• Intelligent Cybersecurity
  • Intrusion Prevention
  • Network Visibility
  • NBA
  • Virtualization
  • IT Policy Compliance
• Compliance
• Vertical Industries

IT Policy Compliance

Many organizations have documented IT acceptable use policies, but many lack the means to monitor and enforce them. Sourcefire helps customers to overcome this challenge by making it easy to monitor and enforce IT policy compliance.

Sourcefire RNA® (Real-time Network Awareness) continuously discovers and monitors network assets and maintains an updated inventory of operating systems, services, applications, protocols, and potential vulnerabilities that exist on the network. Administrators can work with this inventory to create compliance “white lists” for the proper use of assets. The Sourcefire Defense Center™ management console will generate alerts if RNA sees changes that could indicate the violation of a compliance policy, such as the introduction of new network assets or new services. These alerts can be used to trigger a number of automated responses, including removal of assets from the network through integration with network infrastructures capable of performing network access control.

RNA’s business criticality features can assist with compliance monitoring. Hosts in the Sourcefire 3D® database can be prioritized based on the business value to the organization. This setting can be used to differentiate between a finance server with highly sensitive data and a test server sitting in a lab. RNA’s compliance engine can use this data to build powerful compliance rules that trigger a different response or remediation for hosts with different criticalities.

An added benefit of monitoring and enforcing IT policy compliance is that it oftentimes facilitates compliance with external regulations, such as PCI DSS, HIPAA, SOX, FISMA, Basel II, GLBA, and NERC. Visit the Regulatory Compliance Overview page to see how Sourcefire can help your company meet the network security regulations of your industry.