“Next-generation network IPS will be incorporated within a next-generation firewall, but most next-generation firewall products currently include first-generation IPS capabilities.”
-- “Defining Next-Generation Network Intrusion Prevention,” Gartner, 7 October 2011
The rate of change in IT environments is unprecedented. At the same time, attacks are coming at a rapid pace and with an increasing level of sophistication. In an attempt to provide effective protection, NGFWs have added application control to the access control capabilities provided by traditional firewalls. This isn’t enough.
With the Sourcefire Next-Generation Firewall, Sourcefire extends the power of Agile Security® and its leadership in Next-Generation IPS (NGIPS) to NGFWs. For the first time, customers can support access and application control policies today without sacrificing protection tomorrow.
The Sourcefire NGFW is the only solution of its kind to add best-in-class threat prevention and robust access and application control to advanced firewall capabilities. In fact, because our roots are in threat prevention we deliver the first NGFW based on an industry-leading NGIPS. In NSS Labs' 2012 NGFW Product Analysis Report, Sourcefire set a new standard in security effectiveness, protecting against 99 percent of all attacks and demonstrating superior performance and total cost of ownership.
Key Sourcefire NGFW Capabilities
|Stateful firewall inspection||NGIPS threat prevention|
|Switching, routing & NAT||Automated impact assessment & policy tuning|
|Application control||Network behavior analysis|
|FireSIGHT® network and user intelligence||File type determination|
|IT policy compliance whitelists||URL filtering (optional)|
|User and User Group control||Advanced Malware Protection (optional)|
What a Next-Generation Firewall Should Be
Designed for organizations that want ultimate flexibility to deploy appliances to match their infrastructure needs and scale over time, the Sourcefire NGFW delivers unique advantages to combat threats in today’s real world: