proventia security solution
TRANSCRIPT
20 Maj, 2009
Proventia® Security PlatformSecure VirtualiSecure Virtualizzationation
IBM Global Technology Services
IBM Internet Security SystemsAhead of the threat.™
© 1994, 2008 IBM Corporation
Footer Field
Footer Field
Ondrej KOVÁČ
Proventia® Secure Virtualization
© 2009 IBM Corporation
Agenda
• Web “application” security• Virtualization • Life demo• Mail security overview
Proventia® Secure Virtualization
© 2009 IBM Corporation
Web SecurityWeb Security
Proventia® Secure Virtualization
© 2009 IBM Corporation
Block attacks in real-time with Proventia Web application security
Intrusion prevention just got smarter with web application
protection backed by the power of X-Force
Virtual Patch
What It Does:Shields vulnerabilities from exploitation independent of a software patch, and enables a responsible patch management process that can be adhered to without fear of a breach
Why Important:At the end of 2008, 53% of all vulnerabilities disclosed during the year had no vendor-supplied patches available to remedy the vulnerability
Threat Detection & Prevention
What It Does:Detects and prevents entire classes of threats as opposed to a specific exploit or vulnerability.
Why Important:Eliminates need of constant signature updates. Protection includes the proprietary Shellcode Heuristics (SCH) technology, which has an unbeatable track record of protecting against zero day vulnerabilities.
Content Analysis
What It Does:Monitors and identifies unencrypted personally identifiable information (PII) and other confidential information for data awareness. Also provides capability to explore data flow through the network to help determine if any potential risks exist.
Why Important:Flexible and scalable customized data search criteria; serves as a complement to data security strategy
Web Protection
What It Does:Protects web applications against sophisticated application-level attacks such as SQL Injection, XSS (Cross-site scripting), PHP file-includes, CSRF (Cross-site request forgery).
Why Important:Expands security capabilities to meet both compliance requirements and threat evolution.
Network Policy Enforcement
What It Does:Manages security policy and risks within defined segments of the network, such as ActiveX fingerprinting, Peer To Peer, Instant Messaging, and tunneling.
Why Important:Enforces network application and service access based on corporate policy and governance.
Proventia® Secure Virtualization
© 2009 IBM Corporation
Changing security landscape creates complex threats
New Applications are increasing the attack surface
Complex Web applications create complex security risks
Making applications more available to “good” users, makes them more available to “bad” users
Web attacks are evolving to blended attacks (i.e. planting of malware on legitimate web sites)
Web Applications
Web-enabled Applications Drive the Need for Security
Proventia® Secure Virtualization
© 2009 IBM Corporation
Hackers Continue to Focus on Web Applications
Vulnerabilities & Attacks54.9% of all vulnerabilities are Web
application vulnerabilities74% of Web application vulnerabilities in
2008 had no patch by year endSQL injection attacks increased by 30x
within the last six months
… because it’s an easy point of entry and there’s valuable of data exchanged in the business processes run by the applications
Compliance DemandsCompliance drives new Web security
requirements (PCI DSS)PCI DSS non-compliance costs clients
hundreds of thousands in fines a month
Proventia® Secure Virtualization
© 2009 IBM Corporation
Traditional point solutions throw money at the problem and can’t address all web security requirements
Vulnerability ScannersTraditional vulnerability scanners don’t
cover web applicationsPenetration Testing
Effective at finding vulnerabilities but not scalable for ongoing tests
Not focused on remediationNetwork firewall
Generic Web application protections (if any) so most custom web apps not covered
Web application firewallExpensive point product to deploy and
manageCan be effective, but difficult to deploy, tune
and manageBuilding policies can be as time consuming
as remediating the vulnerability
Proventia® Secure Virtualization
© 2009 IBM Corporation
The Solution: IBM Web Security for a Smarter Planet
Best Practices: Integrate secure development, vulnerability management, network protection and host protectionDevelop secure web appsIdentify vulnerabilities in existing
appsProtect web applications, Web
2.0 & databases at the network and server
Remediate: Apply patches and correct the code
End-to-end web security from your trusted security advisor
Web Applications & Databases
AppScanVulnerability identification &
Secure development
ProventiaNetwork and server protection
Event tracking
DataPowerXML Security, SSL termination & acceleration, application auditing
Proventia® Secure Virtualization
© 2009 IBM Corporation
Block attacks in real-time with Proventia Web application security
Intrusion prevention just got smarter with web application
protection backed by the power of X-Force
Virtual Patch
What It Does:Shields vulnerabilities from exploitation independent of a software patch, and enables a responsible patch management process that can be adhered to without fear of a breach
Why Important:At the end of 2008, 53% of all vulnerabilities disclosed during the year had no vendor-supplied patches available to remedy the vulnerability
Threat Detection & Prevention
What It Does:Detects and prevents entire classes of threats as opposed to a specific exploit or vulnerability.
