Sourcefire Aims To Boost Network Security

The company's new Real-Time Network Awareness (RNA) appliance passively monitors the network to detect hosts and what operating systems and services they're running, said Martin Roesch, Sourcefire founder and CTO. RNA also detects changes on the network, policy violations and traffic patterns.

RNA provides intrusion-detection technology with context to discern whether systems on the network are actually vulnerable to attack, he said. An intrusion-detection system says the network is being attacked but can't say whether the target of the attack is actually vulnerable, he said.

"Intrusion-detection systems do their job without any real context about what they're analyzing. This leads to a number of problems with false positives and false negatives," Roesch said.

The data produced by RNA is combined with the intrusion-detection data from Sourcefire Network Sensors via the Sourcefire Management Console.

"This gets intrusion detection to the point where it's really living up to its promise," Roesch said.

RNA is slated for release late in the third quarter or early in the fourth quarter. Pricing has not yet been determined.