Providing Next Generation Intrusion Prevention Functionality by Using the IBM Security Network Protection System

An IBM Redguide publication



Abstract

In networks today, organizations are faced with hundreds of new web and non-web applications that are available to their users. Social media applications, peer-to-peer file transfer applications, Voice over Internet Protocol (VoIP), web-based email, cloud data storage, and many others are all readily available. The ease and speed at which these new applications can be installed or simply accessed reduces the effectiveness of a perimeter-based security architecture and provides many new types of risks.

This IBM® Redguide™ publication introduces the solution, which is a (IPS) that extends on the capabilities of traditional protocol-based IPSes by providing application visibility and control. By using the IBM X-Force® advanced research and development, this solution provides critical insight and control of all user activities by analyzing each connection to identify the web or non-web application in use and the action being taken. The IBM Security Network Protection solution can then decide to allow or block the connection. Additionally, the solution is able to record connection information, including user and application context, and can use this information for local policy refinement including bandwidth management. Alternatively, the connection information can be sent off-box to a (SIEM) for longer term storage and analysis.

The IBM Security Network Protection consolidation of the traditional IPS function, in combination with sophisticated user-based application control, can provide an integrated security solution. This approach allows for faster deployment and simplification of administration that is associated with the deployment of multiple products, reduces the cost of ownership and complexity, and provides for better return on investment (ROI).

The target audience for this publication is business leaders, decision makers, network managers, IT security managers, and IT and business consultants.

Table of contents

Executive overview
Introducing the current threat landscape
Protecting your network against threats with protocol-aware detection
Gaining deep insights into network applications and users
Obtaining granular control of your network applications and users
Implementing intrusion prevention and application control by using IBM Security Network Protection
Summary



Profile

Publish Date
07 February 2013


Rating:
(based on 1 review)


Author(s)

IBM Form Number
REDP-4826-00

Number of pages
28