[ISN] Snort To Go Virtual

From: InfoSec News <alerts_at_private>
Date: Mon, 1 Jun 2009 03:04:56 -0500 (CDT)
http://www.darkreading.com/security/intrusion-prevention/showArticle.jhtml?articleID=217700715

By Kelly Jackson Higgins
DarkReading
May 28, 2009

The 10-year-old Snort IDS/IPS technology on which many of today's 
intrusion prevention products are based is poised for a face-lift.

Sourcefire, which develops the open source Snort tool, today officially 
announced that later this year it will deliver a commercial, Snort-based 
virtual appliance, and that it is working with Intel on the 
next-generation open source Snort engine. The company today also began 
offering a new release candidate of Snort, 2.8.5, and new features for 
version 2.8.4.

Snort has been gradually moving away from being just an IDS/IPS. Snort 
creator and Sourcefire CTO Martin Roesch last year first hinted at what 
Snort 3.0 might look like, revealing the next generation of the software 
would serve as a sort of a network traffic analysis platform on which 
other security functions could run.

And in a recent interview with Dark Reading, Roesch said Snort 3.0 -- 
currently under development -- will include the Snort Security Platform 
(SnortSP), providing the underlying processing for various security 
"applications" or functions that would handle traffic analysis, such as 
data leakage prevention and content scanning, in addition to IDS/IPS. 
"We would build network security applications on top of [the platform]," 
Roesch said.

[...]


_____________________________________________
Visit the InfoSec News security bookstore!
http://www.shopinfosecnews.org 
Received on Mon Jun 01 2009 - 01:04:56 PDT

This archive was generated by hypermail 2.2.0 : Mon Jun 01 2009 - 01:12:04 PDT