA and process control systems, NERC 1300 standards, modernization of power plant infrastructure, operations continuity, industry deregulation, and continuous monitoring of geographically dispersed distribution components. The document also discusses how the Sourcefire 3D System components and Snort can provide next-generation protection for the Power and Energy industry. |
Sourcefire Financial Overview
An overview of the need for network security within the Financial Services industry. Issues include: compliance with regulations such as the Gramm-Leach-Bliley Act and the Basel II Accord; the need to treat IT security as part of an organization's critical infrastructure; managing legacy computing systems; the impact of new technologies on IT security; the need to control costs; and the need for higher availability, capacity, and performance. The document also discusses how the Sourcefire 3D System components and Snort can provide next-generation protection for the Financial Services industry. |
Sourcefire Gov't/Public Sector Overview
An overview of the need for network security within the Government and Public Sector community. Issues include: FISMA, Computer Security Act of 1987, state security breach laws, highly distributed operations, classified and personal information in databases, and wide variety of modern and legacy systems. The document also discusses how the Sourcefire 3D System components and Snort can provide next-generation protection for the Government and Public Sector community. |
Sourcefire Healthcare Overview
An overview of the need for network security within the Healthcare community. Issues include: HIPAA, FDA regulations, patient care enhancement, cost controls, new computer networks and applications, and personal information in databases. The document also discusses how the Sourcefire 3D System components and Snort can provide next-generation protection for the Healthcare community. |
Sourcefire Retail Overview
An overview of the need for network security within the Retail industry. Issues include: PCI Data Security Standard, information flow enhancement, cost controls, ecommerce, wide variety of network-based applications, new technologies, and personal and credit card information collection and storage. The document also discusses how the Sourcefire 3D System components and Snort can provide next-generation protection for the Retail industry. |
|
| Compliance |
20 Critical Security Controls
By using the Sourcefire 3D System, federal agencies can improve their cybersecurity defenses and implement key aspects of the 20 Critical Security Controls
without signifi cant increases in personnel and IT costs. |
PCI-DSS Compliance
Using the Sourcefire 3D® System, payment card merchants and service providers can improve their security and demonstrate key aspects of PCI DSS compliance without significant increases in personnel and IT costs. |
ICSA Labs PCI Data Security Standard Report
Exclusive Product Capability Assurance Report by ICSA Labs for Sourcefire. The report provides independent testing validation of Sourcefire products satisfying the Payment Card Industry (PCI) and Data Security Standard (DSS) compliance. |
Sourcefire NERC Compliance Factsheet
An overview of the North American Electric Reliability Corporation (NERC) reliability requirements for the protection of critical infrastructure associated with the electric power industry, and how the Sourcefire 3D System can help customers meet those requirements. |
Sourcefire FISMA Compliance Factsheet
A look at the requirements to protect federal information and information systems supporting secure federal information, and how the Sourcefire 3D System can help customers meet many of those requirements. |
Sourcefire HIPAA Compliance Factsheet
An overview of the safeguard requirements to protect the Protected Health Information (ePHI) of the healthcare industry and how the Sourcefire 3D System can help customers meet many of those requirements. |
Sourcefire Sarbanes-Oxley (SOX) Compliance Factsheet
An overview of the Sarbanes-Oxley Act of 2002 (SOX) and how IT security is a central requirement of SOX. Specifically, this Factsheet shows how the Sourcefire 3D System can help customers comply with Sections 302, 404, and 409 of SOX. |
|
| Services |
Sourcefire Professional Services
Sourcefire Professional Services provides the expertise to optimize your deployment, maximize return-on-investment, and achieve fast and effective upgrades. These factsheets provide overviews of the quarterly service program and the three phases of Professional Services.
Quarterly Service Program | Deployment | Optimization | Upgrade |
Sourcefire Customer Support Factsheet
Overview of Sourcefire Support Services, covering how to work with Sourcefire Customer Support, the differences in annual support plans, and the importance of the Sourcefire Vulnerability Team rules. |
| Support Program Terms & Conditions | Support Program Process |
|
| Case Studies |
Sourcefire Customer Case Study - Telekom Slovenije
Telekom Slovenije, an information and communications provider in Slovenia, chose the automation, functionality, and manageability of Sourcefire RNA and IPS for its security solution. |
Sourcefire Customer Case Study - Halesowen College
Halesowen College, based in the UK, needed a commercial security solution to replace its open source Snort deployment. Sourcefire was their first choice to improve the efficiency and management of their growing demand for IT services. |
Sourcefire Customer Case Study - Kyoto University
Kyoto University, one of Japan's most prestigious universities, protects its vast and rapidly changing 10Gbps networks with the Sourcefire 3D System. |
Sourcefire Data Breach Case Study - Heartland Payment Systems
The nation's sixth largest credit and debit card processor announced that cyber criminals had compromised
its computer network—gaining access to its valuable customer information. Features a perspective from a peer company with their Sourcefire security solution. |
IANS Working Knowledge Series Case Study - Weill Cornell Medical College
Lacking network visibility and facing a host of information security challenges, WCMC undertook a detailed risk assessment to determine which technologies would help reduce its risk the most. The conclusion: an IDS/IPS was deemed to be the greatest risk reducer. |
Sourcefire Customer Case Study - Weill Cornell Medical College
An inability to see deep inside its network to determine security weaknesses and other potential concerns prompted Weill Cornell Medical College to seek an intrusion detection system. The Snort rules community helped to put Sourcefire at the top of the list, but it was the RNA (Real-time Network Awareness) option that closed the deal. |
IANS Working Knowledge Series Case Study - ULLICO
Based on a network assessment, Union Labor Life Insurance Company (ULLICO), found it had inadequate visibility into its network traffic—both inbound and outbound, which was resolved using Sourcefire RNA. |
IANS Working Knowledge Series Case Study - LA Times
The LA Times faced many challenges securing its internal network and complying with PCI. The solution was a "smarter IPS" which was Sourcefire RNA. |
Sourcefire Customer Case Study - GraceKennedy
GraceKennedy, one of the Caribbean's largest corporate entities, needed increased visibility into its diverse network. They found a solution that met all their needs and offered great tech support, as well as a component that could establish a network activity baseline and another that included a top vulnerability scanner for the same price as other solutions they tried. |
Sourcefire Customer Case Study - AutoTrader.com
AutoTrader.com is widely regarded as the Internet's leading source for auto classifieds, and when they needed insight into user identity to further their security efforts, they added Sourcefire RUA. |
Sourcefire Reprint - SANS WhatWorks (TransUnion)
TransUnion is one of the three credit reporting companies and a global leader in financial information management. Learn how TransUnion relies on Sourcefire to streamline sensor, global compliance and log management. |
Sourcefire Reprint - SANS WhatWorks (XanGo)
Find out how XanGo, LLC, an innovator in the beverage industry, used Sourcefire to come up from scratch on PCI compliance and create an IPS-based security infrastructure that would support the company’s planned expansion. Other features, like RNA's passive scanning, provides a solid baseline on network segment activity. |
IANS Case Study - Federal Home Loan Bank of New York
The FHLB of NY had a homegrown IDS solution and were using an outside developer to maintain the application. As their needs grew, they needed to either build a new IDS from scratch on new hardware or purchase new appliances and software. They purchased Sourcefire because buying turned out to be more cost-effective than building for them, compliance auditors knew Sourcefire and asked fewer questions, and the Snort community is extremely large and responsive. |
IANS Case Study - RightNow
RightNow, a provider of high-impact marketing and sales technology solutions and services, was a satisfied Snort user but knew they needed to look at commercial network security solutions to support their growth. . After a three-month investigation period, including testing and evaluating six leading IPS products—Cisco, Top Layer, Demarc, Tipping Point, Reflex, and Sourcefire—they chose Sourcefire as the scalable, tunable product that best fit their requirements |
Sourcefire Zotob Case Study
A near zero-day attack, the Zotob worm demonstrated that conventional patching processes are inadequate and first-generation intrusion prevention sensors are not always sufficient. This case study shows what RNA can do against these types of threats and the unique and responsive capabilities that Sourcefire brings together through the Sourcefire Vulnerability Research Team (VRT) and the Snort community. |
