Sourcefire 3D2500 w/ IPS 2 FO QPC, 500Mbps

Sourcefire 3D2500

Compare All Models images/stories/sourcefire-3d2500.png
Model Sourcefire 3D2500
Performance and Functionality
Supported Line Speed (IPS/IDS 500Mbps
Monitoring Interfaces 2 options:
(8) Copper 1Gbps;
(4) Copper 1Gbps and
(4) Fiber 1Gbps
Management Interfaces RJ45
Typical Latency < 1 millisecond
Memory (RAM) 2GB
Disk Capacity 160GB
Stacking Support No
Redundancy Features
Dual Power Supplies n/a
Hard drives n/a
RAID Support n/a
Cooling Fans 4
Physical and Environmental
Form Factor 1U
Dimensions (DxWxH in in) 20 x 16.93 x 1.7
Shipping Weight (lbs) 38lbs
Amps 6.3@110V / 3.2@220V
Voltage 100-240V
Watts (max) 630
BTU Rating (hour) 1200
Operating Temperature 0˚C-40˚C
RoHS Yes



Sourcefire IPS™ (Intrusion Prevention System)

Best-in-Class Intrusion Detection and Prevention

Today’s networks are highly dynamic. Threats are constantly evolving and becoming more sophisticated. Network security breaches continue to occur because static defenses can’t protect today’s dynamic networks against dynamic threats. Learn why more organizations depend on Snort® than any other intrusion prevention technology worldwide, and why thousands of enterprises rely on Sourcefire’s IPS and real-time adaptive security solution to protect their networks.



Protection Against Known and Unknown Threats

The Sourcefi re Vulnerability Research Team™ (VRT) works around the clock to ensure that Sourcefire commercial customers and open source Snort users are protected against both known and unknown threats. The VRT leads the IPS industry in addressing Microsoft Tuesday vulnerabilities on the same day they are announced.

It’s often the unknown threat that can be the most damaging. That’s why Sourcefire publishes vulnerability-based Snort rules. Unlike an IPS that relies primarily on exploit-based signatures, Snort rules offer protection against any possible exploitation of a vulnerability. This was illustrated when Sourcefi re protected its 3D customers and open source Snort users more than two years in advance of the Confi cker worm.

Sourcefire’s IPS appliances provide comprehensive threat protection against:

  • Worms
  • Trojans
  • Backdoor attacks
  • Spyware
  • Port scans
  • VoIP attacks
  • IPv6 attacks
  • DoS attacks
  • Buffer overflows
  • P2P attacks
  • Statistical anomalies
  • Protocol anomalies
  • Application anomalies
  • Malformed traffic
  • Invalid headers
  • Blended threats
  • Rate-based attacks
  • Zero-day threats
  • TCP segmentation & IP fragmentation attacks


Protection for Physical and Virtual Environments

Purpose-built, ICSA-certified Sourcefi re 3D® Sensors are available with throughputs from 5Mbps up to 10Gbps. By clustering two 10Gbps 3D9900 Sensors, the 3D System can support throughput up to 20Gbps. 3D Sensors are available with fault-tolerant features, such as fail-open copper and fiber ports, dual power supplies, and RAID drives.

Sourcefire 3D500



Sourcefire 3D1000


45 Mbps

Sourcefire 3D2000


100 Mbps

Sourcefire 3D2100


250 Mbps

Sourcefire 3D2500


500 Mbps

Sourcefire 3D3500


1 Gbps

Sourcefire 3D4500


2 Gbps

Sourcefire 3D6500


4 Gbps

Sourcefire 3D9900


10 Gbps

The Sourcefire Virtual 3D Sensor™ extends the 3D System to far corners of the network where IT security resources don’t exist or the deployment of physical 3D Sensors is impractical. Virtual 3D Sensors also provide the capability to inspect VM-to-VM communications, providing the same protection as their physical sensor counterparts. The Virtual 3D Sensor offers support for inspection of network traffic at speeds up to 500Mbps.

