EasyManua.ls Logo

Source fire Sourcefire 3D System - Sourcefire 3 D System Appliances

Default Icon
280 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Version 5.2 Sourcefire 3D System Installation Guide 9
Introduction to the Sourcefire 3D System
Sourcefire 3D System Appliances
Chapter 1
hardware specifications and safety and regulatory information for Sourcefire
appliances.
TIP! You can host virtual Defense Centers and devices, which can manage and
be managed by physical appliances. However, virtual appliances do not support
any of the system’s hardware-based features: redundancy, switching, routing, and
so on. For detailed information, see the Sourcefire 3D System Virtual Installation
Guide.
The topics that follow introduce you to the Sourcefire 3D System and describe its
key components:
Sourcefire 3D System Appliances on page 9
Sourcefire 3D System Components on page 16
Licensing the Sourcefire 3D System on page 19
Security, Internet Access, and Communication Ports on page 23
Sourcefire 3D System Appliances
A Sourcefire appliance is either a traffic-sensing managed device or a managing
Defense Center:
Physical devices are fault-tolerant, purpose-built network appliances available with
a range of throughputs and capabilities. Defense Centers serve as central
management points for these devices, and automatically aggregate and correlate
the events they generate. There are several models of each physical appliance
type; these models are further grouped into series and family.
Many Sourcefire 3D System capabilities are appliance dependent. For more
information, see the following sections:
Defense Centers on page 9
Managed Devices on page 10
Understanding Appliance Series, Models, and Capabilities on page 10
Defense Centers
The Defense Center provides a centralized management point and event
database for your Sourcefire 3D System deployment. Defense Centers, which
can be physical or virtual, aggregate and correlate intrusion, file, malware,
discovery, connection, and performance data. This allows you to monitor the
information that your devices report in relation to one another, and to assess and
control the overall activity that occurs on your network.

Table of Contents