• 3D System
  • Defense Center
  • 3D Sensor
  • IPS
  • RNA
  • RUA
  • NetFlow Analysis
  • Intrusion Agent
• Snort
• ClamAV

Sourcefire Defense Center^™

Centralized Command and Control

The Sourcefire Defense Center (DC) management console is the “nerve center” of the Sourcefire 3D™ System. It provides a powerful, yet easy-to-use interface for aggregating and monitoring security and compliance events, for generating reports and configuring alerts, and for managing policies and distributing them to underlying Sourcefire 3D Sensors.

Each DC features a highly customizable, portal-like dashboard with dozens of pre-defined and customizable drag-and-drop “widgets” that display critical information in the form of tables and graphs. Dashboard benefits include interactive drill-down, granular administrative privileges, and dashboard tab cycling. Users can tailor the dashboard to their role within the organization and share their dashboard with their peers.

*No single sensor larger than Sourcefire 3D2100

Aggregating and Monitoring Events

All intrusion events are sent securely from Sourcefire 3D Sensors to Defense Center for centralized storage and analysis. Each DC correlates attacks with real-time network and vulnerability intelligence to assign an “Impact Flag” rating denoting the impact of the attack. This enables IT security to dramatically reduce false positives by up to 99%, saving considerable time and effort.

Customizable Reports and Alerts

Defense Center provides customers with fully customizable reports and alerts. Users can choose from a variety of pre-defined report templates or create custom reports to meet their reporting needs. Reports can be generated in PDF, HTML, and CSV formats, while alerts can be sent via syslog, SNMP, and email.

Centralized Policy Management

With Defense Center, users have complete control over policies and configuration of up to 100 3D Sensors from a single management console. Sourcefire IPS™ (Intrusion Prevention System) and Sourcefire RNA™ (Real-time Network Awareness) policies can be pushed down to all underlying sensors, to individual sensors, or to sensor groups.

Powerful Integration with Third-Party Systems

Sourcefire offers more ways to integrate with third-party security and network management products than any other IPS vendor. Sourcefire’s Remediation API can direct calls to firewalls, routers, vulnerability scanners, patch managers, and other systems based on triggered events. Its eStreamer™ interface can stream security, compliance, and sensor health events to SIEMs, log managers, and network management systems. And Sourcefire’s Host Input API can input externally-compiled endpoint intelligence into its RNA Host Database. Sourcefire also provides a selection of other third-party interfaces, including syslog and SNMP.

Sourcefire Master Defense Center for Enterprise Scalability

For large enterprises or organizations with distributed IT personnel, a single DC3000 appliance can be configured in Master Defense Center (MDC) mode to manage up to 10 subordinate DCs, effectively allowing the management of hundreds of 3D Sensors from a single management console. Sourcefire is the only IPS vendor to offer this powerful management capability.