Sourcefire Reprint - SANS WhatWorks (FXall)
FXall, the leading provider of automated trading and workflow solutions for foreign exchange and treasury products, handles an average daily volume in excess of $40 billion and needed a better IDS solution to meet its reporting requirements for SAS 70 and ensure effective and efficient network security. They started with a small-scale deployment and were very impressed so they purchased more to expand their coverage. |
Sourcefire Reprint - SANS WhatWorks (Retail Decisions)
Retail Decisions is a payment card issuer and a world leader in card fraud prevention and payment processing. They work with blue-chip clients including Wal-Mart, Texaco, Travelocity, and Macy’s. They wanted an IPS that would meet their PCI Data Security Standard requirements, be highly tunable to monitor their diverse traffic, and reduce the number of false positives they were encountering. See how RNA met their needs and did a lot more for them. |
Sourcefire Reprint - SANS WhatWorks (Unisys)
Unisys is a worldwide technology services and solutions company. Their strong Managed Security Services (MSS) practice operates three primary Security Operation Centers (SOC) anda dedicated Federal SOC. They use a variety of Security Event Management (SEM) tools to manage up to 100 million events a day—with about 1,000 being high alerts. They selected RNA to reduce the total number of false positives, making their overall SEM system more effective. |
Sourcefire Reprint - SANS WhatWorks (State Agency)
Without an intrusion detection or prevention system, this state agency was at high risk for unknown and undetected attacks and was not doing well in audits because they could not show ongoing network security monitoring. They selected Sourcefire due to their past experience with open source Snort and the capabilities of RNA. Other reasons included the ability to start with IDS and later turn on IPS, maintain network performance, and help enforce policy compliance. |
Sourcefire Reprint - SANS WhatWorks (BBCS/TIB)
BankersBank Card Services provides the tools and support necessary for banks to build and maintain profitable credit card issuing and acquiring portfolios. An devoted open source Snort user, as their network security coverage requirements tripled, they needed a commercial solution that was manageable, satisfied PCI compliance and management reporting requirements, and offered commercial-grade support. Learn how the Sourcefire 3D System meets their needs. |
Sourcefire Reprint - SANS WhatWorks (AutoTrader.com)
AutoTrader.com is widely regarded as the Internet's leading source for auto classifieds. They had been using open source Snort, but even after customization, it was constantly flooded with false positive events. They needed a solution to connect an attack with vulnerabilities. The continuous, passive network discovery capabilities of RNA and the event correlation capabilities of the Sourcefire Defense Center now enable AutoTrader.com to interpret all network traffic and marry the vulnerability status of the server and application to an event and target the ones that matter. |
Sourcefire Reprint - SANS WhatWorks (Sisters of Charity Providence Hospitals)
A long-time user of open source Snort, when Sisters of Charity Providence Hospitals’ network security needs grew they wanted a commercial network security product to protect their network and help meet HIPAA compliance. They looked at Tipping Point, but it was too costly. They selected the Sourcefire 3D system and have been able to deal with the SQL worm, identify the source of attacks, continuously monitor and protect their systems, and satisfy HIPAA requirements. |
|
| Reprints/Other |
Network Computing - The Sourcefire 3D System v4.8
Network Computing reviews the Sourcefire 3D System version 4.8, highlighting the benefits of RNA, RUA and Defense Centers. |
SC Magazine, Product Review: Sourcefire 3D System
SC Magazine reviews the Sourcefire 3D System, giving it an overall 4 out of 5-star rating, noting the solution’s “industrial-strength network threat management” and stating “intrusion protection doesn’t get much tougher.” |
NetworkWorld, Security Tool Fights Zero-Day Threats
NetworkWorld takes a closer look at Network Behavior Analysis (NBA) tools and speaks with Sourcefire customers, Xango and TransUnion, about why they selected Sourcefire solutions. |
Computing Security Magazine UK, Product Review: Sourcefire 3D System
In this product review the Sourcefire 3D System is noted for drastically reducing false positives, and thus management overhead, as well as for being easy to install and deploy. |
Enterprise Strategy Group - Information Security Brief
The Enterprise Strategy Group (ESG) discusses why Sourcefire has what it takes to be successful as an adaptive network security solution. Specifically, this brief covers RNA and its ability to detect malicious traffic on the network, identify new resources, and monitor network activity. |
Federal Computer Week - Intrusion Detection on Steroids
Federal Computer Week reviews the Sourcefire 3D System and gives it five stars for its features, performance, and price. |
SC Magazine Group Test: Intrusion Prevention 2005
SC Magazine reviews 12 leading IPS appliances and gives Sourcefire its Best Buy award. |
|
3D System Demo
|
©2010 Sourcefire, Inc.