Why Important:Eliminates need of constant signature updates. Protection includes the proprietary Shellcode Heuristics (SCH) technology, which has an unbeatable track record of protecting against zero day vulnerabilities.
Content Analysis
What It Does:Monitors and identifies unencrypted personally identifiable information (PII) and other confidential information for data awareness. Also provides capability to explore data flow through the network to help determine if any potential risks exist.
Why Important:Flexible and scalable customized data search criteria; serves as a complement to data security strategy
Web Protection
What It Does:Protects web applications against sophisticated application-level attacks such as SQL Injection, XSS (Cross-site scripting), PHP file-includes, CSRF (Cross-site request forgery).
Why Important:Expands security capabilities to meet both compliance requirements and threat evolution.
Network Policy Enforcement
What It Does:Manages security policy and risks within defined segments of the network, such as ActiveX fingerprinting, Peer To Peer, Instant Messaging, and tunneling.
Why Important:Enforces network application and service access based on corporate policy and governance.
Proventia® Secure Virtualization
© 2009 IBM Corporation
RE
MO
TE O
FFIC
E
BR
AN
CH
OFF
ICE
SE
RV
ER
S A
ND
WE
B F
AR
MS
PE
RIM
ETE
R
Host Intrusion Prevention (HIPS) w/ SSL Inspection for IIS and Apache
UTM with P2P VPN w/ Web 2.0 Protection
Physical and Virtual Network Intrusion Prevention (NIPS) w/
Web 2.0 Protection
1
2
3
SSL Decryption, Load Balancing, and XML
Security
DataPow er
Proventia MXProventia MX
Proventia GX
Intrusion Prevention & Protection for: • Web 2.0: JSON (java script object notation) blocking• Database: SQL injection, LDAP, XPath injection• Web application protection: shell command, server side include, XSS and directory traversal
X-Force protection across all Proventia products:1. Network Protection: IBM Proventia Network IPS2. Remote / Branch Office: IBM Proventia Multifunction Security3. Host Protection: IBM Proventia Server IPS
Benefits• Consolidated security products reduce the cost & complexity of deploying and maintaining multiple point products• Achieve PCI compliance for DSS 6.6 (June 30 2008)• Multiple features that span a portfolio of centrally managed products.
Integrate web application protection from network to host
Proventia® Secure Virtualization
© 2009 IBM Corporation
IBM Proventia Web security
Proventia Server IPS
SSL Decryption, Load Balancing, and XML
Security
DataPower
Physical and Virtual Network Intrusion
Prevention (NIPS) w/ Web Application Protection
Proventia Network IPS
1 2
UTM with P2P VPN w/ Web App Protection
Proventia MX
3High bandwidth web protection for large enterprise with web server farms
All-in-One Remote office / Branch office protection w/ P2P VPN
Small offices without Network IPS or VPNs can utilize Proventia Server IPS to decrypt and inspect SSL-encrypted traffic
Proventia Server IPS
Proventia® Secure Virtualization
© 2009 IBM Corporation
Comprehensive Web Services & XML Security:WebSphere DataPower Appliances
`
Encryption of transport layer – HTTP, HTTPS, SSLXML/SOAP Firewall – Filter on any content, metadata or network variablesData Validation – Enforce incoming/outgoing XML schema, well-formednessField Level Security – WS-Security, encrypt & sign individual fields, non-repudiationAccess Control (AAA) – Authentication, Authorization, Accountability enforces access policy stored in an Identity
Management Solution Message Enrichment – Insert header info, SAML token, Kerberos token, transaction ID…Anti Virus Protection – integrates with corporate virus checking through ICAP protocolSecurity standards – WS-Security, WS-Policy, SAML, XACML, WS-Trust, WS-Addressing…
Web Services / XML Messages
Authentication & Authorization
Insert SAML Token, Transaction ID, etc.
