I've wanted to say something about ENIRA for several months now, but I've been under a non-disclosure agreement. This morning, however, I noticed this press release which quotes me.
What's the fuss? ENIRA is a nearby company (in northern Virginia) that sells a Network Response System. It's essentially an incident containment appliance that isolates hosts when directed to do so. It's neither an IDS nor firewall -- layer 3, 4, 7 (IPS), or otherwise. ENIRA learns your network topology by accessing infrastructure devices (switches, routers, firewalls, etc.) and implements a containment policy when told to isolate a host or segment.
The isolation mechanism makes the best possible choices, based on any policies and restrictions you have provided. It keeps track of its actions and acts like a "network engineer in a box." I think this is a great network-centric incident response product. Lancope is going to use it to implement short-term incident containment when StealthWatch identifies suspicious or malicious activity.