Endace Announces Fusion Connector for Sourcefire Defense Center
February 24, 2014 –Endace, a world-leader in network visibility infrastructure, today announced the Endace Fusion Connector for Sourcefire Defense Center, enabling 100 percent packet capture at speeds up to 100Gb Ethernet (100GbE) and seamless click-through workflow between the security event and the packets on the EndaceProbe™ Network Analytics Platform. This allows rapid response and root cause analysis, drastically reducing the time and operational overhead of packet data access. By narrowing the time gap between alert, investigation, and response, the overall effectiveness of the Security Operations (SecOps) team increases, translating to improved system uptime, higher customer satisfaction and increased business continuity.
“We are very pleased to add Sourcefire to our growing Endace Fusion Ecosystem™ program,” said Endace’s Mike Riley. “The combination of Sourcefire’s highly-regarded network security toolset and our packet capture capabilities provides customers with a comprehensive security solution that significantly reduces enterprise network vulnerability windows and increases the data available for post-incident forensics analysis.”
The Endace Fusion Connector for Sourcefire Defense Center offers a best-of-breed, comprehensive intrusion detection system (IDS) that provides complete forensics visibility of impacted data in the case of breaches, and enables proactive prevention of future threats. The Endace Fusion Connector for Sourcefire Defense Center enables streamlined access to granular network packet history, thereby enhancing the capabilities of SecOps teams to dynamically protect their network at near real-time speeds and lowering time-to-resolution (TTR) for security incidents. It also shortens vulnerability windows for enterprises and increases the certainty of identifying what data was compromised in a breach, such as in the event of a customer credit data breach. The connector includes single-click access to EndaceVision™ Network Visibility Software, which enables rapid drill-down analysis of the network packet history and flow, and the ability to search, visualize and interrogate historical network traffic recorded by EndaceProbes.
“The integration of our joint capabilities for this new solution provide end users with a streamlined intrusion detection and identification workflow, removing ambiguity and optimizing efficiency in scenarios where TTR is critical,” said Douglas Hurd, director of technical alliances, Sourcefire. “By providing single-click access to the packet data underlying a potential intrusion, network staff can quickly identify suspect transactions and take the appropriate actions to shut them down.”
The new Fusion Connector for Sourcefire Defense Center is available immediately as a free download from the Sourcefire community downloads page. The Endace Fusion Connector for Sourcefire Defense Center is the latest security connector to be announced as part of the Endace Fusion Ecosystem Program, which is focused on applications and partners who provide complementary capabilities for network visibility that are required to detect, investigate and resolve common networking and security incidents.
Latest News & Announcements
-
30 August 2024
NextGenCount
Design and implementation of a new FPGA based real time synchronized hardware counter latching scheme from the ground up to allow multiple software applications to access the counters at the same time and with subsequent less jitter in measurements.
-
30 August 2024
Upgrade Orchestration Automation
The aim of this project is to automate the process of upgrading Endace Probes via a Centrally Managed Server, to speed up the software release cycle with more stability.
-
30 August 2024
EndaceCMS Profile Templating
EndaceCMS is the Central Management Server for an estate of EndaceProbes and InvestigationManagers. This project is to create a templatable profile system that works with the EndaceCMS to dynamically populate templated fields in a profile and improve functionality.
-
30 August 2024
CLI Fuzzing
EndaceProbes are a range of high-performance servers running a bespoke operating system called OSm. Fuzz testing or fuzzing is an automated software testing method that injects invalid, malformed, or unexpected inputs into a system to reveal software defects and vulnerabilities. This project is to build a fuzzing tool to test the OSm command line interface (“CLI”).
-
30 August 2024
Chaos Engineering
This project aims to build a framework to trigger arbitrary failure modes (“chaos”) within an EndaceFabric and instrument or verify the outcome and implement a few chaos mechanisms and demonstrate the functionality of the projects to potentially enable us to find issues earlier in a release.