Shared Top Border
 

  

(  (01344) 780000

  
     
 

Home      About      Solutions      Services      Support      Contact

  
 
 

 

  Data Centre Power Management

 

 Desktop Power Management

 

  Log & Event Management

 

  Intrusion Detection & Prevention
 

  Email, Web & Data Security

 

  Cloud Based Backup & Recovery

 

  Email Archiving

  

        

    Save money, electricity and reduce your CO2 emissions.

 

 

 

 

 

 

 

   

      

Welcome to Armana Systems
   

   

   

     
  Intrusion Detection   Log & Event Management   Email, Web & Data Security   Security Services  
 

Advanced rule-based and behavioural intrusion detection and network intelligence

   Enterprise-class Log Management, Log Analysis and SIEM 2.0  

The best security against modern threats at the lowest total cost of ownership

  

ISO27001, BS25999, PCI DSS, Data Protection Act, Managed IDS, Security awareness & training

  
 

Learn More 

 

Learn More  

 

Learn More 

 

Learn More 

 
 

Sourcefire Realtime Network Awareness (RNA)      

More Information  
     

Network Monitoring with Real-time Passive Network Intelligence

 

Sourcefire RNA is an innovative, passive sensing technology that provides real-time network intelligence to the Sourcefire 3D® System. RNA enables organizations to confidently protect their dynamic networks through a unique, patented combination of passive network discovery, network flow analysis, and targeted vulnerability assessment technologies.

 

Like passive SONAR on a ship, RNA works by enabling you to identify friendly and non-friendly network behaviour through passive network monitoring 24 hours a day, seven days a week.



Network Visibility


Sourcefire RNA provides 24x7, passive network monitoring, storing a real-time inventory of operating systems, services, applications, protocols, and potential vulnerabilities that exist on the network. RNA’s key differentiator lies in its ability to collect this intelligence in a completely passive manner, while seamlessly integrating the intelligence with the 3D System. Because RNA is passive, it avoids the numerous and substantial pitfalls of traditional network monitoring technologies that rely on active scanning or host-based agents. Although passive discovery is RNA’s primary means of gathering network intelligence, RNA’s host database can be augmented with information gathered by active discovery tools.

Once RNA has established a baseline network inventory, its powerful Policy and Response (P&R) engine can notify Information Security or Network Operations the moment a new host appears on the network and/or when an existing host has changed its approved configuration (e.g., OS upgrade, new service).
 


Adaptive IPS for Efficient and Effective Intrusion Prevention
 

By leveraging Sourcefire RNA, customers can take their Sourcefire IPS™ (Intrusion Prevention System) to the next level. Incorporating RNA’s real-time network intelligence into the IPS can fully automate the ongoing process of IPS tuning and assessing the impact of security events.
 

The following table depicts key capabilities found in Sourcefire’s Adaptive IPS solution:
 
▪  Impact Flag Assessments Threat intelligence is automatically correlated against real-time target host intelligence to determine the relevance and impact of the attack. False positives and negatives can be reduced by up to 99%.

 
▪  RNA-Recommended Rules Sourcefire RNA recommends which Snort rules to enable and disable based on the network it is protecting. Snort rules can be enabled and disabled with or without human intervention.

 
▪  Adaptive Traffic Profiling Prevents IPS evasions by enabling the IPS to model segmented and fragmented traffic in the same manner the host OS would see it.

 
▪  Non-Standard Port Handling If a non-standard port is detected, the applicable Snort rules will automatically be re-configured to monitor related traffic using both standard and non-standard ports.

 


Network Behaviour Analysis


Network Behaviour Analysis (NBA) solves daily challenges faced by both Information Security and Network Operations groups. Sourcefire RNA enables Information Security to detect and quarantine internal threats by establishing “normal” traffic baselines and detecting network anomalies. RNA can also help to secure “unmanaged” devices used by contractors and guests, and IT can be alerted when a new host appears or attempts to access an unauthorised network resource. In addition, RNA enables Network Operations to monitor bandwidth consumption across the network and to troubleshoot network outages and performance degradations.
 


IT Policy and Regulatory Compliance


Many organisations have documented IT acceptable use policies (AUPs), but few have the means to monitor and enforce them. Sourcefire provides the capability to model and enforce AUPs with compliance white lists. White lists specify the operating systems, services, applications, and protocols that are approved for use on the network and can be applied to all hosts—or a select range of hosts—on a given network segment. Organisations can reduce risk by identifying and mitigating non-compliant hosts.

Oftentimes, monitoring and enforcing compliance with company IT policies facilitates compliance with external regulations, such as PCI DSS, HIPAA, SOX, FISMA, Basel II, GLBA, and NERC. Numerous 3D System compliance features, such as white lists, dashboard widgets, and reports, help organizations achieve regulatory, as well as internal, compliance
 


For an initial discussion with one of our intrusion detection specialists call us now on (01344) 780000.

     Sourcefire Sidebar  

Links


   Introduction

 

  Defense Center

 

  3D Sensor

 

  Sourcefire IDS

 

  Sourcefire IPS

 

  Sourcefire RNA

 

  Sourcefire RUA

 

  Intrusion Agent for Snort

  
Shared Bottom Border
 

Copyright © 2003 - 2012 Armana Systems LLP. All Rights Reserved | Privacy Policy