) Networks is a well known for its products and services in the field of network forensics. Solera recently announced
its partnership with Sourcefire, Inc. which an innovator in intelligent Cybersecurity solutions.
With this partnership, the Solera Networks are now able to integrate its esteemed network forensics technology directly into Sourcefire's event analysis. Sourcefire's packet analysis functionality can be improved with the integration. This helps to include full session capture that offers detailed forensics for any security event. The partnership ensures quick incident response to any security event and provides full detail to satisfy the question 'what happened before and after a security event?'
In a release, Steve Shillingford, the president and CEO of Solera Networks said that 'Sourcefire is a recognized leader in intrusion detection and prevention. Many of today's leading organizations rely on Sourcefire technology to protect their critical assets. Combining our high-speed active network forensics with their platform gives these companies another valuable tool in their arsenal to combat ever-changing and persistent attacks. With network forensics and instant replay they can quickly determine the complete source and scope of any security event. It's like a DVR or surveillance for their network.'
Sourcefire IPS utilizes a commanding combination of vulnerability and anomaly-based inspection methods. This is to analyze network traffic and avoid threats from damaging the network. Solera Networks forensics appliances operate passively on the network and capture, index, record and replay all traffic irrespective of the network speed. Now, the Sourcefire users are able to avail the option to view any slice of network traffic surrounding a security alert.
These slices are based on different parameters such as time, protocol, source/destination port and much more. The Solera DeepSee Forensics Suite rebuilds and sends a full record of anything crossing the network including artifacts such as files, emails, malware, etc. contained in that traffic. The combined solution offers security against known threats and helps the tools to prepare for and quickly respond to the unknown threats.
Besides full playback of traffic surrounding any security alert, the historical network record helps to authorize updated signature files. Solera DS appliances contain an exact replica of an organization's network traffic. With this facility, the analysts can replay old traffic to a recently updated Sourcefire IPS and validate the most recent incremental protection delivered by Sourcefire's Vulnerability Research Team.
Carolyn John is a Contributor to TMCnet. To read more of her articles, please columnist page.
Edited by Juliana Kenny