Snort mailing list archives

Previous By Date Next
Previous By Thread Next

FW: [Snort-announce] Sourcefire: Commercial Snort-based Sensor Appliances entering beta testing

From: "Michael Steele" <michaels () silicondefense com>
Date: Wed, 11 Jul 2001 10:40:10 -0700


-Mike

        Commercial Snort Support
             1.866.41.SNORT
Silicon Defense - www.silicondefense.com
Michael Steele - Snort Support Technician


-----Original Message-----
From: snort-announce-admin () lists sourceforge net
[mailto:snort-announce-admin () lists sourceforge net] On Behalf Of Martin
Roesch
Sent: Tuesday, July 10, 2001 8:41 AM
To: snort-users; snort-announce
Subject: [Snort-announce] Sourcefire: Commercial Snort-based Sensor
Appliances entering beta testing

As some of you know, I have started a new company to bring industrial
grade intrusion detection sensors and management infrastructure to the
commercial market.  This company is called Sourcefire Inc.
(http://www.sourcefire.com) and I'd like to take this opportunity to
announce our first product.

[*] OpenSnort Sensor

The sensor appliance can either be used as a stand alone network sensor
or teamed up with a management console and other sensors to provide
wider coverage on a network.  Here are the technical highlights of the
OpenSnort Sensor appliances:

- 1U rackmount appliance, 100Mbps network rated sensor performance

- Web-based GUI allows multiple user access to the following interfaces
        - forensic data analysis
        - user management
        - sensor management
        - network configuration
        - rules management
        - rules creation

- Multi-user access levels define permission levels for different users,
you can have analysts, rule managers, sensor configuration people,
sensor admins, etc.

- Sensor management allows tuning and configuration of all critical
parameters without needing extensive background in the underlying
operating system

- Rules management allows secure rules updating from the central console
or from other data sources, rule creation and editing, and lets you use
and tune Snort without having to touch a text editor

- Optimized OpenBSD core for high performance packet acquisition

- Data analysis interface for stand-alone forensic analysis
(multi-sensor analysis capabilities are being built into our next
product, the OpenSnort Management Console)

- Serial configuration interface for terminal access to sensor
configuration

- Strong authentication for secure communications between sensor, users
and console

The OpenSnort Sensor is entering closed beta test this week and will be
available for purchase by customers the end of this month.

Now, before people start to worry about the future of Snort, let me just
make it absolutely clear that Snort will remain completely open source
now and in the future, I've committed to that in the past and I'm going
to stick to it.  That said, I have a short FAQ that I've prepared:

Q1.  I thought Snort was Open Source (GPL) Software, are you going to
make it a closed source system now or in the future?

A1. Snort is still Open Source and will remain free. I have stated my
committement to keeping Snort free and open in public several times, and
I remains committed to that ideal.

Q2. If that is the case then what, exactly, is Sourcefire selling?

A2.  Sourcefire is selling all of the things that need to go around a
great sensor technology like Snort to make it viable in the commercial
marketplace. Currently, people who wish to make use of Snort on large
networks or in distributed environments have to apply a "roll your own"
approach. This involves setting up databases, mutli-sensor configuration
control, rules management, data management and analysis interfaces,
etc.  Sourcefire will make it cheaper and easier for many companies to
implement these technologies than they could do it themselves, in
addition to providing a "known good" configuration from acknowledged
industry experts on the topic.  The Sourcefire solution also offers
up-to-date professional documentation, training, installation support,
and product support.  When compared to the effort of designing a
solution from scratch using local resources, we think the OpenSnort
technologies that we are developing become very appealing to a number of
potential customers.

     -Marty

--
Martin Roesch
roesch () sourcefire com
http://www.sourcefire.com - http://www.snort.org

_______________________________________________
Snort-announce mailing list
Snort-announce () lists sourceforge net
http://lists.sourceforge.net/lists/listinfo/snort-announce


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: