IBM Software Data Sheet

IBM Security Host ProtectionDefend against security threats through real-time protection and centralized management

Highlights●● ● ●Provide easy integration with existing

organizational infrastructure

●● ● ●Deliver instant visibility and robust security for each endpoint

●● ● ●Help reduce the cost and complexity of maintaining heterogeneous data center security

●● ● ●Support data confidentiality and ease regulatory compliance

Managing endpoint security is more challenging than ever. In a recent six-year period, for example, one global survey of companies across 33 countries documented 3,765 data breaches—costing organiza-tions an average of more than 398,000 records a day and a total of USD156.7 billion for the study period. Laptops led the way based on the total number of incidents.1

Such an onslaught of threats, from outside hackers to unauthorized internal users, can be an ongoing source of security risks. Many organiza-tions attempt to address these threats by using multiple point solutions. However, a fragmented approach such as this often results in reduced visibility and control, potentially creating a critical security exposure within an organization.

IBM Security Host Protection offers your organization a comprehen-sive, integrated solution that delivers multilayered intrusion prevention and detection to help protect your endpoint infrastructure from attacks. Backed by IBM® X-FORCE® research and development, it enables you to manage complex compliance requirements while reducing the costs of maintaining a secure environment.

IBM Security Host Protection includes an integrated security agent to be installed on the management server and distributed to each endpoint. IBM Security SiteProtector™ System provides centralized command and control for the prevention solution, as well as security event monitoring, analytics and reporting. IBM Endpoint Manager can be integrated with the IBM Security Host Protection solution to provide additional security- and compliance-related capabilities such as patch and configura-tion management.

2

Data Sheet

Preemptive, real-time intrusion protectionBased on a combination of server- and desktop-centric intru-sion prevention capabilities, IBM Security Host Protection provides preemptive protection to keep your organization’s endpoints—servers, desktops and laptops—ahead of the threat. Integrating seamlessly with your existing IT infrastructure, its protection and prevention capabilities preserve legitimate traffic f lows without interruption, helping to keep your organization running smoothly while using up-to-the-minute security intelli-gence to protect your critical data from thousands of potential threats. This solution utilizes multiple layers of defense to help provide accurate, real-time protection against system, network, application-level and internal threats.

IBM protocol analysis moduleCombining threat detection, content analysis, system inspection and policy enforcement technologies, the IBM protocol analysis module provides capabilities that go far beyond what most other protection products offer, delivering a broad, proactive

The IBM protocol analysis module drives security convergence to deliver network and server protection that goes beyond traditional approaches.

Protocol Analysis Module technology

Virtual Patchmanagement

Client-sideapplicationprotection

Web applicationprotection

Threat detectionand prevention

Datasecurity

Applicationcontrol

PDF XLS

DOC

DOCPDF XLS

defense for your servers, desktops and laptops. The inclusion of IBM Virtual Patch® technology helps prevent attacks against both known and unknown vulnerabilities in third-party software, such as office productivity suites, web browsers, PDF readers and others, by blocking intrusions even before the third-party vendor has issued its own patch. This capability can help protect against zero-day attacks and reduce total cost of ownership by eliminating the need for emergency software patching.

IBM X-FORCEIn addition to maintaining one of the most comprehensive vulnerability databases in the world, IBM X-FORCE security experts research and evaluate vulnerabilities and security issues, develop assessment and countermeasure technology for IBM products, and educate the public about security threats—sometimes years before they actually materialize—to help keep clients ahead of the threat.

IBM Software

3

Data Sheet

IBM Security SiteProtector SystemThis f lexible, one-stop security management system helps you cost-effectively command and control servers, desktops and lap-tops, while providing high situational awareness through real-time monitoring, security event forensics and audit support. By unifying the management of IBM Security platform offerings across gateways, networks, servers and desktops, as well as select third-party security solutions, IBM Security SiteProtector System can reduce the workload of your IT security team.

Buffer overflow exploit protectionThis signature-less technology helps prevent the exploitation of known and unknown buffer overf low vulnerabilities by actively looking for malicious code.