SOAP
SOAP
MQ Appl
Service Providers
Web Services Requestor
Identity mgmt system (Tivoli, LDAP…)
Proventia® Secure Virtualization
© 2009 IBM Corporation
Together Proventia Web Application Security and Websphere DataPower Provide Full Web Application Firewall (WAF) Functionality
• Proventia Web Application Security Features– Buffer overflow exploits– CGI-BIN parameter
manipulation– Form/hidden field
manipulation– Forceful browsing– Cross-site scripting (XSS)– Command injection– SQL injection – Web site defacement– Well-known platform
vulnerabilities– Zero-day exploits
• DataPower Features– Cookie watermarking (sign and/or
encrypt)– Customizable error handling– SSL Acceleration & Termination
(Link)– Dynamic routing and load balancing– Session handling policies– Rate limiting and traffic throttling/
shaping– General name-value criteria boundary
profiles for: Query string and form parameters HTTP headers Cookies
Eliminate the Need to Purchase a Stand-Alone WAF
Proventia® Secure Virtualization
© 2009 IBM Corporation
Proventia® Secure Virtualization
© 2009 IBM Corporation
Network, Server, and End Point
Physical Infrastructure
People and Identity
Data and Information
Application and Process
Rational AppScan
Identify vulnerabilities in web applications
Secure code development
Provide actionable info to correct
vulnerabilitiesBlock attacks against
web app vulnerabilities
Block databases attacks Oracle, MySQL, MS SQL
Block DoS attacks
Build custom policies for web apps
Security content updates for new threats
Block attacks against the web server OS
Block attacks targeted at the web browser
SSL decryption to inspect encrypted traffic
SOA-enabled security
Proventia Web app protection
WebSphere DataPower
Web app firewall
Proventia® Secure Virtualization
© 2009 IBM Corporation
Securing VirtualisationSecuring Virtualisation
Proventia® Secure Virtualization
© 2009 IBM Corporation
Pre-Virtualization and Post-Virtualization Eras
Pre-Virtualization Post Virtualization
Existing Vulnerabilities
New Vulnerabilities
More Components = More Exposure
New Vulnerabilities
Virtual workloads (OS & application) are no more or no less secure in virtual environments
Management stack to control the virtual environment introduce potential exposure
Attackers will go after the low-hanging fruit
Hyper-jacking and VM escapes are the least of your worries
HardwareManagementApplicationsOperating System HardwareHypervisor/VMMManagementHardware VirtualizationService Partition(Dom0, Svc Console)Application/ServiceApplication/ServiceOperating SystemApplication/ServiceApplication/ServiceOperating SystemApplication/ServiceApplication/Service
Proventia® Secure Virtualization
© 2009 IBM Corporation
What new fun does virtualization bring me?
Server sprawl on steroids Enterprise management options are not
where they need to be Compliance and Patching
New layers to patch - virtualization software and management stack
Maintaining security posture of VMs in a dynamic environment
Hypervisor
Hardware
VM VM
OS
Applications
Kernel
VM
OS
Applications
Kernel
Management
OS
Applications
Kernel
OS
Kernel
Applications
Hypervisor
Hardware
VM VM
OS
Applications
Kernel
VM
OS
Applications
Kernel
Management
OS
Applications
Kernel
OS
Kernel
Applications
Mobility Are VMs moving to less
secure machines, networks, datacenters, etc?
