Published on 02 December 2011, updated 16 December 2011
ISBN-10: 0738436216
ISBN-13: 9780738436210
IBM Form #: SG24-7979-00
Authors: Axel Buecker, Matthew Dobbs, Dr. Werner Filip, Craig Finley, Vladimir Jeremic, Alisson Quesada, Karl Sigler, Mario Swainson and Joris van Herzele
Every organization today needs to manage the risk of exposing business-critical data, improve business continuity, and minimize the cost of managing IT security. Most all IT assets of an organization share a common network infrastructure. Therefore, the first line of defense is to establish proper network security. This security is a prerequisite for a logical set of technical countermeasures to protect from many different attack vectors that use the network to infiltrate the backbone of an organization.
The IBM® Security Network Intrusion Prevention System (IPS) stops network-based threats before they can impact the business operations of an organization. Preemptive protection, which is protection that works ahead of a threat, is available by means of a combination of line-speed performance, security intelligence, and a modular protection engine that enables security convergence. By consolidating network security demands for data security and protection for web applications, the IBM Security Network IPS serves as the security platform that can reduce the costs and complexity of deploying and managing point solutions.
This IBM Redbooks® publication provides IT architects and security specialists a better understanding of the challenging topic of blocking network threats. This book highlights security convergence of IBM Virtual Patch® technology, data security, and Web Application Protection. In addition, this book explores the technical foundation of the IBM Security Network IPS. It explains how to set up, configure, and maintain proper network perimeter protection within a real-world business scenario.
Part 1. Architecture and design
Chapter 1. Business context for threat and vulnerability management
Chapter 2. Introducing the IBM Security Network IPS solution
Chapter 3. IBM Security Network IPS architecture
Chapter 4. IBM Security Network IPS solution design and management
Part 2. Customer scenario
Chapter 5. Overview of scenario, requirements, and approach
Chapter 6. Phase 1: Design and implementation of IBM Security Network IPS
Chapter 7. Phase 2: Policy tuning for IBM Security Network IPS
Appendix A. Troubleshooting