Centralized Event Aggregation and Analysis

Using the feature-rich, yet easy-to-use, Sourcefire Defense Center® (DC) or Sourcefire Virtual Defense Center™ management console, customers can analyze events, confi gure and push IPS policies, automatically download and apply Snort rule updates, and more. Powered by the Snort detection engine, Sourcefire IPS excels with detailed packet-level forensics and sophisticated, customizable workflows for investigating security events as they occur. For larger deployments, customers can leverage Sourcefi re’s Master Defense Center (MDC) technology to manage multiple DCs and hundreds of physical and/or virtual 3D Sensors across their entire organization.


(click on picture to enlarge)

Sourcefire supports a Defense-in-Depth intrusion prevention strategy by allowing physical or virtual Sourcefire 3D Sensors to be positioned in all areas of the network. Sourcefire Defense Center orchestrates all event aggregation, analysis, and IPS policy management.

Reports, Alerts, and Dashboards

Defense Center provides customers with numerous reports, alerts, and dashboards. Customers can leverage a variety of pre-defi ned report templates or create custom reports to meet the needs of any organization. They can receive alerts in the form of syslog entries, email messages, or SNMP alerts. Customers can also create fully customized dashboards with dozens of dragand- drop “widgets” that display critical information in the form of tables and graphs.


Real-Time Network Intelligence

Sourcefire RNA® (Real-time Network Awareness) provides 24x7, passive network intelligence, storing a real-time inventory of operating systems, services, applications, protocols, and potential vulnerabilities that exist on the network. RNA collects this intelligence in a completely passive manner, while seamlessly integrating the intelligence with the 3D System. RNA’s host database can also be augmented with information gathered by active discovery tools to further expand the store of network intelligence. Combine RNA’s real-time network visibility with Sourcefire RUA® (Real-time User Awareness), a technology that links user identity to security and compliance events, and organizations have enterprise-wide intelligence on their dynamic networks and users.

Automated Impact Assessment

IT security professionals don’t have time to sift through hundreds or thousands of security events each day to try to figure out which events matter most. By leveraging Sourcefire RNA’s real-time network intelligence, customers can take their Sourcefire IPS to the next level. Threat intelligence is automatically correlated against RNA’s real-time target host intelligence to determine the relevance and impact of an attack. With automated impact assessment, events are typically reduced by up to 99%, allowing administrators to focus on the events that can actually affect their networks.

Automated IPS Tuning

IT security professionals don’t have time to constantly “tune” their IPSes as their networks change. By incorporating RNA’s real-time network intelligence into the Sourcefire IPS, the ongoing process of IPS tuning can also be automated. As your network evolves, RNA-Recommended Rules takes the guesswork out of determining which Snort rules to enable and disable. RNA recommends relevant Snort rules based on the network it’s protecting, and Snort rules can be enabled with or without human intervention.

The use of Sourcefire’s real-time adaptive security solution results in less manual event investigation and IPS tuning by your IT security staff, lower potential for network downtime, and lower cost of operations. By having realtime knowledge of what’s running on your network, the 3D System saves you time and effort and maximizes protection of your ever-changing network.


Sourcefire is the only IPS provider offering dynamic defenses against the threats aimed at your constantly changing network. Sourcefire’s key capabilities include:

Superior attack protection:

» Snort IPS detection engine
» Vulnerability-based Snort rules
» Open rules language—view, edit, and create Snort rules
» Multiple default IPS policies
» ICSA Labs certifi ed and NSS Labs tested

Most contextual information about threats:

» 24x7, passive network intelligence
» User identity tracking

Only network security provider to offer a real-time adaptive security

» Real-time, automated intrusion event impact assessment
» Automated IPS tuning based on actual network assets

Integrated system managed from a single, easy-to-use management

» “Manager of managers” enterprise-class scalability through MDC technology

Excellent forensics and event analysis:

» Powerful event viewing system
» Full packet logging

To learn more about Sourcefi re’s award-winning IPS solutions, cal 1-877-489-1113.

Free Consultation

Due to our numerous partnerships, we can provide unbiased opinions on the best solution for your environment.

Unbeatable Prices

Our partnership levels give us the highest product discounts which we pass on as savings to our customers.

Pro Services

Finish your IT projects on-time and under budget with our nation-wide team of senior level engineers.

24x7 Tech Support

Rest assured knowing that our U.S. based IT support team is here for you on nights, weekends and when you need us most.