HP Integrates Enterprise Security Framework
HP takes aim at emerging security threats with the expansion of its integrated solutions.
Modern IT threats come from all corners. That's why HP is now expanding its security solutions framework with a set of integrated solutions that span multiple product families within the company.
"Our expanded enterprise security solutions portfolio is much broader, wider and deeper than most people recognize," Rebecca Lawson, director of Worldwide Security Initiatives at HP, told InternetNews.com.
Lawson noted that HP has four different categories of solutions for helping enterprises with security. There are solutions for assessing the situation, transformation services for technology and cultural approaches to security, security management and optimization of environments for security.
From an assessment perspective HP is now offering a new enterprise security assessment workshop. Lawson said that the one-day workshop works with enterprises to help them develop a roadmap for a secure infrastructure. On the services side -- from the organization formerly known as EDS, now know as Enterprise Services -- several managed cloud services are debuting. One of those cloud services is the HP Secure Boardroom.
"The Boardroom is designed to take the various disparate sources of data within an enterprise and pull them into a C-level view," Lawson said. "So you can look at all your data in one dashboard and we've got quite a bit of intellectual property in this technology."
At the front line of security, HP is improving its Digital Vaccine technology for identifying malware threats.
"One of the big changes is that we're now using the scanning capabilities from the application security scanning group," Jennifer Lake, security product marketing manager at HP DVLabs, told InternetNews.com. "That provides comprehensive scans of a customer's applications and deliver a vulnerability report that can be taken to our Digital Vaccine (DV) Labs team.
Lake added that with that report the DVlabs team can create custom filters that run in the enterprise IPS. She noted that the customer filters essentially add Web Application Firewall (WAF) functionality to the IPS. The trend toward WAF capabilities in IPS is not a new one. In 2010, IBM added WAF capabilities to its IPS technology.
Going a step further, HP's Digital Vaccine Toolkit enables customers to create their own filters for their IPS systems. As part of the toolkit, rules from the open source SNORT IPS can be converted to run on HP's TippingPoint IPS.
"When SNORT filters are developed, it's questionable about who developed it and how comprehensive it is," Lake said. "By putting it through the DV converter we can provide more review and verification."
In addition to using the DVlabs technology for IPS monitoring, HP also has a reputation monitoring capability that is being expanded.
"The Reputation Security Monitor is using the DVlabs reputation database and tying it in with ArcSite management," Lake said. "This allows for addition aggregation and correlation of data. "
HP acquired ArcSight in a $1.5 billion deal in September of 2010. ArcSight provides security information and event management capabilities (SIEM). The integration of ArcSight with DVlabs will also provide additional details on where threats are coming into an enterprise.
"It allows you to map back an IP address to see if there is a particular department or user that is continuously visiting a site that is delivering nasty payloads," Lake said.