IBM has declared that it is going to introduce the “next generation” IPS (intrusion-prevention system), a service that is designed to prevent network-based attacks as well as put on application-level controls and URL filtering capabilities typically found in separate products.
The Security Network Protection XGS 5000 appliance integrates IBM’s core IPS technology with threat-monitoring features such as the ability to identify misuse of the Web by end users and to block suspicious URLs known to spread malware.
IDC security research analyst Charles Kolodgy says the IBM XGS 5000 does represent a new kind of IPS-based product that “improves network, user, and application awareness” and “vastly improves an IPS’s ability to provide full network protection, especially trying to uncover custom malware and stealth attacks perpetrated by advanced persistent threats.” APT is the term use to describe stealthy attacks to try and steal sensitive corporate data.
“The uniqueness isn’t so much in the application layer and URL, a lot of products have that, but it’s in the ability to set up security at the user level (like the next-generation firewall), correlate that information (in this case with QRadar), and utilize cloud-based threat intelligence to uncover malicious websites and files,” Kolodgy explains.
