Transcription

IBM Internet Security SystemsThe Future of SecurityInnovation and IntegrationPete PrivateerVice President of Sales 2007 IBM Corporation

IBM Internet Security SystemsAgenda IBM Security Strategy and Vision - recap– Market Drivers– Strategic Focus For each IBM Internet Security Systems business line – Overview of existing capability and strategic direction– Roadmaps to show that direction is real– “Value” drilldown - describing the business content of the major releases2 2007 IBM Corporation

IBM Internet Security SystemsThe Security “Perfect” Storm The evolving threat– From notoriety to profit motive The productivity machine– Business enhancements risk Accelerated growth of IP-aware networks– Accelerates IT risk Rapid growth in data– Data is the new currency Security costs growing 3x faster than IT budgets– Point product approaches no longer scale Compliance mandates– Driving costs and spending3 2007 IBM Corporation

IBM Internet Security SystemsSecurity Market OverviewTrendsCustomer Pains Data and information explosion - 6X growth in digitalinformation between 2006 and 2010 (IDC)Threats from organized cartels of cyber-criminalsIncreasingly mobile workforceLarge-scale, public examples of security breachesApplication level and insider attacks are an ever-largerpart of the security threat landscapeScarcity of security skills continuesCustomer Requirements 4Secure business Process and Application coupled withintegrated security solutionsManage threat risk and streamline compliance compliance monitoring and reportingIntegrated suite of solutions addressing a hierarchy ofrequirementsSimplicity, manageability, interoperabilityDelivery choices– Do it myself– Do it for me– Combination Compliance mandates (regulatory, corporate policy)– Typical Investment Bank has 1000 ComplianceRequirementsComplexity– Rapidly changing threat environment– Death by point productsConfusion on approach– Where to start– Best practices– Vendor confusionCompetitive Landscape Convergence on the market:– Security infrastructure players remain, likeSymantec, CheckPoint and others– Information centric entrants like EMC with RSA– Process and Application entrants like Oracle andSAP– Network entrants like Cisco, Juniper and telco’s– Declining players like SUN, BMC and CAProduct providers beginning to focus on services– Symantec, EMC, Telcos100’s of venture capital backed players add nichecompetitors to sales cycles 2007 IBM Corporation

IBM Internet Security SystemsISS Strategy – Foundational ComponentsSecurity Renaissance Alternative Approachesto address evolvingbusiness needs Consolidation to movefrom threat managementto business valuePortfolio PlanQuality Continued Innovation leadership Underpins Everything Cross- Brand and solution integration Foundation for scalability andreliability Protecting Data as the foundation of compliancy Quality in products, delivery,experience, scope5 2007 IBM Corporation

IBM Internet Security SystemsFocus on Vision and StrategyPortfolio Plan6 Continued Innovation leadership Cross- Brand and solutionintegration Protecting Data as the foundationof compliancy 2007 IBM Corporation

IBM Internet Security SystemsRoadmap Focus Areas SIMPLIFYSecurity Operations and Expand Capabilities PROTECT Data ENHANCE Compliance Readiness EXTEND Security as a Service ACCELERATE IBM Portfolio Integration7 2007 IBM Corporation

IBM Internet Security SystemsPortfolio SegmentsIBM Proventia NetworkEnterprise ScannerIBM Proventia NetworkIntrusion Prevention System Gand IBM Proventia NetworkAnomaly Detection (ADS)IBM Proventia NetworkWeb and Mail FilterIBM Proventia NetworkMulti-Function Security (MFS)The IBM ISS portfolio andintegrated services platformprovides a natural launching pointfor expanding security capabilitiesalong the strategic themes andfocus areasIBM Proventia ServerIntrusion Prevention System (IPS)IBM Proventia DesktopEndpoint SecurityIBM SiteProtector systemIBM Managed Protection andProfessional Services8 2007 IBM Corporation