Static security policies no longer apply
Virtual Machine StealingEntire servers are now files
Proventia® Secure Virtualization
© 2009 IBM Corporation
Physical-to-Virtual
Separation of Duties
Server OwnersNetwork Owners
Technical
Organizational
Does virtualization impact existing separation of duties?What process documentation (e.g. compliance controls) is invalidated by the
migration?Do existing technical security controls (intrusion prevention, firewall, security
configuration management) support the virtual environment?What net new exposures (vulnerabilities in applications/operating systems,
network segmentation) are introduced by moving to virtualization?
What is the impact to security posture?
ManagementApplication/ServiceApplication/ServiceApplication/ServiceApplication/ServiceApplication/ServiceApplication/Service ManagementHypervisorApplication/ServiceApplication/ServiceApplication/ServiceApplication/ServiceApplication/ServiceApplication/Service
Proventia® Secure Virtualization
© 2009 IBM Corporation
Server and Network Convergence
Physical Network Virtual Network
Who’s Watching?Traditional Security
Management VM
Virtual Switch
Virtual Switch
Virtual Switch
Physical N
ICs
ProcessServiceProcess
VM
ApplicationOSProcessService
Process
VM
ApplicationOSProcessService
Process
VM
ApplicationOSProcessService
Process
VM
ApplicationOS
ProcessServiceProcess
VM
ApplicationOSProcessService
Process
VM
ApplicationOSProcessService
Process
VM
ApplicationOSProcessService
Process
VM
ApplicationOS
ProcessServiceProcess
VM
ApplicationOSProcessService
Process
VM
ApplicationOSProcessService
Process
VM
ApplicationOSProcessService
Process
VM
ApplicationOS
Security “blind spots” are created as portions of the network becomes part of the server
Who owns the virtual network?
Physical network IDP devices do not provide coverage for inter-VM communication
Routing virtual network traffic to an external physical device is not practical
VM sprawl riskswhat you cannot see will
hurt you
Proventia® Secure Virtualization
© 2009 IBM Corporation
Threat Landscape: Operating Systems & Application
Traditional threats remain as long as VMs communicate with the network, virtual or physical
WormsRootkitsTrojansDoSSQL Injection Cross Site Scripting
Virtual machine state changes (online, offline, snapshots) and cloning can obsolete patching processes
OS and application vulnerabilities and exposures do not change in the virtual world
Proventia® Secure Virtualization
© 2009 IBM Corporation
Mobility
Workloads are no longer tied to physical serversExisting controls do not ensure that security posture remains constant in a dynamic
environmentTarget server may not be protected or may have an inappropriate security policy in placeUnprotected workloads put workloads on the target system at risk
Hypervisor
App
licat
ion/
Ser
vice
App
licat
ion/
Ser
vice
App
licat
ion/
Ser
vice
App
licat
ion/
Ser
vice
Hypervisor
App
licat
ion/
Ser
vice
App
licat
ion/
Ser
vice
App
licat
ion/
Ser
vice
App
licat
ion/
Ser
vice
App
licat
ion/
Ser
vice
App
licat
ion/
Ser
vice
Proventia® Secure Virtualization
© 2009 IBM Corporation
Virtualizing Security vs. Securing Virtualization
Virtualization Security can be classified in two ways:
IBM ISS is targeting solutions in both areas…
A mix of security "within a VM" (Proventia Server), "as a VM" (Virtual Security Appliances) and "within the platform" (Integrated security solution).
Virtualizing Security
SecuringVirtualization
• Existing Solutions• Virtual Appliances
• Integrated Security• Professional Services
Proventia® Secure Virtualization
© 2009 IBM Corporation
24
Template Documentation
What new fun does virtualization bring me? VM Hopping
• Hopping from one VM system to another bypassing isolation controls
VM Escape
• Hopping out of the VM isolation to the primary Hypervisor OS
Hyper-jacking
• Attacks targeting the Hypervisor OS itself
Proventia® Secure Virtualization
© 2009 IBM Corporation
25
What is an Intrusion Prevention System?
