Transcription
IBM SecurityData SheetIBM Security NetworkProtectionHighlights Delivers superior zero-day threat protection and securityintelligence powered by IBM X- Force Provides critical insight and visibility into network activity,including encrypted traffic Integrates with the IBM QRadar Security IntelligencePlatform Enables granular control of both web and non-webapplications by users and groups Helps reduce cost and complexity through consolidationand enables reduction of bandwidth consumptionIntegrated security, visibility, and control for nextgeneration network protectionIBM Security Network Protection is designed to protect your business-criticalnetwork infrastructure through a unique combination of threat protection,visibility and control. IBM extends the abilities of traditional intrusionprevention systems by offering a next-generation solution that providesnetwork security professionals with tools to help protect their network, andprovide visibility and control over it. IBM Security Network Protection helpsreduce cost and complexity by consolidating point solutions into a single,extensible network security platform. And by controlling and eliminating noncritical, high-bandwidth activity, organizations may achieve additional costsavings within the infrastructure.While organizations do require increasingly sophisticated security measuresto address today’s security threats, reducing management complexity andcontaining administration costs are also top priorities. IBM Security NetworkProtection is an integrated solution that can help you accomplish all of thesetasks. By combining several advanced capabilities, this solution can helpidentify and protect against threats, provide critical insight into networkactivities and enable granular application control.
Protection against evolving threatsSecurity threats today are continually evolving. With the rapidgrowth of cutting-edge web applications and increased file-sharing,activities that may have been considered harmless in the pastcould become potential openings for attackers. Traditional securitymeans, such as anti-malware software and firewalls, have becomeeasier to bypass. The need for more advanced, proactive threatprotection is critical in order to help ensure productivity, datasecurity and compliance. This means providing comprehensiveprotection against new and emerging web application threats, theability to detect embedded shellcode threats and other advancedfeatures. The IBM Protocol Analysis Module (PAM) is designedThe IBM Security Network Protection dashboard provides an immediate view into thenature of traffic on the network including Web and application use by users and groups.and updated by the X-Force research and development team andis a key element within the IBM Security Network ProtectionGranular control over network activityappliance. The X-Force team tracks Internet threat levels from itsBuilding upon high levels of threat-protection and network visibility,Global Threat Operations Center to create one of the world's mostIBM Security Network Protection includes granular controlcomprehensive threat database. PAM then incorporates thesefunctionality, which enables users to act on newly acquired insightcontinuous content-and-security updates to help securityinto the network. Designed to reduce potential attack vectors andprofessionals stay ahead of emerging threats. The combination ofexposure to threats, this granular control functionality providesPAM and the X-Force database helps to protect against zero-dayinsight into common attack delivery methods such as social mediaexploits and enables users to identify a wide range of security riskssites to help identify and protect against emerging attacks such assuch as malware, botnets, peer-to-peer activity and many others.spear phishing and other advanced threats targeting users. HavingCritical insight and visibilityBy combining several key security capabilities, IBM SecurityNetwork Protection is able to go beyond basic threat protectionand provide IT professionals with critical insight and visibility intotheir enterprise network activity, such as which applications arebeing used, which websites are being visited and who is visitingthem. To help improve security, organizations need to knowexactly what is going on within their networks including whichapplications are being used and types of web sites being accessedfrom the corporate network. These activities can createopportunities for attacks, which can cause data loss, violatecorporate policies or introduce compliance issues. IBM SecurityNetwork Protection can also provide visibility into bandwidth usageto help identify non-business-critical activities that consume highamounts of bandwidth and resources.the ability to create granular control policies allows organizations toreduce overall risk, as well as the bandwidth costs related to nonbusiness use of the network. To provide maximum applicationcoverage, IBM Security Network Protection includes support formore than 2,000 applications and individual actions, and leveragesa database of more than 20 billion URLs. To help improveaccuracy, IBM web-crawling technology continually categorizesand re-categorizes URLs as they change. These updates areincorporated into the IBM Security Network Protection appliancesto maximize the effectiveness of use policies and provide users thetools they need to help protect against the latest Internet threats.
Seamless deployment and integrationIBM Security Network Protection can be seamlessly deployed intoa wide variety of environments. This family of products includesflexible features such as interchangeable network interfacemodules (NIMs) to support a wide variety of networking standardsand configurations as they change over time. It also providesflexible performance licensing to allow performance upgradeswithout hardware changes utilizing a simple license upgrade. Apre-configured X-Force default security policy is available out-ofthe-box, and appliances can be quickly deployed and centrallymanaged across a large number of sites using IBM SecuritySiteProtector System. As part of the IBM Threat ProtectionSystem, IBM Security Network Protection integrates tightly with theIBM QRadar Security Intelligence Platform. This includes theability for IBM Security Network Protection appliances to send flowdata in the standard Internet Protocol Flow Information Export(IPFIX) data format to provide a constant data feed for moresophisticated analysis and correlation. IBM Security NetworkProtection appliances can also receive quarantine commands withthe ability to block traffic in the event that a security risk is detectedby QRadar SIEM. This provides QRadar users with the ability totake immediate action when a security threat is detected.Why IBM?Taking a smarter approach to network security, IBM SecurityNetwork Protection provides next-generation intrusion preventionsystem capabilities for advanced protection against evolvingsecurity threats. As part of the IBM Threat Protection System, it isa key component in preventing attacks at their onset. It providestools for administrators to create a security-rich environment, whilehaving more visibility and control over their networks, resulting inimproved bandwidth efficiency and reduced costs. Leveraging theIBM X-Force threat database and a vast URL database, thesolution provides up-to-date data about emerging threats. Byintegrating several key security features into a single offering, IBMSecurity Network Protection provides a comprehensive, costefficient answer to the challenges faced by organizations today.
For more informationTo learn more about this offering contact your IBM representativeor IBM Business Partner, or visit: ibm.com Copyright IBM Corporation 2015*Performance data quoted for IBM Security Network Protection isbased on testing with mixed Throughput was determined byIBM Corporationsending uncompressed mixed-protocol traffic through theSoftware Groupappliance and measuring how much throughput was achieved withRoute 100zero packet loss. For the benchmark testing, XGS seriesSomers, NY 10589appliances were deployed with fully populated Network InterfaceModules in default inline protection mode with “Trust X-Force”Produced in the United States of Americapolicy, in drop unanalyzed mode; Spirent Avalanche and SpirentMay 2015TestCenter testing equipment running firmware v4.48 (or later);traffic mix: HTTP 69%, HTTPS 20%, SMTP 5%, FTP 5%,IBM, the IBM logo, ibm.com, are trademarks of International Business MachinesDNS 1%; where HTTP/HTTPS traffic is uncompressed using a 44Corp., registered in many jurisdictions worldwide. Other product and serviceKb object size with standard HTTP/S 1.1 GET requests; SMTPnames might be trademarks of IBM or other companies. A current list of IBMsimple connections with no object transfer, FTP GET requests oftrademarks is available on the web at "Copyright and trademark information" at15,000 bytes in 2 ms bursts, and DNS standard A record lookup.ibm.com/legal/copytrade.shtmlSSL Inspection rates were measured by enabling SSL DecryptionPolicy. Maximum Throughput was generated using 1518 byteThis document is current as of the initial date of publication and may be changedframe size UDP traffic.by IBM at any time. Not all offerings are available in every country in which IBMoperates.THE INFORMATION IN THIS DOCUMENT IS PROVIDED "AS IS" WITHOUTANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANYWARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULARPURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT.IBM products are warranted according to the terms and conditions of theagreements under which they are provided.Please Recycle
tions.Learnmore
The IBM Security Network Protection dashboard provides an immediate view into the nature of traffic on the network including Web and application use by users and groups. Granular control over network activity Building upon high levels of threat-protection and network visibility, IBM Security Network Protection includes granular control
