BlueLock redefines its business model to provide best-in-class security services through its cloud computing hosting services.

Published on 28 Aug 2009

"IBM ISS has established itself as a well- known and trusted brand in IT security. When our clients ask what IPS technology we use in our cloud, we say IBM, and that’s pretty much the last time they ask about that." - Pat O’Day, cofounder and chief technology officer

Customer:
BlueLock

Industry:
Computer Services

Deployment country:
United States

Solution:
Cloud Computing

Overview

BlueLock redefines its business model to provide best-in-class security services through its cloud computing hosting services.

Business need:
Establish a more flexible security platform that can better adapt to the needs of a cloud computing environment

Solution:
A dynamic, virtualized security solution built around IBM Internet Security Systems

Benefits:
- Bolstered security efforts with a more versatile solution - Shortened the deployment cycle for new customers - Reduced hardware costs and energy use

Case Study

BlueLock underpins its cloud computing hosting services with best-in-class security.

image
Challenge
Establish a more flexible security platform that can better adapt to the needs of a cloud computing environment

Solution
A dynamic, virtualized security solution built around IBM Internet Security Systems

Key Benefits
- Bolstered security efforts with a more versatile solution
- Shortened the deployment cycle for new customers
- Reduced hardware costs and energy use


Forming clouds through virtualization

In recent years, the concept of cloud computing has taken off as an IT strategy. Companies now see the value of treating the software and systems used to support key business practices as an online service that can readily scale with demand. Using these virtualized cloud environments, businesses can more quickly adapt to sudden growth and better accommodate new processes, offering a higher level of flexibility. However, no matter how flexible the operating environment, organizations are still limited by the total capacity of the hardware that they have in place.

Bearing this trend in mind, BlueLock began offering its infrastructure-as-a-service cloud computing solution to customers in 2006. “We’re an infrastructure hosting company,” explains Brian Wolff, cofounder and vice president of sales and marketing at BlueLock. “We provide the right amount of storage, bandwidth and servers that a company needs to run their business. They load their applications into our infrastructure and pay for that infrastructure on a monthly basis.” And by hosting their environments with BlueLock, customers can avoid the hassle of right-sizing their hardware environment.

Fear of virtualization and cloud computing

Of course, not all businesses are excited about hosting their systems in a virtual cloud environment, particularly those concerned with the safety of their data. With many businesses taking advantage of the innate value of virtualization and hosting strategies, more companies are being forced to offload the IT management of core systems to outside parties to keep budgets low and remain competitive. However, this approach can make organizations nervous, because they are now relying on an outside party for the availability and reliability of mission-critical IT systems.

“It’s a multitenant environment,” explains Pat O’Day, cofounder and chief technology officer at BlueLock, when discussing the root of these concerns. “Today, with applications inside a traditional data center, it’s only one company. Even if someone did manage to jump from one part of the infrastructure to another and see something that they shouldn’t see, that’s all contained within a single client environment. But when you move toward a virtual cloud environment, you share the security exposure with everyone else in that environment.”

Recognizing this valid concern, BlueLock has moved to establish a security-rich operating environment for its customers. Calling on the decades of security experience of IBM, the organization worked with IBM Internet Security Systems (ISS) to deploy IBM Proventia® Network Intrusion Prevention System appliances throughout its infrastructure. The Proventia systems help to secure the data of BlueLock’s customers by offering preemptive security support and protection, which is designed to work ahead of threats to help prevent attacks and intrusions from succeeding.

As for the choice of the IBM platform, O’Day explains, “IBM ISS has established itself as a well- known and trusted brand in IT security. When our clients ask what IPS technology we use in our cloud, we say IBM, and that’s pretty much the last time they ask about that.”

The hard part about hardware

Wanting to provide quality service and a high-performance environment for its customers, BlueLock perpetually updates and reevaluates its IT environment to drive new value and benefits. And although BlueLock had been pleased with the overall capabilities and performance of the Proventia hardware, the business saw an opportunity to better align its security systems with its requirements. In particular, the organization wanted to shift from the use of physical network appliances to a strategy that would leverage virtualization technologies.

Although BlueLock had leveraged virtualization and system redundancy to benefit the operating capabilities of its business and its customers, all of this value resided within the cloud environment. However, as physical security consoles, the IBM Proventia Network Intrusion Prevention System existed outside of the virtualized infrastructure, providing sound protection for the overall environment but offering limited ability to see within the virtual network. O’Day sums up the situation, stating, “Right now, if a traditional server fails in our environment, it will automatically reboot itself on another part of the infrastructure. However, if a security appliance fails in the traditional physical model, it’s gone, and I’m left waiting on a replacement unit to be shipped.”

