Endace Announces Fusion Connector for Sourcefire Defense Center

New Fusion Connector Simplifies SecOps Workflow, Speeding Time to Resolution and Extending Network Forensics Abilities

February 24, 2014 –Endace, a world-leader in network visibility infrastructure, today announced the Endace Fusion Connector for Sourcefire Defense Center, enabling 100 percent packet capture at speeds up to 100Gb Ethernet (100GbE) and seamless click-through workflow between the security event and the packets on the EndaceProbe™ Network Analytics Platform. This allows rapid response and root cause analysis, drastically reducing the time and operational overhead of packet data access. By narrowing the time gap between alert, investigation, and response, the overall effectiveness of the Security Operations (SecOps) team increases, translating to improved system uptime, higher customer satisfaction and increased business continuity.

“We are very pleased to add Sourcefire to our growing Endace Fusion Ecosystem™ program,” said Endace’s Mike Riley. “The combination of Sourcefire’s highly-regarded network security toolset and our packet capture capabilities provides customers with a comprehensive security solution that significantly reduces enterprise network vulnerability windows and increases the data available for post-incident forensics analysis.”

The Endace Fusion Connector for Sourcefire Defense Center offers a best-of-breed, comprehensive intrusion detection system (IDS) that provides complete forensics visibility of impacted data in the case of breaches, and enables proactive prevention of future threats. The Endace Fusion Connector for Sourcefire Defense Center enables streamlined access to granular network packet history, thereby enhancing the capabilities of SecOps teams to dynamically protect their network at near real-time speeds and lowering time-to-resolution (TTR) for security incidents. It also shortens vulnerability windows for enterprises and increases the certainty of identifying what data was compromised in a breach, such as in the event of a customer credit data breach. The connector includes single-click access to EndaceVision™ Network Visibility Software, which enables rapid drill-down analysis of the network packet history and flow, and the ability to search, visualize and interrogate historical network traffic recorded by EndaceProbes.

“The integration of our joint capabilities for this new solution provide end users with a streamlined intrusion detection and identification workflow, removing ambiguity and optimizing efficiency in scenarios where TTR is critical,” said Douglas Hurd, director of technical alliances, Sourcefire. “By providing single-click access to the packet data underlying a potential intrusion, network staff can quickly identify suspect transactions and take the appropriate actions to shut them down.”

The new Fusion Connector for Sourcefire Defense Center is available immediately as a free download from the Sourcefire community downloads page. The Endace Fusion Connector for Sourcefire Defense Center is the latest security connector to be announced as part of the Endace Fusion Ecosystem Program, which is focused on applications and partners who provide complementary capabilities for network visibility that are required to detect, investigate and resolve common networking and security incidents.