By Kelly Jackson Higgins
May 28, 2009
The 10-year-old Snort IDS/IPS technology on which many of today's
intrusion prevention products are based is poised for a face-lift.
Sourcefire, which develops the open source Snort tool, today officially
announced that later this year it will deliver a commercial, Snort-based
virtual appliance, and that it is working with Intel on the
next-generation open source Snort engine. The company today also began
offering a new release candidate of Snort, 2.8.5, and new features for
Snort has been gradually moving away from being just an IDS/IPS. Snort
creator and Sourcefire CTO Martin Roesch last year first hinted at what
Snort 3.0 might look like, revealing the next generation of the software
would serve as a sort of a network traffic analysis platform on which
other security functions could run.
And in a recent interview with Dark Reading, Roesch said Snort 3.0 --
currently under development -- will include the Snort Security Platform
(SnortSP), providing the underlying processing for various security
"applications" or functions that would handle traffic analysis, such as
data leakage prevention and content scanning, in addition to IDS/IPS.
"We would build network security applications on top of [the platform],"
Visit the InfoSec News security bookstore!