Similarly, BlueLock faced a related challenge when it chose to upgrade or perform maintenance on the IBM Proventia hardware. The business had to take the systems offline for these support tasks, creating a gap in security coverage. Because BlueLock needs to provide its customers with cloud access around the clock without compromising security, the business could not afford this downtime.

The virtually secure

Working with IBM Internet Security Systems, BlueLock converted its previous hardware-based security appliances to a solution founded on the IBM Proventia Server Intrusion Prevention System—a software-based security solution that can exist within the virtualized environment, while offering the level of security that BlueLock has come to expect. The business deployed the new security software within the cloud environment, where it maintains unique instances of the application to support each customer environment. “That’s one of the key reasons why we approached IBM about a virtual appliance,” explains O’Day. “We wanted to increase the strength of the container around each of our clients but allow them to get all of the benefits of living in a multitenant architecture.”

As BlueLock brings on new customers , it can now replicate new instances of the IBM Proventia security system. The business also leverages this capability to create extra installations of the intrusion prevention system to support testing efforts. Rather than placing the live production systems of its customers at risk when performing system updates or changes, BlueLock can replicate the environment within the cloud and perform extensive testing to help ensure that the updated environment will not lead to any security issues.

O’Day details additional uses for the easy replication offered by the IBM Proventia solution. “Today, if you want redundancy, you have to buy two appliances. With a virtual infrastructure, it’s a software module, so it lives on whatever redundancy the hardware does. From a disaster recovery standpoint, you can also back it up to a tape drive or replicate it to another site.”

Along with the virtual security environment, BlueLock also subscribes to IBM Managed Security Services. The IBM team provides real-time monitoring of the client’s IT environment, offering quick responses to unauthorized activities. To help ensure that BlueLock’s systems remain protected against even the newest of threats, the IBM team also performs routine system updates, while the intrusion prevention system offers automatic virtual patching.

The virtually efficient

By moving its security systems to within the cloud, BlueLock has been able to not only strengthen its security policies but also drive efficiency improvements. On average, BlueLock can bring a new customer into the cloud within one or two days However, in the past, the organization could not bring this customer fully online until the appropriate security device was in place—typically two to three weeks later. “But with the IBM Proventia Virtualized Network Security Platform,” explains O’Day, “we can literally tune it up in a matter of hours. There’s no waiting on equipment to arrive. There’s no purchase order process that we need to work out.” And this faster setup time leads to better service and more satisfied customers.

The solution has also helped the business to drive down its energy costs, by taking advantage of the innate efficiencies of the cloud infrastructure. Explains O’Day, “The infrastructure—the cloud platform itself—is already more efficient. So my ability to move as much into it versus bringing on a lower-utilization physical machine helps reduce my carbon footprint and is much more beneficial from a cost and efficiency perspective.”

Furthermore, the solution allows BlueLock to focus its efforts on supporting the cloud environment, because it relies on the experience and insight of IBM to secure its IT environment. This strategy allows BlueLock to reduce its costs from a labor perspective while still maintaining a highly secure operating environment. Brian Wolff perhaps best sums up the overall solution, stating, “It gives us the ability to extend the services that we can provide without sacrificing our core competencies. So it allows us to focus on what we do best, and it allows us to extend the service for what IBM and IBM ISS do best.”

Solution Components
Hardware
IBM Proventia® Network Intrusion Prevention System
Software
IBM Proventia Virtualized Network Security Platform
Services
IBM Internet Security Systems Managed Security Services

Components

IBM products and services that were used in this case study.

Service:
GTS ITS Security Services: HW/SW Products, GTS ITS Security Services: Infrastructure Security Services, GTS Enterprise Services

Legal Information

© Copyright IBM Corporation 2009 IBM Global Services Route 100 Somers, NY 10589 U.S.A. Produced in the United States of America August 2009 All Rights Reserved IBM, the IBM logo, ibm.com and Proventia are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml Other company, product, and service names may be trademarks or service marks of others. References in this publication to IBM products or services do not imply that IBM intends to make them available in all countries in which IBM operates. This document illustrates how one organization uses IBM products and services. Many factors have contributed to the results and benefits described; IBM does not guarantee comparable results elsewhere. SEC03011-USEN-00

Showcase your unique capabilities