Chapter 2. Introducing the IBM Security Network IPS solution 53
also provide). Virtual Server Protection for VMware also protects the VMs and
traffic between the VMs.
The transparent intrusion prevention and firewall in Virtual Server Protection for
VMware provides multilayered IPS and firewall technology. They protect the
virtual data center in a solution that is purpose-built to protect the virtual
environment at the core of the infrastructure. For more information about Virtual
Server Protection for VMware, see the Redbooks publication IBM Security
Solutions Architecture for Network, Server and Endpoint, SG24-7581.
2.3 IBM Security Network IPS functionality
The IBM Security Network IPS delivers preemptive network protection through its
combination of line-speed performance, security intelligence, and a modular
protection engine that delivers security convergence. This section highlights
several security capabilities that the IBM Security Network IPS product offers.
Figure 2-12 on page 54 illustrates how the security capabilities of the IBM
Security Network IPS can be mapped to the IBM Security Blueprint. This
diagram shows the functional components of the Threat and Vulnerability
Management solution pattern. The darker highlighted elements indicate the
functional components that can be fulfilled or implemented by using IBM Security
Network IPS. This functional highlighting is also applicable for the infrastructure
service components. For more information about the IBM Security Blueprint, see
the IBM Redpaper publication Introducing the IBM Security Framework and IBM
Security Blueprint to Realize Business-Driven Security, REDP-4528.
In addition to the fully highlighted elements, Figure 2-12 on page 54 also shows
medium highlighted elements. Although the IBM Security Network IPS can be
used to address such components to some degree, the respective area of
coverage is not considered a core function of the product and thus is considered
to be limited.
You might determine the desired function of a solution by using the Threat and
Vulnerability Management solution pattern. In this case, you can use the
mapping shown in Figure 2-12 on page 54 as a quick reference of the functional
security management aspects of the IBM Security Network IPS. This reference
can help you determine which functions of a solution can be covered by selecting
54 Network Intrusion Prevention Design Guide: Using IBM Security Network IPS
Figure 2-12 Mapping of the IBM Security Network IPS to the IBM Security Blueprint
Chapter 2. Introducing the IBM Security Network IPS solution 55
The IBM Security Network IPS delivers network protection with the following
Stops threats before they impact network assets without sacrificing
high-speed network performance
Provides a platform for security convergence that eliminates the costs of
deploying and managing point solutions for web application and data security
Protects networks, servers, desktops, and revenue-generating applications
from malicious threats
Conserves network bandwidth and prevent network misuse or abuse from
instant messaging (IM)and peer-to-peer file sharing
Prevents data loss and aids compliance efforts
The IBM Security Network IPS can stop Internet threats before they affect your
organization. It delivers protection to all three layers of the network: core,
perimeter, and remote segments.
The IBM Security X-Force research and development organization enables
ahead of the threat protection for an IT infrastructure before vulnerabilities are
made public and before exploits against those vulnerabilities become available.
By consolidating network security demands for Data Loss Prevention and Web
Application Protection, IBM Security Network IPS serves as the security platform
that helps reduce the costs of deploying and managing point solutions.
When evaluating intrusion prevention technology, organizations often struggle to
balance and optimize the following six areas:
The IBM Security Network IPS delivers on all six areas, with performance,
preemptive protection, HA, simple deployment and management, and excellent
customer support. Organizations can manage the IBM Security Network IPS
products themselves. Alternatively, they can transfer the risk of protecting their
network to a trusted security partner such as the IBM Security Services division,
which you can learn more about at:
Working with IBM organizations provides benefits from a range of
complementary consulting services for assessment, design, deployment,