Monday, July 25, 2005

Sourcefire Certified Snort Integrator Program

Did you see Sourcefire's press release on its Certified Snort Integrator Program? If you're not in this program, and you use Snort to provide services or products to third parties, you can't deploy or sell sensors with Sourcefire VRT rule sets. The only exception involves major release versions of Snort, e.g., 2.3.0 or 2.4.0, each of which are packaged with the latest rules at the day of release.

The press release says "charter members of the program include: Astaro, BRConnection, Catbird Networks, Counterpane Internet Security, e-Cop, Netreo, NTT DATA CORPORATION (Japan), ProtectPoint, SecurePipe, StillSecure, VarioSecure Networks, VeriSign, Voyant Strategies and WatchGuard."

If you own a Snort-based appliance or contract with a third party to provide Snort-based services, is your vendor on this list? If not, ask your vendor why not, and how they intend to keep their rules up-to-date. If you run Snort on your own to protect your own enterprise, this new program does not affect you. You can still register to become a VRT rules user for free and get the latest rules five days after they are provided to VRT subscribers.

No comments: