VMware Cloud Community
farri304
Contributor
Contributor

Sourcefire Virtual Defense

Has anyone used this product in their environment? We are looking into options for monitoring/blocking traffic of our VDI virtual machines. My first thought was to use the vShield product suite, specifically vShield App. However, our security team, who has no involvement with my vmware team, is telling us that Sourcefire Virtual Defense is the product they would like to implement.

Based on my reading so far it seams like Sourcefire still requires interaction with vShield(see below).

https://community.sourcefire.com/questions/does-your-virtual-ips-interact-with-vmware-s-vshield

My question is why would I purchase Sourcefire just so that it can utilize vShield, meaning I'd have to purchase 2 products to do what 1 does already?

Any thoughts would be great.

Happy New Year everyone.

Joe

Twitter: @joefarri
Tags (1)
Reply
0 Kudos
2 Replies
farri304
Contributor
Contributor

Ok, to update my previous post.

It seems as though Sourcefire has a Virtual Appliance (OVA) that gets installed in vSphere. This 3D Virtual Censor acts as a firewall component for the virtual machines. All the 3D Censors gets managed by a Defense Center.

So is it simply an appliance and nothing more? There must be some hypervisor component that communicates with the vSwitches in the same way vShield does. Does it leverage a VMsafe-ish API?

To note I'm not just being lazy. There are no whitepapers on the Sourcefire website and I have searched the internet for more information only to find a very high level overview of what it does(which I noted above). Not to mention their "datasheet" only says it supports up to ESX 4.0.

So any info would be great.

Thanks again

Joe

Twitter: @joefarri
Reply
0 Kudos
JonathanG
Enthusiast
Enthusiast

Joe

I cannot speak for SourceFire, however Trend Micro Deep Security offers a firewall appliance that does not interact with nor require VMware vShield.

http://us.trendmicro.com/us/products/enterprise/datacenter-security/deep-security/

Compatible with ESX 4.0, 4.1 and 5.0

[ full disclosure, I work for Trend Micro jonathan_gershater@trendmicro.com ]

Reply
0 Kudos