[Dshield] Check Point acquires Sourcefire

Hernandez, Moses MHernandez3 at mercymiami.org
Fri Oct 7 18:06:34 GMT 2005


Traditionally when checkpoint acquires companies that they feel will
seamlessly integrate. I know that when they purchased Zone Labs the
engine was very easily migrated into the fabric to where you can manage
it all through the single dashboard and also the logs comes to the same
log viewer. The other thing is that the products all speak to each other
so containment through the product is a reality from the Endpoint
Product to the Network IPS and finally to the Firewall Perimeter will
the containment exist. 



-----Original Message-----
From: list-bounces at lists.dshield.org
[mailto:list-bounces at lists.dshield.org] On Behalf Of byte_jump
Sent: Friday, October 07, 2005 1:46 PM
To: General DShield Discussion List
Subject: Re: [Dshield] Check Point acquires Sourcefire

On 10/7/05, Hernandez, Moses <MHernandez3 at mercymiami.org> wrote:
> Joel,
>   One of my biggest Concerns in evaluating IPS is not just
architecture
> but is in the R&D of Vulnerabilities and Signatures available. How
great
> is Sourcefire at providing signatures for the product? There are many
> companies that have a great R&D and are an "Intrusion Prevention"
> company so they make it a point to be on top of the latest threats,
> would you consider Sourcefire a company like that? If so I think
that's
> exactly what checkpoint needed and probably one of the biggest reasons
I
> never purchased or recommended an Interspect solution to a company.


I think RNA and the Snort that Marty demonstrated at CanSecWest 05 are
very compelling security products and demonstrate that Sourcefire was
set to deliver a very useful upgrade to the idea of IDS and IPS. If
you weren't at CanSecWest (why weren't you?), the new Snort that Marty
demonstrated takes context automatically from RNA. It looked very
promising. How Check Point intends to integrate that with their
existing technology is anyone's guess, but having it integrate with
firewall logs and such seems fairly appealing to me.

Thanks.

_________________________________________
Using .Net? Need to know more about .Net Security?
http://isc.sans.org/banner_count.php?dest=dotnet

_______________________________________________
send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list
**********************************************************************************************
IMPORTANT: The contents of this email and any attachments are confidential. They are intended for the 
named recipient(s) only.
If you have received this email in error, please notify the system manager or the sender immediately and do 
not disclose the contents to anyone or make copies thereof.
*** eSafe scanned this email for viruses, vandals, and malicious content. ***
**********************************************************************************************




More information about the list mailing list