Protection from today's evolving threats
As enterprise IT has evolved, so too have challenges to IT security. Today, threats are more diverse, sophisticated, and potentially devastating than ever-and collectively, they mandate new solutions and strategies to mitigate their effects to the fullest possible extent.
Consider, for instance, how rapidly Web applications have developed in the enterprise. While they link operational domains and drive key services-sometimes even delivering services outside company walls to clients and customers-they also represent a major new potential attack vector. Worse, that potential is already being realized to a significant extent. According to the 2010 IBM X-Force Mid-Year Trend and Risk Report, Web applications represent the single largest segment of all vulnerability disclosures.
Other IT trends imply similar security complexities. Virtualization, for instance, is a paradigm shift in how services are delivered. Where in the past they may have run from wholly separate systems, today's business critical services are often running concurrently on a single physical host-a shared environment that represents new cross-service attack prospects for malicious malware or hackers. Endpoints, too, have changed. Today, endpoints no longer operate solely within a secured perimeter; they shift logically and physically both within and outside the organization, which in a sense becomes the perimeter. For these reasons, they continue to be among the least secure of all IT assets.
To address these and other complexities, IT security solutions must evolve in parallel with both threats and infrastructure, becoming smarter, more proactive, and more comprehensive in scope and performance.
Introducing the GX7800: Unmatched levels of performance without compromise
One excellent example of such a solution: the new IBM Security Network Intrusion Prevention System (IPS) GX7800 appliance. This flagship offering, announced in the second week of February at RSA Conference 2011, delivers the next-generation performance, application security protections, awareness, and integration that today's enterprises and service providers need to ratchet up security-without threatening overall service levels of business critical applications.
The GX7800 appliance utilizes IBM's unique security analysis engine known as PAM (Protocol Analysis module). PAM is state-of-the-art technology, backed by the full expertise and insight of IBM's X-Force research team (itself equipped with the world's largest database of security threats and vulnerabilities). As new threats emerge, PAM can rapidly adapt to evolving and zero-day threats backed by automatic updates based on protections created by IBM's X-force Research team. This team of security experts constantly researches new security exploits and builds them into PAM to stay "ahead of the threat." This proactive design helps keep IBM's IPS solutions continually up-to-date, but more importantly keeps IBM clients protected in advance, minimizing risk for the organization and freeing up IT security resources.
In the GX7800, PAM takes a dramatic step forward. The GX7800 is the first IBM offering to include PAM 2.0-a major upgrade that allows PAM to perform security analysis in parallel. This has the effect of dramatically increasing IPS performance compared to the previous generation of IBM IPS solutions . In fact, the GX7800 offers more than twice the performance of any competing solution available today without compromising security-a huge competitive advantage.
Twice the inspection speed for more security, applied in more ways
Just how fast is the GX7800? It supports security inspection throughput of more than 20 Gigabits/second-fast enough to support the needs of even the most demanding environments. Furthermore, in direct response to requests from IBM customers, the GX7800 supports 10Gb Ethernet-the first IBM IPS solution to do so-via eight native network interfaces.
Organizations who have already made the shift to 10Gb Ethernet now have, in the GX7800, an IPS solution to match their new 10Gb infrastructures. They can deploy it with the confidence that it will help to secure every service on the network, and, furthermore, that it will be able to keep up with even the highest throughput demands of the largest data centers. This also delivers an excellent solution for customers who require IPS protection at the network core-an environment where best-in-class security is a constant need, but difficult to achieve given performance considerations.
The business benefits are extensive and multifaceted. Consider, for instance, that in many cases such organizations may have been forced to compromise their overall security in order to meet the terms of stringent service level agreements that specify performance targets. This level of compromise will no longer be needed.
The GX7800's exceptionally high-performance design also implies new consolidation prospects. If multiple IPS appliances designed for Gigabit Ethernet have previously been deployed, they can collectively be replaced with a much smaller number of GX7800 appliances. This naturally results in a simplified network design and reduced management costs over time.
Data loss prevention and Web application integration: The future is now
Beyond sheer speed, the GX7800 also boasts a number of other significant upgrades that pair well with the needs of enterprise-class IT and communications service provider operations.
Data loss prevention features, for instance, can help mitigate the possibility that critical business data will migrate from inside the organization to the outer world via unauthorized traffic. Via predefined business policies, the GX7800 can recognize when sensitive data is in transit, then take appropriate action to prevent the public exposure of this information.
Perhaps even more appealing to security managers is the fact that the GX7800 also includes new integration capabilities for substantially enhanced Web application security. IBM IPS solutions such as the GX7800 are able to block key Web application attacks, for example, SQL Injection and Cross-site Scripting. In addition, they can work in tandem with other IBM Security Solutions such as IBM Rational AppScan, which scans Web applications and services for critical vulnerabilities and then provides information to clients on how to fix these issues. In fact, IBM IPS solutions can actually utilize Web application vulnerability data from IBM Rational AppScan solutions to tune their real-time attack protection based on the actual vulnerabilities in a particular environment.
Both of these new feature groups also suggest the future evolution of IPS, and the extent to which the GX7800 can help address future security threats.
As new security threats and new IT service delivery models emerge, IPS solutions are likely to play a central and increasing role by serving as a converged point of network analysis-a centralized strategy, enhancing security in the different ways, and across the different domains, that the organization requires. And thanks to its unmatched throughput, the GX7800 is well suited to play just this role. It has room to grow, taking on new requirements in the future without diminishing its performance of earlier tasks.
Finally, despite its considerable upgrade in performance and features, security administrators will find that the GX7800 is relatively easy to manage. This is because the IBM's Site Protector tool, already familiar to owners of IBM's previous solutions, will continue to support the GX7800 for both management and event reporting functions-a smooth and effortless transition from one IPS paradigm to another.
IBM Integrated Service Management
With Integrated Service Management you gain the Visibility. Control. Automation.™ needed to deliver quality services, manage risk and compliance, and accelerate business growth.
Leverage and contribute to the collective wisdom around Tivoli