Some positives, some negatives. So it goes with Sourcefire's most recent release of their 3D IPS System. This review covers the big changes with two aspects of their software: RNA (Realtime Network Awareness) and RUA (Realtime User Awareness). With this release they've upgraded RNA by including it into macro management. Two of the most important changes in 3D System Version 4.7 lie in the RNA and RUA components. When we looked at the RNA in its first releases, we found its ability to provide network visibility by passively discovering systems, applications and vulnerabilities useful. However, RNA was not integrated into IDS and IPS policy definition at that point. In this release, Sourcefire finally brings RNA into the big picture by letting the network manager easily use RNA-discovered information to refine IDS and IPS policy and build compliance policies.

The link for this article located at Networkworld.com is no longer available.