Sourcefire founder Martin Roesch talks about attacks from the perspective of a defender.
Cisco and Sourcefire: Better Together
Gain comprehensive visibility and awareness of what’s on your extended network so you can implement policies and controls to defend it.
Context-aware attackers require context-aware security. Organizations are fighting against attackers that have more information about the infrastructure defenders are trying to protect than defenders often have themselves.
To defend before an attack occurs, you need total visibility of your environment. This includes, but not limited to, physical and virtual hosts, operating systems, applications, services, protocols, users, content, and network behavior. Your aim is to achieve information superiority over attackers.
You also need context to understand the risks to your infrastructure, based on target value, legitimacy of an attack, and history. If you don’t understand what you’re trying to protect you’ll be unprepared to configure security technologies to defend.
The Extended Network
Visibility needs to span the entirety of the network—endpoints, email and web gateways, virtual environments and mobile devices, as well as to the data center. And this visibility must be actionable, so that defenders can make informed decisions.
Implement Policies and Controls
Before an attack, solutions like Sourcefire’s Next-Generation Firewall give security professionals the tools you need to discover threats and enforce and harden policies.
With visibility you can implement access controls, enforce security policies, and block applications and overall access to critical assets. But there will always be gaps that attackers will find and exploit to achieve their objective.
That’s why Sourcefire, together with Cisco, delivers an entire portfolio of threat-centric cybersecurity solutions. Our technologies work together to deliver protection across the full attack continuum—before, during, and after an attack.