IPS evolved from IDS - IDS identifies threats and sends alerts, IPS blocks attacks targeted at your network.
For accurate, preemptive protection, IPS products use multiple techniques to:– Recognize and identify protocols– Analyze traffic
No single intrusion prevention technique can offer acceptable protection
Proventia® Secure Virtualization
© 2009 IBM Corporation
Proventia Network Security ControllerScaleable, flexible, resilient 10GbE network protection
Investment Protection: Provides existing clients the ability to use GX6116, GX5000 and G2000’s on 10G network upgrades
Product Specifications
10 GbE network connectivity
Supports long/short range fiber
10 GbE Bypass
2x GX6116 will provide 12Gbps full protected inspect rate
Same industry-leading preemptive protectionon the backend
10GbE
GX6116
Controller
Roadmap Q1 2009
Proventia® Secure Virtualization
© 2009 IBM Corporation
Provides 10 Gbps connectivity for Proventia Network IPS GX6116 and GX5208
Aggregates/segregates four 10 Gbps ports to 24 1 Gbps ports with configurable mapping
Active bypass/switching prevents network disruption should the IPS appliance fail
Passive bypass and power loss fail safe
Supports multiple 10 Gbps interfaces: SR and LR
Multiple intrusion prevention techniques provide superior attack detection accuracy
10 Gbps NetworkSegments
6-15 Gbpsprotection per
GX6116
Proventia Network Security Controller
Proventia® Secure Virtualization
© 2009 IBM Corporation
Protect High Speed Networks: IBM Proventia Network Security Controller
10 Gbps Network Protection4 x 10 Gbps ports to protect 2 x 10 Gbps
network segments24 x 1 Gbps ports to balance traffic across
multiple GX appliances
Scalable protectionStart with existing IPS appliancesAdd IPS appliances as needed
Long range and short range fiber optionsFlexible deployment options
Supports GX6116 and GX5208 models
Integrated bypass Active bypassPassive bypassPower loss failsafe
Proventia® Secure Virtualization
© 2009 IBM Corporation29
Protocol and Content Analysis as the FoundationPAM is the engine behind the preemptive protection afforded by many of the solutions in the IBM Proventia product family.
Proventia® Secure Virtualization
© 2009 IBM Corporation
IBM Proventia Content Analyzer – At a Glance
Inspects unencrypted data using up to 16 different signatures8 pre-defined signatures8 custom signatures defined by the user (following deterministic
finite automaton (DFA) expression guidelines)
Create compound data-set search string inspection (e.g., name AND social_security_number AND User defined)
Supports inline and passive bi-directional inspection modesSupports 10 protocols and can inspect content compound documents
including PDFs, ZIP and GZIP files
Proventia® Secure Virtualization
© 2009 IBM Corporation
IBM Proventia Content Analyzer – At a Glance
*Provides for inline inspection of attached files.
Proventia® Secure Virtualization
© 2009 IBM Corporation
Proventia Content Analyzer – How it works
Proventia Content Analyzer can inspect both inbound and outbound unencrypted data, either generating alerts when flagged data are found, blocking the traffic from being transmitted, or both.
Proventia® Secure Virtualization
© 2009 IBM Corporation
Proventia Content Analyzer(Static Demonstration)
Proventia® Secure Virtualization
© 2009 IBM Corporation
Proventia Content Analyzer(Enabling)
Proventia® Secure Virtualization
© 2009 IBM Corporation
Proventia Content Analyzer (Configuring)
Proventia® Secure Virtualization
© 2009 IBM Corporation
Proventia Content Analyzer (Alerting)
Proventia® Secure Virtualization
© 2009 IBM Corporation
Proventia Content Analyzer (Alert Details)
SSN=225-43-9879
Proventia® Secure Virtualization
© 2009 IBM Corporation
38
Just a new addition to the existing line
Proventia® Secure Virtualization
© 2009 IBM Corporation
39
Operational Modes
In addition to the standard NIPS Bridge modes (Inline Simulation, Protection and Passive Monitoring) the GV1000 gives you the flexibility of several deployment scenarios for those three modes.
