By applying behavioral analytics and anomaly detection, the application can flag abnormal events such as:
- Outbound network traffic detected to countries where the company does not have business affairs;
- FTP traffic observed in a department that doesn't regularly use FTP services; and
- A known application running on a non-standard port or in areas where it is not allowed (e.g. unencrypted traffic running in secure areas of the network).
The new QRadar Network Anomaly Detection appliance leverages the QRadar Security Intelligence Platform and is designed to complement IBM SiteProtector and IBM Security Network IPS deployments. The new appliance also receives a threat intelligence feed from IBM X-Force research, providing insight into suspect entities on the Internet based upon knowledge of more than 15 billion Web pages and images. The X-Force IP Reputation Feed provides QRadar Network Anomaly Detection with a real-time list of potentially malicious IP addresses – including malware hosts, spam sources and other threats. If the product sees any traffic to or from these sites, it can immediately alert the organization and provide rich contextual information about the activity.
IBM Security Network IPS with Hybrid Protection
Today IBM is announcing the newest version of its Network IPS, which contains hybrid protection, combining the broad protection found in IBM's Protocol Analysis Engine with the open source capabilities and common rule syntax of SNORT. This functionality gives IBM clients the ability to easily create and share custom IPS rules in a popular open source format and at the same time provides the confidence that comes with IBM's protection powered by IBM X-Force Research. IBM's Protocol Analysis Engine is considered to be one of the industry's most comprehensive threat detection engines.IBM's Advanced Threat Protection Platform IBM is announcing its suite of network security offerings, the Advanced Threat Protection Platform, which is now one of the most comprehensive, integrated threat protection portfolios. It comprises IBM Security Network IPS and IBM SiteProtector, and the new QRadar Network Anomaly Detection appliance with the new X-Force IP Reputation Feed. Users can now access X-Force intelligence through their QRadar offenses and reports to identify threats related to malicious IP addresses. The solutions also help protect against network-based threats masked in common network traffic and prevents attackers from exploiting vulnerabilities at the network, host and application layers. As security is increasingly becoming a big data issue, this appliance is part of IBM's overall push to combine analytics with real-time feeds to deliver greater security intelligence to clients. IBM offers a range of security-specific appliances targeted at specific needs.
Select the service that is right for you!COMPARE ALL SERVICES
- $2.5+ million portfolio
- Large-cap and dividend focus
- Intraday trade alerts from Cramer
- Weekly roundups
Access the tool that DOMINATES the Russell 2000 and the S&P 500.
- Buy, hold, or sell recommendations for over 4,300 stocks
- Unlimited research reports on your favorite stocks
- A custom stock screener
- Upgrade/downgrade alerts
- Diversified model portfolio of dividend stocks
- Alerts when market news affect the portfolio
- Bi-weekly updates with exact steps to take - BUY, HOLD, SELL
- Real Money + Doug Kass + 15 more Wall Street Pros
- Intraday commentary & news
- Ultra-actionable trading ideas
- 100+ monthly options trading ideas
- Actionable options commentary & news
- Real-time trading community
- Options TV