Sourcefire Integration with VMware vShield Delivers Application Control and Dynamic Enforcement of Security Policies
March 2011 by Marc Jacob
Sourcefire, Inc. announced integration between Sourcefire®
and VMware vShield™ App and vShield Edge. The integrations enable the Sourcefire Intrusion
Prevention System (IPS) to configure VMware vShield App or vShield Edge to dynamically
restrict any policy-violating activity within a customer’s virtual environment. The Sourcefire
IPSTM integrated with VMware vShield products provides users with application detection,
application control and real-time adaptive security.
With this ability to enforce security policies, the integration between Sourcefire and VMware
vShield solutions helps users reduce the risk of a security breach or data loss.
The Sourcefire IPS
monitors real-time network and user activity in a virtual environment, detecting policy violations
such as the use of unauthorized applications on non-standard ports or unpermitted access to a
critical host. When a violation is identified, Sourcefire uses VMware vShield APIs to
dynamically configure vShield App or vShield Edge to restrict the activity causing the violation.
To provide automation and minimize administrator intervention, Sourcefire tracks when
configuration changes are made and automatically removes restrictions after a specified time
interval.