Page 2

By Lisa Vaas  |  Posted 2007-05-23 Print this article Print

One of IBMs competitors, Crossbeam Systems, markets a chassis-based UTM (unified threat management) platform built to run multiple, best-of-breed applications, such as firewall, IPS, content filtering, etc. That eliminates the need to run separate security appliances, a spokesperson said. "This enables carrier and large enterprise networks to better manage appliance sprawl and gain enormous performance benefits for the applications that run on the Crossbeam platform," she said. "In other words, its difficult to make a direct comparison because ISS solution is solely an IPS appliance whereas Crossbeam is providing a UTM platform that enables consolidation and optimized performance of multiple security applications. So, its sort of like comparing apples to oranges." But IBM is claiming that Proventia, more than being just an appliance, is a platform protection platform that provides multilayered protection for enterprises from network to host. "By infusing its products with security intelligence from the IBM Internet Security Systems X-Force research and development team and its unique IBM Virtual Patch technology, IBMs solution is designed to protect customers before their business assets are impacted by online intrusions," IBM ISS said in a release.
Going after the same goal, McAfee in September 2005 inaugurated what it called the McAfee Clean Pipes initiative, an expansion of its managed security services offerings. With Clean Pipes, McAfee planned a line of new carrier-grade security products and services and a new network access control product for enterprises.
Click here to read more about McAfees Clean Pipes initiative. At the time, McAfee was working with Cable and Wireless PLC, British Telecommunications PLC (British Telecom), Telefónica SA and China Network Communications (China Netcom) to tailor its offerings through an invitation-only group it called the Clean Pipes Consortium. The outcome of Clean Pipes was supposed to include managed IPS; secure content management; vulnerability management; malware protection, including anti-virus, anti-spam and anti-spyware services; and mobile device security. If any of that materialized, the company kept quiet about it. "The chassis-based products which were to deliver these services never materialized and neither did the services," said Crossbeam Chief Technology Officer Christofer Hoff in a blog that, he said in a disclaimer, doesnt represent the views of his employer. "Why? Because its really damned hard to do correctly. Just ask Inkra, Nexi, CoSine, etc. Or you can ask me. The difference is, were still in business and theyre not. Its interesting to note that every one of those consortium members with the exception of Cable and Wireless are Crossbeam customers. Go figure." Hoff says there are a number of things that make cloud security hard. One issue is that once a provider starts filtering at ingress/egress, attention has to be paid to performance impact, or impact on confidentiality, integrity and availability. "Truth be told, as simple as it seems, its not just about raw bandwidth," he said in the blog. "Service levels must be maintained and the moment something that is expected doesnt make its way down the pipe, someone will be screaming bloody murder for slightly clean pipes. Ask me how I know. Ive lived through inconsistent application of policies, non-logged protocol filtering, dropped traffic and asymmetric issues introduced by on-prem and in-the-cloud MSSP offerings. Once the filtering moves past your prem as a customer, your visibility does too." But unlike McAfees Clean Pipes initiative, IBM ISS has actually come up with a product to ship. Proventia is slated to be available by the end of the second quarter. For more information on IBM ISS intrusion prevention technology, the divisions site is here. McAfee hadnt supplied input as to the fate of Clean Pipes or the Clean Pipes Consortium by the time this story posted. Editors Note: This story was updated to clarify Proventias throughput and packet inspection speeds and to correct the date when it will ship. Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.

Lisa Vaas is News Editor/Operations for and also serves as editor of the Database topic center. Since 1995, she has also been a Webcast news show anchorperson and a reporter covering the IT industry. She has focused on customer relationship management technology, IT salaries and careers, effects of the H1-B visa on the technology workforce, wireless technology, security, and, most recently, databases and the technologies that touch upon them. Her articles have appeared in eWEEK's print edition, on, and in the startup IT magazine PC Connection. Prior to becoming a journalist, Vaas experienced an array of eye-opening careers, including driving a cab in Boston, photographing cranky babies in shopping malls, selling cameras, typography and computer training. She stopped a hair short of finishing an M.A. in English at the University of Massachusetts in Boston. She earned a B.S. in Communications from Emerson College. She runs two open-mic reading series in Boston and currently keeps bees in her home in Mashpee, Mass.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel