Sourcefire announced integration between Sourcefire and VMware vShield App and vShield Edge. The integrations enable the Sourcefire Intrusion Prevention System (IPS) to configure VMware vShield App or vShield Edge to dynamically restrict any policy-violating activity within a customer’s virtual environment.
The Sourcefire IPSTM integrated with VMware vShield products provides users with application detection, application control and real-time adaptive security.
“According to a 2010 survey of enterprise users by Prism Microsystems, 60 percent will virtualize their production servers by the end of 2011, but only 20 percent have deployed specific security technologies or strategies for the virtual environment,” said Martin Roesch, CTO at Sourcefire. “This leaves a significant hole in most organizations’ security postures – especially as more customers begin employing these systems to support critical applications. Sourcefire and VMware are working together to help ensure that virtual environments are protected, by providing simple integration that enables sophisticated policy enforcement.”
With this ability to enforce security policies, the integration between Sourcefire and VMware vShield solutions helps users reduce the risk of a security breach or data loss. The Sourcefire IPS monitors real-time network and user activity in a virtual environment, detecting policy violations such as the use of unauthorized applications on non-standard ports or unpermitted access to a critical host.
When a violation is identified, Sourcefire uses VMware vShield APIs to configure vShield App or vShield Edge to restrict the activity causing the violation. To provide automation and minimize administrator intervention, Sourcefire tracks when configuration changes are made and automatically removes restrictions after a specified time interval.
“As organizations move to cloud environments, they need to re-examine the way they protect key IT services,” said Parag Patel, vice president, Global Strategic Alliances, VMware. “This integration with Sourcefire is an important step in enabling users to secure their virtual and cloud environments to enforce compliance while leveraging the technology they already know and trust to protect their physical systems.”