Sourcefire Application Control saves money and improves security by controlling applications that introduce vulnerabilities, evade existing protections, expose sensitive information, overuse bandwidth, or violate usage policy. While traditional firewall policies enforce policy based on the IP address, port or protocol alone, Sourcefire Application Control identifies each application and allows or blocks them on a per user or user group basis. Whether deployed as an NGIPS or as a NGFW, Sourcefire Application Control gives you several advantages over traditional firewall and IPS policies alone, including:
Reduced attack surface and inspection requirements
By limiting the number and types of applications that are allowed to function on the network, administrators can reduce the number of vectors that attackers could use to access sensitive information, and can block advanced malware attempting to communicate covertly.
Control port- and protocol-hopping apps that evade traditional firewalls
Regardless of the port or protocol used, Sourcefire Application Control allows for discovery and control of applications on your network. Limit exposure to peer-to-peer file sharing, gaming, collaboration, video streaming, chat and other risky or non-productive applications that often evade traditional firewall protections.
Enforcement of mobile application policy to reduce BYOD risk
In a BYOD world, you can’t control the endpoint. So it makes sense to control what the endpoint can do at the network level. Sourcefire Application Control can help you identify mobile devices and the applications they use, so you can limit their access to sensitive portions of the network.
Limit the exposure created by social media applications
Similar to the BYOD problem, administrators have little control over what information is shared or emailed through social media sites. Sourcefire Application Control allows you to limit who does what (by user, user group, network, zone, etc.) with social media applications.
Granular control over applications, bandwidth, and acceptable use policies
Sourcefire classifies applications by type, category, risk level, and business relevance, so that you can easily identify the types of applications that are wasting network and human resources.
Flexibility through multiple deployment options
Sourcefire Application Control can be deployed in several ways for ultimate flexibility:
As a NGFW – An inline, layer 3 enforcement point with active enforcement of application policy
As a NGIPS – An inline, layer 2 enforcement point with active enforcement of application policy
As a NGIDS – An out of band, layer 2 detection point with passive alerting of application usage
Optional URL filtering on over 280 million domains
This optional subscription service allows you to apply category and reputation-based web content filtering policies. Over 280 million URLs are categorized into 80+ categories and are updated daily.
A refined interface to make policy changes in seconds
Sourcefire Application Control policy is facilitated by an easy to use, drag and drop, single management page that allows administrators to make additions or changes to their policies with just a few clicks.
Backed by the world’s most sophisticated NGIPS
Sourcefire’s NGIPS with FireSIGHT increases accuracy and automation by using contextual awareness to understand the composition of the network. This agile engine automatically tunes itself to protect new assets as they enter the network, reducing administrative burden and staying one step ahead of malicious hackers.