Cisco and Sourefire: Effectively Respond During an Attack

A New Security Model

Author Richard Stiennon and Sourcefire founder Martin Roesch discuss security trends.

A New Security Model

Cisco and Sourcefire – Better Together

It's no longer a question of "if" attackers get in, but "when." Now you can continuously detect and block threats wherever they appear.

Traditional security technologies focus on visibility and blocking at the point of entry in order to protect systems. They scan files once at an initial point in time to determine if they are malicious.

But relentless attacks do not occur in a single point of time; they are an ongoing activity and demand continuous security.

Continuous Analysis

To thwart today's advanced attacks, you need solutions that can aggregate and correlate data from across the extended network with historical patterns and global attack intelligence. With that insight you can discriminate between active attacks, exfiltration, and reconnaissance compared to simple background noise.

Only then can you evolve security from an exercise at a point in time to an ongoing process of continual analysis and decision-making.

Across a Broad Range of Attack Vectors

You need solutions that operate everywhere a threat can appear—on the network, secure gateways, endpoints, mobile devices, and in virtual environments.

Enforce Policies Automatically

Should a file pass through that was thought to be safe but later demonstrates malicious behavior, you need to be able to take action. With real-time insight from Cisco and Sourcefire solutions you can employ intelligent automation to enforce security policies without manual intervention. 

Detect, Block, and Defend

During an attack, solutions like Sourcefire's Next-Generation Intrusion Prevention System give security professionals the ability to detect, block, and defend against attacks that have penetrated the network and are in progress.

Still, given the nature of advanced attacks today, the best threat detection alone isn't sufficient to completely protect your environment. Security methods must also include the ability to mitigate the impact once an attacker gets in.

That's why Sourcefire, together with Cisco, delivers an entire portfolio of threat-centric cybersecurity solutions. Our technologies work together to deliver protection across the full attack continuum—before, during, and after an attack.