Avatar

Snort 3.0

A little more than a year ago when Sourcefire became a part of Cisco, we reaffirmed our commitment to open source innovation and pledged to continue support for Snort and other open source projects. Our announcement of the OpenAppID initiative earlier this year was one of several ways we have delivered on this promise.

Today we are announcing the alpha release of a new Snort 3.0 architecture. This alpha release builds on several ideas that were part of the original 3.0 prototype developed several years ago and goes well beyond those initial concepts.

Snort 3.0 expands on the extensible architecture users have come to know and includes several new capabilities that make it easier for people to learn and run Snort. We encourage you check out it out at www.snort.org, give us your feedback and help us build a strong foundation for the future. As Joel mentions in his post, this is a very early release that is intended for community feedback more than anything else.

When I first began building Snort, I architected it so that we could continue to extend it over time. By working with the Snort community, it quickly evolved from the initial primitive idea of an easy-to-use intrusion detection engine to the powerful traffic analysis and control capabilities we have today. With millions of downloads and hundreds of thousands of registered users, Snort is the most widely deployed IPS technology in the world and has become the standard for intrusion detection and prevention. Snort is also the foundation of Cisco’s Next-Generation IPS and is one of the core technologies that cemented Sourcefire’s position as a leader in the security industry.

Cisco understands the power of open source and how it can help customers solve tough challenges. In the coming months you’ll hear more from us about Snort 3.0 and our continued efforts to deliver meaningful capabilities that underscore this commitment.



Authors

Martin Roesch

Vice President and Chief Architect

Cisco Security Business Group