gx6116 product announcement and high performance network protection strategy
DESCRIPTION
GX6116 Product Announcement and High Performance Network Protection Strategy. IBM Internet Security Systems. Greg Adams. Customer Driven Network Protection Roadmap. Provide Protection for areas of my network formerly unsecured due to performance / cost. Network IPS Appliances - PowerPoint PPT PresentationTRANSCRIPT
PowerPoint PresentationGX6116 Product Announcement
Customer Driven Network Protection Roadmap
Network IPS Appliances
Granular controls
Provide Protection for areas of my network formerly unsecured due to performance / cost
Enhance my protection with innovation & integration in new areas
Protect me where other vendors have failed
Give me protection for tomorrow’s networks
Message: Here are the products we are planning for the carrier market.
IBM Internet Security Systems
Uncompromising Protection…
3
Proventia Network IPS Continuum:
How a customer benefits from an integrated portfolio:
Better Protection
Consistent Naming for Attacks
Simple Reporting – 1 System
Automated Updates – XPU’s
Lower Cost
Fewer Resources for a Single Management System to handle all devices
Automation (Updates, Trust X-Force)
4
IBM Internet Security Systems
Because All “High Speed” IPS’ Are Not Equal
Introducing Protection Capacity – the ability to stop threats at high speeds
5
At Every Layer of Your Network
16 ports allows 8 segments to be secured, establishing compliance control points within a companies network
Protection at 6G allows protection on high speed networks and applications
Fiber Networks
IBM Internet Security Systems Proprietary and Confidential Information - 2007
The GX6116: Because Your Job Depends Upon the Reliability of the Network!
Maximum Network Reliability
Configurable maximum latency
The GX6116: The Task at Hand –
Create the Fastest IPS without Compromising Protection
8
The GX6116: How Did We Achieve Performance & Protection?
9
GX6116 - Multiple
Analysis Engines
What to Expect Next Q2 of 2007
GX6116
High protection speed, 6 gigabits Low latency
Small packet performance engineered
Configurable maximum latency threshold
Enhance my protection
with innovation & integration
in new areas
What to Expect Next
Enhanced Carrier / Telco Portfolio
Carrier based MSS services
Crossbeam IPS
Provide protection to
Enhance my protection
with innovation & integration
in new areas
Performance Isn’t Everything…
The threat landscape continues to evolve
“Bad Guy” also means… “The Insider”
Portfolio Extends well beyond Network IPS to combat the changing landscape
Multifunction security (Proventia M)
The Changing Threat Landscape –
Monitored by the X-Force
Defining the Insider Threat
Unauthorized user logging into critical apps
Hacker gaining authorized privileges to critical apps
Insider running a web server that distributes DVDs
Trusted systems misused because of faulty configurations
Server-initiated transactions
Problem
Firewalls, VPNs, etc.
Insiders present unaddressed threat – that can be even more damaging
No way to measure intended use vs. actual use
Authorized users not monitored on the network
Insiders with unnecessary network privileges
Outsider who gains authorized privileges
Lack of visibility to IT users and their activities
Rogue applications & assets
Integration with business partners
Off-hours or high volume access to sensitive data
19
Traditional Solutions Fall Short and Are Too Expensive to Maintain
Perimeter defenses focused on the outsider
Database logging & manual inspection
Damage already done
Only shows database activity; no view into context of what happened to compromised information (where did it go?)
Build a security team dedicated to investigations & audit
IT auditors (as opposed to infosec specialists on the perimeter security team)
Focused on a checklist audit requirements vs. business enablement
Extra cost & little connection to your IT protection strategy
Systems operate independently of firewalls, IPS, VPNs, etc.
20
Monitor and protect traffic across the enterprise network
Special focus on critical assets and services
Finance, HR, CRM, Intellectual Property, etc.
Identify insider misuse or abuse of resources
Out-of-the-box analysis and reporting
Anomalies from the baseline norm
Visibility to know your network
Open-ended search engine for all network traffic
Real-time forensics
21
Solution: IBM Proventia Network Anomaly Detection
Integrated Security & Protection strategy
Don’t re-create the wheel with an internal security team
Leverage your existing protection by integrating internal security with firewall, IPS, etc.
Correlate internal events with alerts from perimeter protection
Automated Response
Block vulnerabilities with firewall or intrusion prevention
Scan affected clients and servers for new vulnerabilities
22
Solution: IBM Proventia Platform
Outsiders who gain access to authorized privileges
Identify unusual behavior of authorized users and systems
23
Thank you!
Greg Adams
Customer Driven Network Protection Roadmap
Network IPS Appliances
Granular controls
Provide Protection for areas of my network formerly unsecured due to performance / cost
Enhance my protection with innovation & integration in new areas
Protect me where other vendors have failed
Give me protection for tomorrow’s networks
Message: Here are the products we are planning for the carrier market.
IBM Internet Security Systems
Uncompromising Protection…
3
Proventia Network IPS Continuum:
How a customer benefits from an integrated portfolio:
Better Protection
Consistent Naming for Attacks
Simple Reporting – 1 System
Automated Updates – XPU’s
Lower Cost
Fewer Resources for a Single Management System to handle all devices
Automation (Updates, Trust X-Force)
4
IBM Internet Security Systems
Because All “High Speed” IPS’ Are Not Equal
Introducing Protection Capacity – the ability to stop threats at high speeds
5
At Every Layer of Your Network
16 ports allows 8 segments to be secured, establishing compliance control points within a companies network
Protection at 6G allows protection on high speed networks and applications
Fiber Networks
IBM Internet Security Systems Proprietary and Confidential Information - 2007
The GX6116: Because Your Job Depends Upon the Reliability of the Network!
Maximum Network Reliability
Configurable maximum latency
The GX6116: The Task at Hand –
Create the Fastest IPS without Compromising Protection
8
The GX6116: How Did We Achieve Performance & Protection?
9
GX6116 - Multiple
Analysis Engines
What to Expect Next Q2 of 2007
GX6116
High protection speed, 6 gigabits Low latency
Small packet performance engineered
Configurable maximum latency threshold
Enhance my protection
with innovation & integration
in new areas
What to Expect Next
Enhanced Carrier / Telco Portfolio
Carrier based MSS services
Crossbeam IPS
Provide protection to
Enhance my protection
with innovation & integration
in new areas
Performance Isn’t Everything…
The threat landscape continues to evolve
“Bad Guy” also means… “The Insider”
Portfolio Extends well beyond Network IPS to combat the changing landscape
Multifunction security (Proventia M)
The Changing Threat Landscape –
Monitored by the X-Force
Defining the Insider Threat
Unauthorized user logging into critical apps
Hacker gaining authorized privileges to critical apps
Insider running a web server that distributes DVDs
Trusted systems misused because of faulty configurations
Server-initiated transactions
Problem
Firewalls, VPNs, etc.
Insiders present unaddressed threat – that can be even more damaging
No way to measure intended use vs. actual use
Authorized users not monitored on the network
Insiders with unnecessary network privileges
Outsider who gains authorized privileges
Lack of visibility to IT users and their activities
Rogue applications & assets
Integration with business partners
Off-hours or high volume access to sensitive data
19
Traditional Solutions Fall Short and Are Too Expensive to Maintain
Perimeter defenses focused on the outsider
Database logging & manual inspection
Damage already done
Only shows database activity; no view into context of what happened to compromised information (where did it go?)
Build a security team dedicated to investigations & audit
IT auditors (as opposed to infosec specialists on the perimeter security team)
Focused on a checklist audit requirements vs. business enablement
Extra cost & little connection to your IT protection strategy
Systems operate independently of firewalls, IPS, VPNs, etc.
20
Monitor and protect traffic across the enterprise network
Special focus on critical assets and services
Finance, HR, CRM, Intellectual Property, etc.
Identify insider misuse or abuse of resources
Out-of-the-box analysis and reporting
Anomalies from the baseline norm
Visibility to know your network
Open-ended search engine for all network traffic
Real-time forensics
21
Solution: IBM Proventia Network Anomaly Detection
Integrated Security & Protection strategy
Don’t re-create the wheel with an internal security team
Leverage your existing protection by integrating internal security with firewall, IPS, etc.
Correlate internal events with alerts from perimeter protection
Automated Response
Block vulnerabilities with firewall or intrusion prevention
Scan affected clients and servers for new vulnerabilities
22
Solution: IBM Proventia Platform
Outsiders who gain access to authorized privileges
Identify unusual behavior of authorized users and systems
23
Thank you!
Greg Adams