IBM "combination boxing" guard against new security threats

Recently, IBM announced the introduction of new services, hardware and software designed to improve the security of the cloud computing environment, ensure data confidentiality, and protect against application attacks.





, a new study by IBM's X-force Security research team, shows that global crime organizations are developing novel attack technologies at an alarming rate. At the same time, companies are increasingly deploying more collaborative business models and using new IT infrastructures, including cloud computing, virtualization, and Web 2.0, all of which bring new complexities to the security team. IBM's new security portfolio is designed to meet customer needs, enables enterprises to take advantage of new technology patterns to cope with emerging risks, and can help address the cost and complexity of important security and compliance projects, such as identity verification and data security management, with simplified security solutions.





"The new computing model fundamentally requires companies to rethink how they respond to compliance, risk management, and data and application protection." "The approach the industry has taken is ' deploy first, then consider security '," said Brian Truskowski, general manager of IBM Internet Security System (ISS), which has created a situation where security costs are high and complex today. IBM drives innovation and securely embeds infrastructure through the platform, transforming security from costly impediments into business drivers. ”





New cloud Security Products





a reliable security scenario depends on an understanding of how the data is stored and where it is used. Even in traditional IT environments, it is difficult to have a comprehensive understanding of enterprise assets and their threats. As cloud computing grows, applications and data become flexible and mobile, and can be stored in many different places at specific times. This can lead to malicious behavior or attacks.





Today, IBM launched the Proventia Virtualization Network security Platform (Proventia virtualized receptacle), a virtual device that helps protect the security of your company's physical and cloud assets. As one of IBM's first offerings in the field of secure virtualization, the Proventia Virtualization Network security Platform is an extensible virtual security platform that integrates security applications including intrusion prevention, network application protection, and network policy execution into a single solution. With the Proventia Virtualization network security platform, customers can gain the power of virtualization through unprecedented scale, thereby providing X-FORCE-supported network protection to virtual networks, which is an important part of implementing a secure cloud service.





the virtual world, like the real world of security, has a problem of security costs and complexity.





"Today's complex single product creates management headaches for safe operations. "Bluelock is working with IBM to take the industry on a different path-embedding security in the virtual cloud," said Pat O ' Day, chief technology officer at Bluelock, a company focused on cloud services. Overall, IBM has been able to reduce the need for customers to install and manage multiple single solutions in their environment. ”





to protect against security threats in the cloud computing environment, IBM has implemented a company-wide project designed to create a unified and comprehensive security infrastructure for cloud computing environments. This project involves systems, software, services, and IBM's renowned research and X-force teams dedicated to delivering highly automated, comprehensive security solutions, with particular emphasis on high levels of isolation, integrity, and resilience.





protects the network completely, guard against the malicious software attack





because the operations of various organizations are implemented through global networks, the pervasive and dynamic nature of online applications poses new challenges to meeting compliance and security requirements. More worryingly, the growth of malware is becoming a major threat to network security.





Sites such as social networks, blogs, and wikis are attracting users to communicate and talk, and increased interactivity makes it easier for hackers and cyber criminals to embed malware in these applications. As a result, organizations are looking for ways to protect their customers ' data from being attacked and to verify that their sites are not compromised as a platform for launching attacks. Now, IBM has introduced new solutions to help eliminate these threats:





IBM Rational AppScan Malware Scan (Malware scanning for IBM Rational AppScan)--This software will Rational appscan powerful scanning and testing software and ISS X-force malware research is combined with the detection engine. With simple operations, users can automatically and proactively scan and test the site for embedded malware and analyze content to determine whether malicious content exists and where it exists. If malware is found, these issues are reported and purged from applications and Web sites, and users are protected.





Proventia Network application Firewall (Proventia Web Creator Firewall)--This new module is embedded in the IBM ISS Proventia Portfolio, Designed to help customers protect more network vulnerabilities through a single solution. The firewall is based on the IBM X-force Security team's research effort to provide protection within the network to protect against major vulnerabilities and attacks against network applications. This product provides a virtual application patching mechanism, which is also an important feature of the product because more than 50% of the application vulnerabilities are not patched for months. By combining rational AppScan and Proventia Network application firewalls, IBM can provide End-to-end application security and compliance solutions ranging from development to application. At the same time, by combining the rational AppScan and Proventia Network application firewalls, IBM can also provide a comprehensive application security solution that covers from development to application.





new data and identity certification software, services for global integration, interconnection and interoperability of enterprises





Today, IBM has launched four new security offerings for dynamic infrastructure and network-based environments to help business and IT security managers improve risk management, meet cost reduction requirements, and reduce complexity. In a dynamic infrastructure, managing risk means developing and managing a secure infrastructure that is built on the basis of trust. Trust in users, identities, information, business processes, and infrastructure will help customers flexibly and quickly deliver superior business and IT services while reducing the cost of infrastructure management, operations, and operations.





These new products include:





IBM Tivoli Identity and Access Assurance Service (IBM Tivoli Identity and Access Assurance) helps monitor, manage, and reduce the risk of identity and access through centralized identity, access, authentication, and review services. It also provides closed privileged user monitoring, control and remediation. This service will be provided through the IBM ISS Resilient Identity Authentication Service (IBM ISS Consolidator Identity Services) to help further reduce the cost of protection.





IBM Tivoli Data and Application Security services (IBM Tivoli and creator)-to help resolve the privacy and compliance risks associated with losing backup tapes and disks by encrypting storage data. This service will enhance access control and be able to track user policy compliance.





IBM Tivoli Security Management Services for z/OS (IBM Tivoli Management for z/OS)-helps improve access control facilities for resources (Resource access controls facility, RACF) Operations management and compliance status. This new service strengthens centralized management of mainframes, monitors events and incidents, and reduces security vulnerabilities.





　　IBM also announced that six business partners will support the second element "enhanced" certification for the Tivoli Enterprise single sign-on Access Manager (IBM Tivoli Access Manager for Enterprise single Sign on) products. IBM can now provide customers with 250 Tivoli-related application configurations to integrate into their environment. Charismathics, digital technology (Digital Persona), ensure Technologies, Fujitsu, Rfideas, and Upek will help customers integrate logical and physical security management. For more information on these business partners and solutions, visit the Open process automation repository (open processes Don Library,opal)