Sourcefire Defense Center

Sourcefire Defense Center - the heart of the 3D System – provides an extraordinary platform for aggregating, contextualising, analysing, prioritising, and acting on the event information generated by Sourcefire Intrusion Sensors and Agents and RNA Sensors. By aggregating all the events, the Sourcefire Defense Center offers the most comprehensive view of security events on your network. For the first time, security administrators are able to effectively secure their networks by reducing threats, preventing attacks and responding to compromises.

The Sourcefire Defense Center enables real-time:

In addition, the Sourcefire Defense Center is the industry’s only complete enterprise security solution with an integrated ultra-high performance data management system. Now you can easily manage all aspects of Sourcefire products, from basic upgrades to analysis and reporting to policies and response, all from a single location.


Real-time Event Assessment and Prioritisation

The value of Sourcefire’s products is exponentially increased with the addition of the Sourcefire Defense Center. By tightly integrating the threat information provided by Sourcefire Intrusion Sensors and Agents with the network intelligence provided by Sourcefire Surveillance Sensors, the Sourcefire Defense Center is able to easily cut through the millions of security events to determine the most critical events to your business.

This real-time analysis is driven by Sourcefire Defense Center’s integrated, purpose built, high performance database capable of correlating and analysing events in real-time to determine:

Real-time Response to Threats

Sourcefire Defense Center enables organisations to confidently defend their network by analysing events in real-time and enabling automated response according to the ABC’s of Defence –

Real-time and Forensic Reporting and Analysis

The Sourcefire Defense Center includes an easy-to-use yet extremely powerful web-based Analysis Interface for real-time and forensic reporting and analysis. Customisable workflows enable users to tailor the interface to fit the way they investigate and analyse security events. In addition, users can easily create standard or customised reports in PDF, HTML, and CSV formats and can be automatically emailed for easy distribution.

Designed with enterprise deployments in mind, Sourcefire Defense Center is the only data management solution capable of handling hundreds of millions of events for identification of long-term security trends, while also allowing in-depth forensic analysis down to the individual packet level.


Additional Features:

Multi-sensor grouping – Flexible implementation options allow for sensor grouping and hierarchical architectures. A single Sourcefire Defense Center is capable of scaling to support large distributed sensor deployments.


Policy management and configuration control – Granular for managing sensor policies, configuring alert responses, and setting user administration privileges from one central location.


Easy integration with 3rd party tools – Enables data from the Sourcefire Defense Center to be sent to 3rd party tools such SIM products and network management systems.


Advanced scheduling – Schedule single or recurring tasks such as:

Dynamic load balancing of Sourcefire Intrusion Sensors - easily create groups of Intrusion Sensors on the same network segment to statefully load balance the traffic. Common policies are easily applied throughout the group.