Cisco Sourcefire 3D [EOL] Review

Ensure that proper appliance sizing is considered and fully understand how certain interfaces work between the models.

Valuable Features

  • Signature accuracy
  • Firesight
  • Amp
  • Vulnerability database
  • The flexibility to apply the security policies in ways to best suit the environment

Improvements to My Organization

The accuracy of the signatures and the data gathered within the events, along with the firesight and vulnerability data greatly reduce the amount of time it takes to isolate a problem and contain it.

Room for Improvement

  • More scheduling options for the 5.x versions
  • Better SIEM integration via estreamer

Use of Solution

7 years

Deployment Issues

None, time to deploy per appliance is very short, and devices are production ready very quickly.

Stability Issues

None, we have had great results with the 8000 and 7000 series sensors.

Scalability Issues

None, we purchase units that can handle roughly double the bandwidth of the network segments we are monitoring to cover future growth, and additional inspection overhead presented by additional features.

Customer Service and Technical Support

Customer Service:

5 out of 5

Technical Support:

5 out of 5

Previous Solutions

I have used ISS and Cisco 4200 series IPS appliances.

The switch to sourcefire/cisco 3d systems was made to take advantage of throughput of the hardware resulting in lower total data center footprint (a few larger sensors in place of over a dozen smaller) and the accuracy of the detection capabilities and speed which emerging threats are addressed in new signature releases.

Initial Setup

Initial setup was very straightforward, anyone with a firm knowledge of their network, and some light unix/linux experience will find it user friendly.

Implementation Team

All deployments were done by on site FTE's

Other Solutions Considered

Cisco, ISS, Tipping point

Other Advice

I've been working with Sourcefire (pre Cisco) for several years and have done several large scale deployments of the product for a couple of financial institutions, from product selection, procurement, network design, all the way down to build/rack and stack, and being a security event end user.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 visitor found this review helpful
Add a Comment
Sign Up with Email