Sourcefire’s latest family of FirePOWER network security appliances which recently launched in Malaysia, caters to large-to-medium size global companies. Dubbed a best-of-breed protection solution without the budget busting price tag, SourceFire’s FirePOWER appliances specialise in advanced malware threats, significantly protecting networks from advanced persistent threats (APT) and targeted attacks.
 |
| Kong and Sourcefire country manager, Ivan Wen |
It also utilises big data’s unique characteristics to predict new malware. Sourcefire Malaysia’s security architect, Kong Kum Yern said, “One of the powerful IT security applications for big data is predicting new malware by analysing data knowledge from extremely large user communities.
“IT security solutions with built-in big data capabilities continuously gather and scan data from users. Data mining algorithms leverage these users’ understanding of existing malware to automatically predict threats that are mutations of existing threats and have never been seen before.
“These big data tools can use malware collected from a single source to protect the entire community. Security analysts can therefore use the results of this predictive analysis to make informed decisions about protecting the environment. “
This isn’t the first time Sourcefire has leveraged big data and community knowledge, having introduced the FireAMP mobile solution that detects and blocks malware using big data analytics, earlier this year. Kong described, “The advanced malware protection for FirePOWER, which we recently announced, integrates with the collective intelligence of Sourcefire’s FireAMP solution.”
Point solutions bundled in
The new appliances provide customers with flexible software-enabled configuration choices including Next-Generation Intrusion Prevention Systems (NGIPS), Application Control, Next-Generation Firewall (NGFW) and now, advanced malware protection.
Advanced malware protection is a subscription add-on that customers can use with FirePOWER appliances. A new Sourcefire FirePOWER software version 5.1.1 now also features file type detection and control as well as offers security intelligence for IP reputation and blacklisting.
Security intelligence will be fed in real-time to a cloud-based command and control centre, to automatically update blacklists and set rules to block communication with malicious sites, spam, phishing, botnet, open proxies and relay sources.
Two other nifty features include continuous analysis whereby files can be tracked, even if already categorised as safe, and retrospective alerting which utilises targeted host and file analysis fingerprint information to do rapid cleanup of a malicious file, even if previously it was categorised as safe.
