IBM Unveils Fast New Network Security Appliance

SAN FRANCISCO — IBM, a name that doesn't automatically say data or network security—even though it indicates just about everything else in the IT business—on Feb. 15 introduced a new appliance designed to strengthen a company's existing network security.

The announcement was made at the RSA Conference here at the Moscone Center.

The IBM Network Intrusion Protection System GX7800 is a dedicated, server-like appliance that plugs into a system to provide full Web-application protection, extends security reach to private and public cloud systems, and uses IBM's X-Force network intelligence to stay ahead of threats, IBM said.

The GX7800 serves as an adjunct deployment and works seamlessly with existing network-security software, Director of Strategy for IBM Security Services Marc van Zadelhoff told eWEEK.

IBM Security Services' XFTAS (Force Threat Analysis Service) is a subscription security intelligence service that delivers customized information about an array of threats that could affect network security. XFTAS helps users proactively protect their networks with detailed and regularly updated analyses of global online threat conditions.

"We think this is a game-changing announcement, and with its 20G bps processing speed, we think this is the fastest security appliance in the market," van Zadelhoff said.

The NIPS appliance enables advanced security capabilities to be deployed directly at the network stack, where performance and availability are the most critical, van Zadelhoff said. This includes key features above and beyond traditional IPS—such as Web-application protection, data-loss prevention, and so-called "virtual patching," van Zadelhoff said.

As enterprises get into in the process of updating their data centers by consolidating older servers into newer, virtualization-ready machines, bigger "pipes" are being installed to handle the increasing amount of data flow into these systems, van Zadelhoff said. Thus, security processes need to be enhanced.

"This requires more interpretation and security of the traffic coming in and out of that data center," van Zadelhoff said. "We have service providers offering cloud-based services using virtual technology; again, they need bigger, faster pipes to secure all that data. Telcos are a good example of this. That's what this device is all about—processing speed."

Speed is particularly useful in the case of attacks on Web applications, which represented more than 55 percent of all network vulnerabilities in the first six months of 2010, van Zadelhoff said.

Using the X-Force research information, the appliance will extend IBM's Virtual Patch protection to block any threat that X-Force researchers deem a potential risk, even before a vulnerability is publicly disclosed and the software publisher issues its patch, van Zadelhoff said.

The RSA Conference continues through Feb. 18.