IBM delivers proactive network security

As today’s threat landscape continues to evolve and become more complex, IBM is introducing a new security appliance to help clients more easily adopt an IT infrastructure that is secure by design and enable them to stay ahead of looming network security risks.

Businesses today are facing a growing number of external security challenges, such as targeted attacks, worms, bots, intrusion attempts and phishing scams. The average company’s IT infrastructure is attacked 60,000 times per day. Network threats target vulnerabilities in systems, workstations and applications and can have a crippling financial effect, disrupting business processes and causing loss of confidential and proprietary information.

Recognizing these increasing threats, IBM is introducing a new security network intrusion prevention system (IPS) that consolidates intrusion prevention with data and web application security into a single, optimized appliance for faster, more accurate security protection. The hardware appliance comes preloaded and preconfigured with IBM security software.

Unlike certain competitive solutions, the new IBM Security Network Intrusion Prevention System helps organizations take a more holistic approach to security, eliminating the need for multiple point solutions. Through a unified platform, clients can manage a variety of network security capabilities, such as automated Virtual Patch technology that can sense and block network threats, client-side application protection, data security, web application protection and application control. By combining these capabilities into a single platform, IBM is making it easier for organizations to manage and help secure their networks.

Emergency patching of security flaws requires unscheduled system downtime and can leave enterprises vulnerable until every system, workstation and application is patched. Despite the critical nature of these vulnerabilities that open the door to attacks, the 2009 IBM X-Force Trend and Risk Report reported that 52 percent of vulnerabilities had no vendor-supplied patch by year’s end.

For example, more than two years before the well publicized Conficker threat was discovered, IBM X-Force research identified the potential risk to enterprises from this type of threat and issued Virtual Patch protection, giving clients preemptive protection of their systems and workstations. For the top 61 security threats in 2009, IBM X-Force delivered the necessary protection an average of 340 days before the vulnerability was publicly disclosed.

Enhancements to the IBM Security Network IPS solution include:

• Advanced Network Protection – Enhanced security to combat “zero-day threats” to block threats before they have the chance to cause damage.
• Web Application Protection – The protection of a web application firewall. Through integration with IBM Security AppScan, the updated solution can automatically generate custom security policies to help protect Web applications based on the specific vulnerabilities identified by AppScan.
• Data Security – Updated data security protection, which monitors and identifies if any confidential information is leaving the network.
• High-Performance Network Appliances – Re-engineered platform that more than doubles the performance of earlier-generation appliances. This allows enterprises to reduce the number of appliances they use to protect their networks while protecting today’s high-speed networks and bandwidth-intensive applications.
• Enhanced User Experience – Simplified deployment and day-to-day management capabilities to help organizations more easily perform routine security management tasks.
• IPv6 Protection and Management – New support for IPv6, the Internet’s updated communication protocol. This is increasingly important as IPv6 continues to become mandated by agencies around the world as an industry standard.