IBM Internet Security SystemsIBM ISS Strategic Themes and Focus AreasPortfolio SegmentsIBM Proventia NetworkEnterprise ScannerIBM Proventia NetworkIntrusion Prevention System Gand IBM Proventia NetworkAnomaly Detection (ADS)Simplify Operationsand Expand Capabilities Network strength today application database10G Interface15 Gbps speedIBM Proventia NetworkWeb and Mail FilterAnti-spamIBM Proventia NetworkMulti-Function Security (MFS)All in one(AV, IPS AS)IBM Proventia ServerIntrusion Prevention System (IPS)Heterogeneous coverage64 bit OS,VistaIBM Proventia DesktopEndpoint SecurityIBM SiteProtector systemIBM Managed Protection andProfessional Services9 Desktop managementIntegration w/ ServerCommon reporting andmonitoringClient portal 2007 IBM Corporation

IBM Internet Security SystemsIBM ISS Strategic Themes and Focus AreasPortfolio SegmentsSimplify Operationsand Expand CapabilitiesProtect Data Network strength today application databaseFull coverage application database10G Interface15 Gbps speedPII proof of concept-signature basedIBM Proventia NetworkWeb and Mail FilterAnti-spamContent filteringImage analyticsIBM Proventia NetworkMulti-Function Security (MFS)All in one(AV, IPS AS)PCIROBOIBM Proventia ServerIntrusion Prevention System (IPS)Heterogeneous coverage64 bit OS,VistaPrivileged UsersIBM Proventia NetworkEnterprise ScannerIBM Proventia NetworkIntrusion Prevention System Gand IBM Proventia NetworkAnomaly Detection (ADS)IBM Proventia DesktopEndpoint SecurityIBM SiteProtector systemIBM Managed Protection andProfessional Services10 Desktop management Integration w/ ServerWhole disk encryptionInstant messaging,removablemedia,emailCommon reporting andmonitoringData eventmanagement, policyClient portalNetwork, server, andendpoint 2007 IBM Corporation

IBM Internet Security SystemsIBM ISS Strategic Themes and Focus AreasPortfolio SegmentsIBM Proventia NetworkEnterprise ScannerIBM Proventia NetworkIntrusion Prevention System Gand IBM Proventia NetworkAnomaly Detection (ADS)Simplify Operationsand Expand CapabilitiesNetwork strength application database10G Interface15 Gbps speedProtect DataEnhanceComplianceReadinessFull coverage application databasePCIAudit ControlPII proof of concept-signature basedAudit controlReporting.IBM Proventia NetworkWeb and Mail FilterAnti-spamContent filteringImage analyticsAudit controlReportingIBM Proventia NetworkMulti-Function Security (MFS)All in one(AV, IPS AS)PCIROBOAudit ControlReportingIBM Proventia ServerIntrusion Prevention System (IPS)Heterogeneous coverage64 bit OS,VistaPrivileged UsersPCIAudit ControlReporting Desktop management Integration w/ ServerWhole disk encryptionAudit controlInstant messaging,Reportingremovablemedia,emailCommon reporting andmonitoringData eventmanagement, policyAudit controlReportingClient portalNetwork, server, andendpointReportingAssessmentsIBM Proventia DesktopEndpoint SecurityIBM SiteProtector systemIBM Managed Protection andProfessional Services11 2007 IBM Corporation

IBM Internet Security SystemsIBM ISS Strategic Themes and Focus AreasPortfolio SegmentsIBM Proventia NetworkEnterprise ScannerIBM Proventia NetworkIntrusion Prevention System Gand IBM Proventia NetworkAnomaly Detection (ADS)Simplify Operationsand Expand CapabilitiesNetwork strength application database10G Interface15 Gbps speedProtect DataFull coverage application databasePII proof of concept-signature basedEnhanceComplianceReadinessExtend Securityas a ServicePCIAudit ControlPCI (VMS 2.0)ProfessionalManagedAudit controlReporting.ProfessionalManagedAudit controlReportingProfessionalAudit ControlReportingProfessionalManagedIBM Proventia NetworkWeb and Mail FilterAnti-spamContent filteringImage analyticsIBM Proventia NetworkMulti-Function Security (MFS)All in one(AV, IPS AS)PCIROBOIBM Proventia ServerIntrusion Prevention System (IPS)Heterogeneous coverage64 bit OS,VistaPrivileged UsersPCIAudit ControlReportingProfessionalManaged Desktop management Integration w/ ServerWhole disk encryption Audit controlInstant lManagedCommon reporting andmonitoringData eventmanagement, policyClient portalNetwork, server, andendpointIBM Proventia DesktopEndpoint SecurityIBM SiteProtector systemIBM Managed Protection andProfessional Services12Audit Professional 2007 IBM Corporation

IBM Internet Security SystemsIBM ISS Strategic Themes and Focus AreasPortfolio SegmentsIBM Proventia NetworkEnterprise ScannerIBM Proventia NetworkIntrusion Prevention System Gand IBM Proventia NetworkAnomaly Detection (ADS)Simplify Operationsand Expand CapabilitiesNetwork strength application database10G Interface15 Gbps speedProtect DataFull coverage application databasePII proof of concept-signature basedEnhanceComplianceReadinessPCIAudit ControlAudit controlReporting.Audit controlReportingIBM Proventia NetworkWeb and Mail FilterAnti-spamContent filteringImage analyticsIBM Proventia NetworkMulti-Function Security (MFS)All in one(AV, IPS AS)PCIROBOIBM Proventia ServerIntrusion Prevention System (IPS)Heterogeneous coverage64 bit OS,VistaPrivileged Users Desktop management Integration w/ ServerWhole disk encryption Audit controlInstant messaging,Reportingremovablemedia,emailCommon reporting andmonitoring, policyData eventmanagement, policyClient Portal, policyNetwork, server, andendpointIBM Proventia DesktopEndpoint SecurityIBM SiteProtector systemIBM Managed Protection andProfessional Services13Audit ControlReportingPCIAudit ControlReportingAudit controlReportingReportingAssessmentsExtend Securityas a ServiceIBM PortfolioIntegrationPCI (VMS agementLotus emailProfessionalManagedBlue BusinessPlatform ,midmarketProfessionalManagedIBM ServersBlue edTivoli consoles(TCIM, TSOM)VSOCDVS ,email services 2007 IBM Corporation

IBM Internet Security SystemsThe ISS roadmaps drive towards the unification of system securityand data security, with full coverage spanning the network, server,and endpoint strategic control points ahead of the threat Network Protection Multifunction Security Vulnerability Management Endpoint and Server Protection Data and Content Protection . enabled and enhancedby Enterprise Services“Comprehensive system security and data security delivered and managed through world class services”14 2007 IBM Corporation

IBM Internet Security SystemsThe Value of “Preemptive” InnovationTraditional Signature-based Security- Can only react to attacks- Incurs cost of attack beforeapplying protectionvs.IBM Internet Security Systems- Provides preemptive technologies- Blocks attacks before impact- Reduces cost of operations- Causes patching to occur onan “emergency basis”- Enables patching on a maintenanceschedule- Requires that multiple systemsare continuously maintained15 2007 IBM Corporation

IBM Internet Security SystemsTraditional Signature-Based Protection16 2007 IBM Corporation

IBM Internet Security SystemsISS Vulnerability Focused Protection17 2007 IBM Corporation

IBM Internet Security SystemsMS Plug and Play / - Zotob Timeline184/13/20058/9/20058/11/20058/13/2005ISS implements protection forMS PnP vulnerability into ISSproducts. ISS’ Virtual Patchprotection begins.Microsoft publiclyannouncesvulnerability andavailability of apatch.Plug and Playexploits becomepublicZotob Bot runs rampantand causes damage toorganizations worldwide.ISS customers enjoyprotection since 2005Others do not have internalresearch to find andunderstand vulnerabilities;therefore, they have noknowledge of the MS Plugand Play vulnerability.Other claim “preemptiveprotection” throughbroad blocking andalerting methods whichare prone to falsepositives and falsenegativesPlug and Playexploits becomepublicZotob Bot propagates, somecompetition see the bot, butnone of the (many) variants,resulting in continuousupdates offering little to nozero day coverage.Exploit-basedsignatures releasedto reactively protectagainst the Zotob Bot 2007 IBM Corporation

IBM Internet Security SystemsEnd-To-End Security Products and ServicesCarrier CloudEnterpriseData CenterPerimeterLANWeb, Mail, File,Application ServersService ProviderNetworkDeskDesktop & LaptopSolutions & TechnologiesMSS “Clean Pipes” Enablement Intrusion Prevention, Firewall,Content/Data /Mail/Web SecurityNGN Protection IPS & ADS protection for VoIP, IMS 19Protection against viruses/worms/bots/spam/phishing/DDoS other emerging threatsDedicated & MultifunctionAppliances for PerimeterDedicated Appliances forLocal Area NetworkHost Security SW forServers & PC’s Intrusion Prevention, Firewall,Content/Data /Mail/Web Security Intrusion Prevention, Behavioralanalysis (ADS), VulnerabilityManagement FW, Intrusion Prevention,Content / Appl’n protection,Multiple Operating systems, 2007 IBM Corporation

IBM Internet Security SystemsNetwork Business Line . providing world class network protection Client Value–Pre-emptive network security protecting client assets, applications and data Current Product line–Proventia G IDS/IPS protecting from SMB to Large Enterprise to Carrier class networks–ADS Network behavioral analysis to protect against data leakage and the insider threat Integration with IBM products & services–Integrated with ISS suite of products, services and solutions–SiteProtector management console, Managed Security Services, Tivoli Security Operations Manager (TSOM)–In-process integration – IPS and ADS on BladeCenter Solutions / Strategy20–Data Leakage Protection – ADS to stop the insider threat, IPS with content enforcement to stop malicious andaccidental compromise–Compliance and Reporting – advanced reporting and business intelligence tools–Carrier and Telco services – products and services geared to enable in the cloud protection 2007 IBM Corporation

IBM Internet Security SystemsEndpoint and Server Protection Business Line Endpoint is the new perimeter Client Value–Ahead of the threat protection for Endpoints and Servers, protecting against attacks that can lead to datatheft and lost system usage Current Product line– Proventia Server / Sensor (Windows, Linux, HP-UX, AIX, Solaris) –Broad platform coverage to protect servers from malicious attacksCompliance and intrusion preventionProventia Desktop Multi-layered threat and data protectionBehavioral threat protection, antivirus, antispyware, intrusion prevention Integration with IBM products & services––––––Server for AIX and System PServer for Windows and System XBlue Business PlatformProventia Desktop-Lenovo: Secure Security PC initiativeTPM with Proventia Desktop and ServerTAM and Server Solutions / Strategy––22Proventia Desktop: Deliver market leading system and data protection via an extensible framework tomeet the needs of customers today and tomorrowProventia Server/Sensor: Deliver comprehensive system protection and market leading compliance.Deliver comprehensive virtualized server protection 2007 IBM Corporation

IBM Internet Security SystemsMultifunction Security Business Line . managing your network needs for remote office branch office Client Value––All-in-one security appliance ensures maximum network uptime and workforce productivity by blocking viruses, worms,hackers, spam and unwanted Web content.Proventia MFS stands as a key enforcement point for enterprises and small businesses alike to ensure compliance andprotection with a consistently managed and comprehensive security policy, even for small, remote offices. Current Product line–Proventia MX – Three core UTM models with scalable enterprise management features targeted at enterprises withdistributed operations such as remote office/branch office. MX1004, MX3006, MX5010 Integration with IBM Products & services––Proventia MFS can be managed locally, through SiteProtectorDirect integration with other Network Management systems, including Tivoli Security Operations Manager (TSOM). Compliance––Helps satisfy 10 of the 12 PCI requirements, especially for remote offices and retail storesHelps meet protection and access control requirements of regulations like HIPAA and SOX Solutions/Strategy––––––24Complete the product line: appliances to support from 25 to 3,000 userEnhance firewall to meet competitive pressures in the area of Enterprise firewall featuresExtend easy client connectivity offering with SSL VPN and enter adjacent VPN market at the low endLeadership role in UTM market by extending security modules so that they will be feature competitive with stand-alonesecurity products in Antispam and URL filtering, allowing sales to sell into adjacent security marketsSupport layered security approach by enforcing usage of Proventia DesktopBlue Business Platform for small and medium business 2007 IBM Corporation

IBM Internet Security SystemsVulnerability Management Business Line . managing your network vulnerability needs Client Value–Ensure the availability of IT services, while protecting corporate data by identifying where risk exists, prioritizingand assigning protection activities, and reporting on results. Current Product line–Internet Scanner (IS) – Software-based network vulnerability assessment product servicing the Audit andVulnerability Management markets–Enterprise Scanner (ES) – Appliance-based network vulnerability assessment product servicing theVulnerability Management Markets ES 750 (Sept 07) ES 1500 (3Q06) Integration with IBM products & services–Interface to Site Protector which in turn interfaces to Tivoli Security Operations Manager (TSOM) Strategy / Solutions–––26Competitive enhancements to ES Added functionality PCI certification (security checks and reports)Expansion of assessment capabilities to include application and database vulnerability scannersIntegration of network, application and database scans to facilitate Overall Risk Management 2007 IBM Corporation

