Network Security Inside Out: What’s happening on Your Network?
Melissa Stevens 270005B76W MELISSAS@US.IBM.COM | | Tags:  security-intelligence nextgen-ips ips ibmsecurity network-security security apt
0 Comments | 1,770 Visits
This post is contributed by Paul Kaspian, Senior Product Marketing Manager for IBM Security.
In network security we spend a lot of time looking at threats coming into our organizations from the outside. This makes a lot of sense considering the fact that our networks are under siege from increasingly sophisticated and well-funded groups of attackers. An effective intrusion prevention strategy that is able to adapt to new attacks is clearly essential, but what about the risk introduced by our own users? What types of threats are they either knowingly or unknowingly introducing into our environment and how do we mitigate those threats?
Answering this question is critical in understanding the risks introduced by users. What applications do they have installed? What web sites are they visiting? What does this mean for your overall security posture? After all, this activity can have a very direct impact on the overall security of the network. A perfect example is users that have unknowingly visited a site hosting malware. Many legitimate sites are now infected with malware, but there are obviously a large number of sites that are focused on malware distribution, often posing as their legitimate counterparts.
IBM has introduced several new offerings to help organizations get a better handle on the risk that is being introduced from internal use. This includes providing a next-gen platform for intrusion prevention that is able to easily monitor the use of both web and non-web applications, as well a granularly control their use. This means blocking access to obviously non-business related sites such as sites hosting malware or gambling sites, as well as tailored access to others. When combined with IBM’s security intelligence offerings, even more visibility and insight is provided including the ability to do event correlation and anomaly detection – critical pieces of functionality important in detecting multi-vector attacks such as Advanced Persistent Threats (APTs).
Comprehensive network security requires a balanced approach that addresses the risks introduced from activity on the network. Greater visibility and control of this activity is the real key to greatly reducing the risks and costs associated with a security incident.
Learn more and see how it really works; watch the NextGen IPS Overview.
Get more security news by following @IBMSecurity on Twitter.