Upcoming Events

Where the Cloud Touches Down: Simplifying Data Center Infrastructure Management

Thursday, July 25, 2013
10:00 AM PT/1:00 PM ET

In most data centers, DCIM rests on a shaky foundation of manual record keeping and scattered documentation. OpManager replaces data center documentation with a single repository for data, QRCodes for asset tracking, accurate 3D mapping of asset locations, and a configuration management database (CMDB). In this webcast, sponsored by ManageEngine, you will see how a real-world datacenter mapping stored in racktables gets imported into OpManager, which then provides a 3D visualization of where assets actually are. You'll also see how the QR Code generator helps you make the link between real assets and the monitoring world, and how the layered CMDB provides a single point of view for all your configuration data.

Register Now!

A Network Computing Webinar:
SDN First Steps

Thursday, August 8, 2013
11:00 AM PT / 2:00 PM ET

This webinar will help attendees understand the overall concept of SDN and its benefits, describe the different conceptual approaches to SDN, and examine the various technologies, both proprietary and open source, that are emerging. It will also help users decide whether SDN makes sense in their environment, and outline the first steps IT can take for testing SDN technologies.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Sourcefire Unveils First NGFW Appliances

Intrusion prevention system vendor Sourcefire is delivering on its October 2010 promise to add next-generation firewalls (NGFW) to its security portfolio. The company says the NGFW, built around its contextual-awareness technologies, delivers advanced firewall capabilities, as well as integrated application control and the "world’s most powerful IPS" in a security appliance that provides enterprise visibility, adaptive security and advanced threat protection. The two appliances will ship on Dec. 23.

Contextual awareness is the secret sauce, says Sourcefire, enabling it to offer granular network and application access control without compromising threat prevention. The IPS market is expected to reach $2 billion by 2014, and the NGFW market will reach $4 billion, which triples the company's addressable market.

Last month Sourcefire released a survey, conducted on its behalf by the Ponemon Institute that showed 55% of users globally, and 64% in the United States, are leveraging NGFWs to augment their current security deployments rather than replacing legacy technology. Respondents ranked IPS as the most important component of the NGFW for data protection, and named firewall as the least important feature for protecting their data from unauthorized access.

The NGFW additions are the 1U, stackable up to two times, 3D8140 with 10-Gbps firewall stateful inspection and 6-Gbps threat-inspected throughput, and the 2U, stackable up to four times, 3D8250 with 20-Gbps firewall stateful inspection and 10-Gbps threat-inspected throughput. The optional URL Filtering Service provides granular control over website access and content. A software upgrade for existing customers will be delivered in mid-2012, says the company.

IDC's John Grady, senior research analyst, security products, says there still doesn't seem to be a definitive definition for NGFW, but everyone generally knows what it means. "At the basic level, it's firewall plus IPS plus application control. You can get more granular in terms of Layer 7 visibility, etc., but IPS functionality is a big component of the NGFW story one way or the other. Intrusion Detection and Prevention is a keystone for advanced network security because it provides a wide range of protection capabilities. So starting from a strong IPS technology base and building a NGFW from that direction is a compelling story."

He agrees with Sourcefire that the contextual awareness is a big differentiator. "Arguably, the main advantage of NGFWs is the ability to granularly control application traffic by user. The additional visibility and awareness into behavioral patterns, hosts and operating systems help move the Sourcefire system beyond a signature-based approach. This is the direction stand-alone IPS solutions are moving; however Sourcefire is ahead of the curve in terms of leveraging the technology in a NGFW solution."

Ultimately, if Sourcefire is able to offer a solution that provides the same level of control and protection as that of a traditional firewall vendor's NGFW without increasing complexity relative to management and policy, the customer isn't going to care whether it's IPS plus firewall or firewall plus IPS, says Grady. IPS has been more flexible at meeting new waves of threats, and by marrying IPS and firewall (with user and application awareness) the ability to meet today's security challenges is improved.

"Sourcefire has had some very good success recently, but because they were operating in the stand-alone IPS space, I think they were still flying under the radar a bit. But the release of this product definitely pushes them into more direct competition with Cisco, Juniper and Check Point. Having both the stand-alone IPS and now the NGFW potentially gets Sourcefire into conversations they weren't in before. Also, because the new 3D8000 series appliances are the platform for both IPS and NGFW, there's some investment protection for customers who don't want to commit to the NGFW solution right away. Lastly, with a strong base in the public sector already, there's a lot of potential for traction there."

See more on this topic by subscribing to Network Computing Pro Reports Security That Never Sleeps (free, registration required).

Related Reading

More Insights

Network Computing encourages readers to engage in spirited, healthy debate, including taking us to task. However, Network Computing moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Network Computing further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
Vendor Comparisons
Network Computing’s Vendor Comparisons provide extensive details on products and services, including downloadable feature matrices. Our categories include:

WAN Security Reports

Research and Reports

Network Computing: April 2013

TechWeb Careers