The Sourcefire Defense Center® management console is the “nerve center” of Sourcefire's network security solutions. It provides a powerful, easy-to-use interface for categorizing events, generating recurring reports, scheduling automated Snort rule updates, configuring policies, and displaying customizable dashboards to quickly communicate sensor feedback.
We offer a range of Next-Generation IPS (NGIPS) and Next-Generation Firewall (NGFW) solutions to address different network needs across physical and virtual environments, and we complement these solutions with tailored Defense Center management consoles that offer robust features, including:
Aggregating and Monitoring Events for Centralized Network Defense: All intrusion events are sent securely from Sourcefire sensors to the Defense Center for centralized storage and analysis. Each Defense Center correlates attacks with real-time network and vulnerability intelligence to assign an “Impact Flag” rating denoting the relevance and severity of the attack. This enables IT Security to weed out false positives and irrelevant attacks, dramatically reducing—by up to 99%—the number of alerts requiring analysis, saving considerable time and effort.
Customizable Dashboards, Context Explorer, Reports, and Alerts: Each Defense Center features an individually customizable, portal-like dashboard with dozens of pre-defined and customizable drag-and-drop “widgets” displaying critical information in the form of tables and graphs. Dashboard benefits include interactive drill-down, granular administrative privileges, and dashboard tab cycling. Users can tailor the dashboard to their role within the organization and share their dashboard with peers. Using Context Explorer the Defense Center enables users to visualize and explore a range of contextual information including top-used applications and hosts. Defense Center also provides customers with fully customizable reports and alerts. Users can choose from a variety of pre-defined report templates or create custom reports to meet their reporting needs. Reports can be generated in PDF, HTML, and CSV formats, while alerts can be sent via syslog, SNMP, and email.
Centralized Policy Management: With Defense Center, users have complete control over policies and configuration of up to 150 Appliances from a single management console. Policies can be distributed down to all underlying appliances, to individual appliances, or to appliance groups. The policy management facility on the Defense Center gives users the ability to create, modify, and review policies. Locating individual rules for examination is aided by an expanded keyword search capability, and understanding changes between two policy versions occurs with a side-by-side comparison view that highlights changes. Our innovative policy layering enables users to make changes that affect many or all policies. It also enables users to determine a hierarchy of policy layers that is most relevant for their organization and network.
Powerful Integration with Third-party Systems: Sourcefire makes integration with other best-of-breed technologies possible through four powerful, feature-rich Application Program Interfaces (APIs). Our remediation API can communicate with firewalls, routers, vulnerability scanners, patch managers, and other systems based on triggered events. The eStreamer™ API can stream security, compliance, and sensor health events to SIEMs, log managers, and network management systems. Additionally, our event database can be accessed via a JDBC connector to generate reports from third-party reporting tools such as Crystal Reports™. The host input API can accept endpoint intelligence into its RNA host database to improve accuracy. Sourcefire also provides a selection of other third-party interfaces, including syslog, SNMP, and more.
Sourcefire Master Defense Center for Enterprise Scalability: For large enterprises or organizations with distributed IT personnel, a single Defense Center appliance can be configured in Master Defense Center (MDC) mode to manage up to 10 subordinate Defense Centers, effectively enabling the management of hundreds of Sourcefire appliances from a single management console.