Gregory Henry, CISSP, IT Security Manager, discusses with Alan Paller of SANS how GraceKennedy achieves real-time network security monitoring and visibility across their diverse network using the Sourcefire 3D System.
Case Studies
When Telekom Slovenije needed a security solution that could protect it from attacks and keep its company data safe, while still optimizing the performance of its staff, it turned to Sourcefire® for help.
Dubrovnik Airport needed security solution that will protect company’s confidential data and provide external users with secure and controlled access to public network. Also, they needed solution that would be less demanding on the company’s IT staff in terms of time and effort. The Sourcefire 3D® System satisfied their needs.
Malaysian Assurance Alliance Berhad (MAA) needed a system to protect their online portal and networks for its customers and agents by blocking external threats and identifying internal vulnerabilities 24x7x365. MAA selected the Sourcefire 3D® System with Sourcefire IPS™ (Intrusion Prevention System) and Sourcefire RNA® (Real-time Network Awareness).
Adapting to the needs of its increasingly dynamic network, Loughborough University selects the award-winning Sourcefire 3D® System with Sourcefire RNA® (Real-time Network Awareness) as the natural successor to open source Snort.
Nokia Siemens Networks faced significant challenges related to data privacy and managing sensitive information in a highly distributed environment, and it turned to Host Integrity Systems, a Sourcefire partner, for the security solution, which included the Sourcefire IPS.
As a leading eCommerce site, 1-800-Flowers.com requires a secure eCommerce architecture. Sourcefire, an important component of that architecture, provides a complete, real-time snapshot of what is occurring in monitored areas of the network, supplies real-time alerting, and helps to fulfill compliance requirements.
Telekom Slovenije, an information and communications provider in Slovenia, chose the automation, functionality, and manageability of Sourcefire RNA and IPS for its security solution.
Halesowen College, based in the UK, needed a commercial security solution to replace its open source Snort deployment. Sourcefire was their first choice to improve the efficiency and management of their growing demand for IT services.
Lacking network visibility and facing a host of information security challenges, WCMC undertook a detailed risk assessment to determine which technologies would help reduce its risk the most. The conclusion: an IDS/IPS was deemed to be the greatest risk reducer.
An inability to see deep inside its network to determine security weaknesses and other potential concerns prompted Weill Cornell Medical College to seek an intrusion detection system. The Snort rules community helped to put Sourcefire at the top of the list, but it was the RNA (Real-time Network Awareness) option that closed the deal.
Based on a network assessment, Union Labor Life Insurance Company (ULLICO), found it had inadequate visibility into its network traffic—both inbound and outbound, which was resolved using Sourcefire RNA.
The LA Times faced many challenges securing its internal network and complying with PCI. The solution was a "smarter IPS" which was Sourcefire RNA.
TransUnion is one of the three credit reporting companies and a global leader in financial information management. Learn how TransUnion relies on Sourcefire to streamline sensor, global compliance and log management.
The FHLB of NY had a homegrown IDS solution and were using an outside developer to maintain the application. As their needs grew, they needed to either build a new IDS from scratch on new hardware or purchase new appliances and software. They purchased Sourcefire because buying turned out to be more cost-effective than building for them, compliance auditors knew Sourcefire and asked fewer questions, and the Snort community is extremely large and responsive.
RightNow, a provider of high-impact marketing and sales technology solutions and services, was a satisfied Snort user but knew they needed to look at commercial network security solutions to support their growth. . After a three-month investigation period, including testing and evaluating six leading IPS products—Cisco, Top Layer, Demarc, Tipping Point, Reflex, and Sourcefire—they chose Sourcefire as the scalable, tunable product that best fit their requirements
FXall, the leading provider of automated trading and workflow solutions for foreign exchange and treasury products, handles an average daily volume in excess of $40 billion and needed a better IDS solution to meet its reporting requirements for SAS 70 and ensure effective and efficient network security. They started with a small-scale deployment and were very impressed so they purchased more to expand their coverage.
Retail Decisions is a payment card issuer and a world leader in card fraud prevention and payment processing. They work with blue-chip clients including Wal-Mart, Texaco, Travelocity, and Macy’s. They wanted an IPS that would meet their PCI Data Security Standard requirements, be highly tunable to monitor their diverse traffic, and reduce the number of false positives they were encountering. See how RNA met their needs and did a lot more for them.
Unisys is a worldwide technology services and solutions company. Their strong Managed Security Services (MSS) practice operates three primary Security Operation Centers (SOC) anda dedicated Federal SOC. They use a variety of Security Event Management (SEM) tools to manage up to 100 million events a day—with about 1,000 being high alerts. They selected RNA to reduce the total number of false positives, making their overall SEM system more effective.
Without an intrusion detection or prevention system, this state agency was at high risk for unknown and undetected attacks and was not doing well in audits because they could not show ongoing network security monitoring. They selected Sourcefire due to their past experience with open source Snort and the capabilities of RNA. Other reasons included the ability to start with IDS and later turn on IPS, maintain network performance, and help enforce policy compliance.
BankersBank Card Services provides the tools and support necessary for banks to build and maintain profitable credit card issuing and acquiring portfolios. An devoted open source Snort user, as their network security coverage requirements tripled, they needed a commercial solution that was manageable, satisfied PCI compliance and management reporting requirements, and offered commercial-grade support. Learn how the Sourcefire 3D System meets their needs.
AutoTrader.com is widely regarded as the Internet's leading source for auto classifieds. They had been using open source Snort, but even after customization, it was constantly flooded with false positive events. They needed a solution to connect an attack with vulnerabilities. The continuous, passive network discovery capabilities of RNA and the event correlation capabilities of the Sourcefire Defense Center now enable AutoTrader.com to interpret all network traffic and marry the vulnerability status of the server and application to an event and target the ones that matter.
A long-time user of open source Snort, when Sisters of Charity Providence Hospitals’ network security needs grew they wanted a commercial network security product to protect their network and help meet HIPAA compliance. They looked at Tipping Point, but it was too costly. They selected the Sourcefire 3D system and have been able to deal with the SQL worm, identify the source of attacks, continuously monitor and protect their systems, and satisfy HIPAA requirements.
How to Buy Sourcefire Products
Sourcefire products are available worldwide throughout an extensive network of authorized partners. Request a dialogue to purchase from Sourcefire today.
Or call us at 800.917.4134