IBM Internet Security SystemsData Security and Content Business Line enabling collaboration while mitigating risk Client Value–Safeguarding data across the enterprise, facilitating content awareness, enabling Security & Privacy compliance,monitoring data flows, optimizing control, leveraging industry expertise & best practices to ensure access whilepreventing data loss Current Product & Services Line––––Proventia Network Mail MS3004 Appliance (launched August 2006) MS1002-VM Virtual Appliance (launched August 2007)Proventia Mail Filter software (July 2004) Formerly Cobion OrangeBox Mail software (March 2003)Proventia Web Filter software (July 2004) Formerly Cobion OrangeBox Web software (2002)OEM Business – 30 Active Email and Web content security partners Includes 5 of the 20 vendors on 2007 Gartner Secure Web Gateway MQ including market leader Mail Security and UTM vendors also represented in OEM relationships Integration with other IBM products & services Solutions/ Strategy––––––28Hardware Line Expansion for Mail Security Appliance line – 2008Secure Browsing – securing transactions regardless of system stateContent Protection Appliance – 2008 (HTTP, HTTPS, FTP, IM, P2P content gateway inspection)Content Scanning Services and Risk AssessmentsBrand / Logo Identification ServiceDLP (Data Loss Prevention Services) including granular controls based on content & context and integration withother components of Enterprise Content Protection such as desktop agents and gateway filters for holisticprotection 2007 IBM Corporation

IBM Internet Security SystemsEnterprise Services Business Line solving business problems through flexible service delivery Client Value–Comprehensive, adaptable services designed to reduce operational overhead, demonstrate compliance, improvesecurity posture, and guarantee protection at the network, server, and desktop level. Current Offerings–––––––Managed Protection Services (MPS) – Guaranteed protection offerings based on industry leading IBM ISStechnology at the Network, Server, and Desktop.Managed Security Services (MSS) – From fully managed to fully monitored, support for best of breed Firewall, VPS,IPS, AV, AS, from leading vendors – ISS, Cisco, Checkpoint, Juniper, 3Com, McAfee, Fortinet, Sourcefire, etc.Security Enablement Services – Turn-key solutions delivering on-demand protection when you need it without theneed for additional hardware or software deployment. Includes SELM, VMS, and XFTAS.Professional Security Services (PSS) – In depth Professional Services designed to provide regulatory certification,security assessment / implementation, and full scale penetration testing.Education and Training Services – Comprehensive instructor led training and e-learning offerings designed aroundIBM ISS technology and security best practices.Emergency Response Services – 24x7 emergency response capabilities for forensic analysis and investigation,evidence preservation, and expert witnessing.Proventia Management SiteProtector – Provides the industry’s most comprehensive centralized securitymanagement tool, designed to simplify management functions while expanding visibility into critical security issues. Strategy–––––––30Service Provider offering portfolio expansion.On-Demand services launch – after hours monitoring for the Security Event and Log Management offering.Security Event and Log Management enhancements for extended regulatory compliance capabilities.Improved Vulnerability Management service with support for Ent. Scanner, PCI compliance, and enhanced usability.Data protection services – Data Loss Prevention, database monitoring, encryption, etc.Enhanced SiteProtector release to include world class business intelligence capabilities.Introduction of new e-learning capabilities delivering IBM ISS education in an always-on, online classroom. 2007 IBM Corporation

IBM Internet Security SystemsThe Next Generation in Security Management Services31 2007 IBM Corporation

IBM Internet Security SystemsWhat set’s IBM ISS Managed Services Apart?7 SecurityOperationsCenters 6 SecurityResearchCenters 133MonitoredCountries 15,200 manageddevices 2200 MSSCustomersworld wide 400,000,000Events perdayZurich, CHBrussels,BEToronto, CADetroit, USTokyo, JPTokyo, JPAlamden,USBoulder, USAtlanta, USTJ Watson,USHaifa,ILNew Delhi,INBrisbane,AU32 2007 IBM Corporation