•Conventional Inline IPS Network Deployment
•Partially Virtualized Inline IPS Network Deployment
•Fully Virtualized Inline IPS Network Deployment
Proventia® Secure Virtualization
© 2009 IBM Corporation
40
Conventional Inline IPS Network DeploymentIn this deployment the PVNSP is used as a bump in the wire exactly as an IPS appliance would be deployed. The only difference is that PVNSP is running in a virtualized environment, and uses the physical network interfaces of the virtual server as its in-line monitoring interfaces
Proventia® Secure Virtualization
© 2009 IBM Corporation
41
Partially Virtualized Inline IPS Network DeploymentThis deployment uses the PVNSP in-line running inside the virtual environment, but with one interface connected to the physical LAN. In this deployment it will protect the virtual machines deployed in the same virtual environment by using the virtual interfaces on the VMware server.
Proventia® Secure Virtualization
© 2009 IBM Corporation
42
Fully Virtualized Inline IPS Network DeploymentThis deployment uses the PVNSP in-line running inside the virtual environment. In this deployment it will protect the virtual machines deployed in the same virtual environment by using the virtual interfaces on the VMware server.
Proventia® Secure Virtualization
© 2009 IBM Corporation
43
PortsEth0 – RST port (disabled)Eth1 – Management Eth2 – A Eth3 – B
All interfaces can be deployed in either Bridged or Host-only mode.
Do not use the same Virtual Networks (VMNet1, VMNet2, etc) for eth1, eth2, or eth3. This may result in a network loop causing network failure.
The Reset Kill Port is undefined. Later in the installation procedure, you will be asked to enable the virtual interfaces, we simply will not enable the Kill Port.
Proventia® Secure Virtualization
© 2009 IBM Corporation
44
Initial configuration
Initial configuration proceeds in the same fashion as connecting to the physical NIPS with a console cable. The default user account is:
uid:adminpwd:admin
Proventia® Secure Virtualization
© 2009 IBM Corporation
45
Continuing ConfigurationAfter the initial settings, configuration continues with Proventia Manager. You can manage the virtual appliance with just the Proventia Manager interface or use the Proventia Manager to register the virtual appliance with SiteProtector.
SiteProtector Centralized
Management
Proventia® Secure Virtualization
© 2009 IBM Corporation
46
PerformancePerformance benchmarks were performed in Conventional Inline Mode.
Virtual Appliance Specs:1 GB of RAM10 GB of HDThe host system had 2xQuad Core Xeon 2.83GHzVMWare ESX 3.5
Throughput: 700 Mbps (up to 1.5 Gbps with packet sizes above 1024)Inspected Throughput: 700 Mbps (up to 1.5 Gbps with packet sizes above 1024)Latency: 350 microseconds (average using IMIX UDP)Connections per Second: 19,000Concurrent Sessions: 600,000
Please keep in mind that quantifying and describing the load tests is a difficult task because it was impossible to identify, CPU usage, bus usage, memory usage, network usage of the other virtual machines on the ESX server.
