Snort mailing list archives
Sourcefire: Commercial Snort-based Sensor Appliances entering beta testing
From: Martin Roesch <roesch () sourcefire com>
Date: Tue, 10 Jul 2001 11:40:37 -0400
As some of you know, I have started a new company to bring industrial grade intrusion detection sensors and management infrastructure to the commercial market. This company is called Sourcefire Inc. (http://www.sourcefire.com) and I'd like to take this opportunity to announce our first product. [*] OpenSnort Sensor The sensor appliance can either be used as a stand alone network sensor or teamed up with a management console and other sensors to provide wider coverage on a network. Here are the technical highlights of the OpenSnort Sensor appliances: - 1U rackmount appliance, 100Mbps network rated sensor performance - Web-based GUI allows multiple user access to the following interfaces - forensic data analysis - user management - sensor management - network configuration - rules management - rules creation - Multi-user access levels define permission levels for different users, you can have analysts, rule managers, sensor configuration people, sensor admins, etc. - Sensor management allows tuning and configuration of all critical parameters without needing extensive background in the underlying operating system - Rules management allows secure rules updating from the central console or from other data sources, rule creation and editing, and lets you use and tune Snort without having to touch a text editor - Optimized OpenBSD core for high performance packet acquisition - Data analysis interface for stand-alone forensic analysis (multi-sensor analysis capabilities are being built into our next product, the OpenSnort Management Console) - Serial configuration interface for terminal access to sensor configuration - Strong authentication for secure communications between sensor, users and console The OpenSnort Sensor is entering closed beta test this week and will be available for purchase by customers the end of this month. Now, before people start to worry about the future of Snort, let me just make it absolutely clear that Snort will remain completely open source now and in the future, I've committed to that in the past and I'm going to stick to it. That said, I have a short FAQ that I've prepared: Q1. I thought Snort was Open Source (GPL) Software, are you going to make it a closed source system now or in the future? A1. Snort is still Open Source and will remain free. I have stated my committement to keeping Snort free and open in public several times, and I remains committed to that ideal. Q2. If that is the case then what, exactly, is Sourcefire selling? A2. Sourcefire is selling all of the things that need to go around a great sensor technology like Snort to make it viable in the commercial marketplace. Currently, people who wish to make use of Snort on large networks or in distributed environments have to apply a "roll your own" approach. This involves setting up databases, mutli-sensor configuration control, rules management, data management and analysis interfaces, etc. Sourcefire will make it cheaper and easier for many companies to implement these technologies than they could do it themselves, in addition to providing a "known good" configuration from acknowledged industry experts on the topic. The Sourcefire solution also offers up-to-date professional documentation, training, installation support, and product support. When compared to the effort of designing a solution from scratch using local resources, we think the OpenSnort technologies that we are developing become very appealing to a number of potential customers. -Marty -- Martin Roesch roesch () sourcefire com http://www.sourcefire.com - http://www.snort.org _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Sourcefire: Commercial Snort-based Sensor Appliances entering beta testing Martin Roesch (Jul 10)