Sourcefire Rolls Out Realtime Network Awareness Device

The Realtime Network Awareness (RNA) device sits on the network and passively looks at all incoming traffic on the network and identifies the type of hardware, operating system, application and patch levels. The device also monitors network topography and change events.

"Network administrators often don't know what's on their network because the network is so big," said Tom McDonough, president of Sourcefire, Columbia, Md. "Using RNA, the administrator has a full view of the network assets, so when a threat such as a worm or virus occurs, they can effectively identify which machine may be at risk or already have the vulnerability and block it off from the network."

>> 'Network administrators often don't know what's on the network because the network is so big.'
-- TOM MCDONOUGH, SOURCEFIRE

Sourcefire has chosen to initially ship RNA exclusively on IBM's eServer xSeries servers. Several vendors, such as ArcSight, GuardedNet, netForensics and TruSecure, are including RNA support in their solutions, McDonough said.

The company is also OEMing Symantec's bug-tracker technology to incorporate the latest vulnerability information into the RNA device.

id
unit-1659132512259
type
Sponsored post

McDonough views the device as an upsell opportunity for solution providers currently selling and deploying its Intrusion Management System.

The vendor works with 80 resellers, 55 of which are in the United States and the rest in Europe, the Middle East and the Pacific Rim.

Paul Rohmeyer, COO of Icons, a security services firm based in North Brunswick, N.J., said he is particularly interested in RNA's change event capability, which allows the device to automatically assess new assets for vulnerabilities.

But Sourcefire is in for a challenge in the vulnerability space, he said. "This is where they're going to have to rely on the channel," Rohmeyer said. "This is moving beyond just simply adding intrusion detection, but adding a toolset that requires a certain level of maturity in understanding and managing vulnerabilities, which is a whole other challenge."

The RNA devices, or sensors as Sourcefire calls them, work in conjunction with the company's Management Console for data aggregation, consolidated reporting, network visualization, sensor configuration, and policy distribution.

Pricing for the RNA device starts at $12,000.