Proventia® Secure Virtualization
© 2009 IBM Corporation
IBM ISS Virtualization Solutions: Past, Present and Future
Current Solution protects the Virtual Systems using our current HIPS portfolio
The Virtual Proventia NIPS gives you the flexibility to protect traffic inside the virtual environment
Hypervisor HIPS brings perimeter protection to the virtual environment
Proventia® Secure Virtualization
© 2009 IBM Corporation
Virtual environment - unprotected
Proventia® Secure Virtualization
© 2009 IBM Corporation
Virtual environment - Protected
SiteProtector Centralized
Management
Proventia® Secure Virtualization
© 2009 IBM Corporation
Virtual environment - Protected
MS09_039_pnp add_user
SiteProtector Centralized
Management
Proventia® Secure Virtualization
© 2009 IBM Corporation
Virtual environment - Protected
MS09_039_pnp
add_userfailed
SiteProtector Centralized
Management
Proventia® Secure Virtualization
© 2009 IBM Corporation
Email SecurityEmail SecurityProventia Mail Security System PNMSS MS3004N
Proventia Mail Security System PNMSS MS1002-VM
Proventia® Secure Virtualization
© 2009 IBM Corporation
Deployment options
Minimum hardware:2GB RAM (512MB min for each virtual instance, 1MB recommended) 100GB drive (30GB for each virtual instance) Tw o netw ork interfaces:
One host-only interfaceOne bridged netw ork interface
VMware versions:VMware Server 1.0.2 or later VMware Workstation 5.5 or later VMware Player 1.0.3 or later VMware ESX 3.x or later
1st year maintenancemaint
2UIntel Xeon 2.00GHz/1333MHz, mem 2GB, 6 hot-swap 3.5" SATA/SAS. 4x80GB + 2x250GB(RAID 1), 4x 10/100/1000 G-bit Ethernet, dual fans & power supplies
MS3004N
RackDescriptionPart No.
Dedicated Appliance
Customer / IBM provides hardware
Specialized hardware
MS3004N Appliance from IBM ISS
Virtual Appliance
111
222Appliance throughput:
36,000mails/hr
VMware throughput:
10,500mails/hr
Proventia® Secure Virtualization
© 2009 IBM Corporation
The IBM Internet Security Systems Solution: IBM Proventia Network Mail Security System
Precise combination of preemptive protection and spam controlPreemptive Protection
Patented Virus Prevention SystemIndustry-leading Intrusion Prevention
Spam controlMulti-level message analysis10 + analysis modulesSophisticated ruled-based policy management
Supports internal security mandates, compliance initiativesOut-of-the-box protection & scalabilityEnhanced reporting & SiteProtector integration
Proventia® Secure Virtualization
© 2009 IBM Corporation
Multi-level Spam Analysis
Proventia® Secure Virtualization
© 2009 IBM Corporation
Multi-layered Email Protection
Proventia® Secure Virtualization
© 2009 IBM Corporation
• Web-based LMI• SiteProtector
Centralized Management
• Clustering / High Availability – Multiple boxes
managed through one appliance
Management Options
Proventia® Secure Virtualization
© 2009 IBM Corporation
PNMSS MS1200VM - Overview
Proventia® Secure Virtualization
© 2009 IBM Corporation
Virtualization drives cloud-based service delivery models and virtual appliances enable client segmented security
Virtual appliances enable security to be delivered in the cloud
Virtualization platforms provide flexible deployments
Virtual SOC allows end user to monitor and manage security policies and events
Infrastructure as a ServiceMulti-tenant environmentsDifferentiate service based on securityAdd new revenue streams
BenefitsScalable CapacityConsolidated and EfficientEasy to recoverTestableRapid Deployment
Proventia® Secure Virtualization
© 2009 IBM Corporation
Thank you for attention
[email protected]+421 918 541975
Proventia® Secure Virtualization
© 2009 IBM Corporation
© Copyright IBM Corporation 2009
IBM Global ServicesRoute 100Somers, NY 10589U.S.A.
Produced in the United States of AmericaFebruary 2009All Rights Reserved
IBM, the IBM logo, Internet Security Systems, Proventia, SiteProtector, Virtual Patch, Rational AppScann, DataPower and X-Force are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both.
Other company, product and service names may be trademarks or service marks of others.
Use of the information herein is at the recipient's own risk. Information herein may be changed or updated without notice. IBM may also make improvements and/or changes in the products and/or the programs described herein at any time without notice.
References in this publication to IBM products or services do not imply that IBM intends to make them available in all countries in which IBM operates.
Copyright information
SEJ03003-USEN-00