IBM Internet Security SystemsManaged Services: Managed Protection Services (MPS) Guaranteed Protection Based on IBM ISS Security Technologies– Proventia G (IDPS)– Proventia M (UTM)– Proventia Server– Proventia Desktop Best-in-Class Service Level Agreements– Performance based SLAs Multiple Service Level Options– Standard, Select, Premium– Choose services per device for custom solutions Industry Leading Customer Portal Embedded X-Force Intelligence33 2007 IBM Corporation

IBM Internet Security SystemsRoadmap Focus Areas SIMPLIFYSecurity Operations and Expand Capabilities PROTECT Data ENHANCE Compliance Readiness EXTEND Security as a Service ACCELERATE IBM Portfolio Integration36 2007 IBM Corporation

IBM Internet Security SystemsIBM’S SECURITY PORTFOLIOAccessHW / Appliances Access / identity mgmt Authentication EncryptionManaged, Hosted ID mgmtTapeTape SrvcsServicesProventiaDesktop /ServerProventia A (IDS) IDS / IPSServices / MSSTivoliTIM / TAMFIM / EKMSecure notebooks;Tapes; Z, P servers FirewallBarriersSoftwareProventia G (IPS) UTMsISS MSSRisk MgmtOtherContent filtering VPN Anti-virusProventia G (IPS) Anti-spyware Spam filteringProventia M(UTM / VPN)Proventia Web FilterAnomaly Detection PhysicalIBM S3 / DVS Patching / remediationVirtual Patch Policy & compliance Vulnerability assessmentGBS ConsultingTivoli SCMInternet Scanner /Proventia Network Ent. ScannerSiteProtector Security info mgmtX-ForceProfessional ServicesNeuSecure Security intelligenceIBM37ISS MSSProventia Mail Filter Web filtering Denial of serviceProventia Desktop withA/V & SPYWISSX-Force 2007 IBM Corporation

IBM Internet Security SystemsDelivering comprehensive and integrated security coverageStarting with services(assessments) and extending into operations via anautomated platform for ongoing monitoring & management to providepractical risk managementProfessional and Managed ServicesSecurity Experts Common Management Platform(Console, Client entProtection everywhere .Protection- NetworkEverywhere - DataNetworkcenter/Data Center/ServerServer- EndpointEndpointEnabling TechnologiesReusable PlatformComponents(CAM),(PAM) 38Multifunctionor singularprotectionData Protection deliveringbusiness value System ProtectionPartnerPartnersTechnology powered bytechnology assetsIBM TechnologyHardware: BladeCenter Software: Info Management,Rational, Tivoli 2007 IBM Corporation

IBM Internet Security SystemsThe combined value of ISS and IBMIBM Internet Security Systems enables clients to think through top securityissues and operationalize those strategies in a practical, scalable and costeffective way through comprehensive security solutions and services Breadth and depth – ISS’ integrated and replicable security solutions combined with IBM's security hardware, software and services provides clientswith the most comprehensive security portfolio in the industry Innovation – ISS’ X-Force team and engineers linked with Software Group andIBM's research capabilities to provide expertise and value to our clients Growth potential – IBM's worldwide coverage and resources fully leverage ISS’expert sales force, automated platform and security operations centers Time to value – IBM Internet Security Systems is moving rapidly to meet growingdemand for world class security products and managed security services39 2007 IBM Corporation

IBM Internet Security SystemsIBM Makes a Difference Only IBM has the breadth and depth of products, services, technology, personneland partners to deliver end-to-end securityManage business risksImprove the consistent enforcement of corporate security policiesand regulatory compliance with fewer resources.Block security threatsAnticipate vulnerabilities and risk.Reduce exposure to external and internal threats.Drive valueReduce the costs of operating a secure, resilient business andimprove information that helps prioritize future security investments.40 2007 IBM Corporation

IBM Internet Security SystemsThank YouQuestions?41 2007 IBM Corporation

IBM Proventia Desktop Endpoint Security IBM Proventia Server Intrusion Prevention System (IPS) IBM Proventia Network Multi-Function Security (MFS) IBM Proventia Network Web and Mail Filter IBM Proventia Network Intrusion Prevention System G and IBM Proventia Network Anomaly Detection (ADS) IBM Proventia Network Enterprise Scanner .