Sourcefire RNA

Sourcefire RNA (Real-time Network Awareness) is  passive sensing technology that provides real-time network intelligence to the Sourcefire 3D System. RNA enables organizations to protect their dynamic networks through a unique, patented combination of passive network discovery, network flow analysis, and targeted vulnerability assessment technologies.

Sourcefire RNA provides Network Visibility with his continuous passive network monitoring, creating a real-time inventory of operating systems, services, applications, protocols, and potential vulnerabilities on the network. RNA’s host database can also be augmented with information gathered by active discovery tools, where they exist, to further expand the store of network intelligence. Once RNA has established a baseline network inventory, the Policy and Response engine can notify Information Security or Network Operations the moment a new host appears on the network and/or when an existing host has changed its approved configuration (e.g., OS upgrade, new service).

Sourcefire RNA Network Behavior Analysis (NBA) capabilities analyze network traffic and
detect traffic surges or other anomalies. Information Security and Network Operations groups can detect and quarantine internal threats by establishing “normal” traffic baselines and detecting network anomalies.

Sourcefire RNA provides IT Policy and Regulatory Compliance by continuously discovers and monitors physical and virtual network assets. Administrators can create “compliance white lists” for the proper use of assets and by Sourcefire Defense Center they can generate alerts and take appropriate action if RNA sees changes that could indicate the violation of a compliance policy (such as the introduction of unauthorized applications).