Host firewall to help block security breachesIBM Security Host Protection includes powerful firewall capabilities that put you in control by enabling you to reduce the number of threats from internal and external sources. As the first line of defense for your critical applications and data, this firewall is designed to block unauthorized access to ports and IP addresses to prevent any malicious or unwanted traffic, pre-venting IP spoofing and terminal hijacking.

Monitoring to provide real-time visibility and support system integrity and complianceWith IBM Security Host Protection, you can gain real-time situational awareness of your critical IT infrastructure as you simplify your compliance efforts by protecting your organiza-tion against unauthorized access and data breaches. This IBM solution facilitates these essential capabilities by allowing security administrators to monitor:

●● ● System integrity: The solution can alert you of user interac-tion with the operating system and applications and provides information about who logged in, what actions they took and when they logged off.

●● ● File integrity: The solution helps you meet intensive data integrity standards and assert compliance with legal regula-tions and industry best-practices, such the Sarbanes-Oxley Act and the Payment Card Industry Data Security Standard (PCI DSS) by monitoring user interaction with sensitive files and folders. The key use of this technology is to detect system tampering and to monitor access to sensitive data.

Complete visibility across your organization’s endpointsIBM Endpoint Manager, which integrates with IBM Security Host Protection, provides real-time visibility and automated remediation from a single console into desktops, laptops, mobile devices and servers across your organization. Endpoint Manager can reduce business disruptions and loss of revenue by helping to protect physical and virtual endpoints from damage caused by today’s sophisticated network-borne threats and their latest variants.

IBM Endpoint Manager also provides comprehensive capabilities to address other endpoint management challenges, such as patch management, data loss prevention, network asset discovery, endpoint hardware and software inventory, software distribution, OS deployment, remote desktop control, software use analysis, desktop and laptop power management, compli-ance analytics, security configuration management, vulnerability management, and multi-vendor endpoint protection management.

Why IBM?IBM Security Host Protection provides advanced intrusion prevention and detection to help secure your endpoint infra-structure. The solution is backed by the IBM X-FORCE team, which maintains the most comprehensive vulnerability database in the world. The broad platform of IBM Security Host Protection supports integration with IBM Security SiteProtector System for centralized command and control and with IBM Endpoint Manager for security- and compliance-related capabilities such as patch and configuration management.

IBM Software

Please Recycle

IBM Security Host Protection at a glance

Server requirements

Minimum processor Intel Pentium III 600 MHz or better

Operating system Microsoft Windows Server 2003, 2003 R2, 2008, 2008 R2 (32-bit and 64-bit) Microsoft Windows XP, Windows Vista, Windows 7

Clustering/load balancing Microsoft 2-node and 4-node clusters Microsoft Network Load Balancing

Minimum memory 256 MB in addition to memory required by other applications

Disk space 100 MB

Network connection TCP/IP network connection over 10/100/1000 Mbps Ethernet

Dedicated system? No

Dependencies IBM Security SiteProtector System 2.0 Service Pack 9.0

For more informationTo learn more about IBM Security Host Protection, please contact your IBM representative or IBM Business Partner, or visit: ibm.com/software/security/products/hostprotection

Additionally, IBM Global Financing can help you acquire the software capabilities that your business needs in the most cost-effective and strategic way possible. We’ll partner with credit-qualified clients to customize a financing solution to suit your business and development goals, enable effective cash management, and improve your total cost of ownership. Fund your critical IT investment and propel your business forward with IBM Global Financing. For more information, visit: ibm.com/financing

© Copyright IBM Corporation 2012

IBM Corporation Software Group Route 100 Somers, NY 10589

Produced in the United States of America October 2012

IBM, the IBM logo, ibm.com, SiteProtector, and X-FORCE are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml

Intel and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or both.

This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates.

It is the user’s responsibility to evaluate and verify the operation of any other products or programs with IBM products and programs. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided.

The client is responsible for ensuring compliance with laws and regulations applicable to it. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the client is in compliance with any law or regulation. Statements regarding IBM’s future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.

IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that systems and products are immune from the malicious or illegal conduct of any party.

1 Suzanne Widup, “The Leaking Vault 2011: Six Years of Data Breaches,” The Digital Forensic Association, August 2011. http://www.digitalforensicsassociation.org/storage/The_Leaking_Vault_ 2011-Six_Years_of_Data_Breaches.pdf

WGD03011-USEN-00