HP Takes Aim at Printer Security
HP enhances security portfolio with ArcSight and a brand new IPS system
In the modern world where everything is connected, security threats can come from almost anywhere including, yes, the lowly office printer. In an effort to help companies recognize and contain evolving threats, HP has announced a series of new and enhanced security products and services.
"What's really guiding us as we develop solutions are principles about building security intelligence in and protecting what matters," Michael Callahan, Vice President, Worldwide Product and Solution Marketing, HP Enterprise Security Products told eSecurity Planet
Among the items that matter is the printer. HP is ramping up a new service called the HP Imaging and Printing Security Assessment. The assessment will identify the current security profile of an organization's printer. If issues are found, HP will work through the process to help remediate the risks.
"Most people don't think about printers as end points or having any sort of security risk, but they do because of the amount of information that is sent to them and possibly stored on them," Callahan said.
To help underscore the point, HP today also released a commissioned study that found that 68 percent of enterprises don't have a security policy for printers.
A core component of modern enterprise security is the IPS (Intrusion Prevention System). HP is now advancing its TippingPoint IPS portfolio with the new NX platform, which it says can deliver as much as 13 Gigabits per second of IPS inspection throughput. The purpose-built, modular platform enables administrators to plug in new ports or different types of ports. "The operating system is the TippingPoint Operating system, and the box is a custom built box with custom silicon to make sure we get the best performance," Callahan said.
The NX is also what is known as a Next Generation IPS (NGIPS), device as it bundles in application awareness. The NGIPS market is a competitive one, with rivals like IBM debuting its own system. The IBM Security Network Protection XGS 5000platform, announced in July, can handle up to 2.5 Gbps of inspected traffic.
HP's product includes a reputation feed, which enables the TippingPoint IPS to block access to known bad IP addresses, whether outbound or inbound.
"The NX platform brings in the idea to also do security based on reputation feeds," Callahan said. "So it's not only pattern and filter matching."
ArcSight Enterprise Security Manager
HP is also updating the ArcSight Enterprise Security Manager platform to version 6.0c. HP acquired ArcSight in 2010 for $1.5 billion and has been busy building out the technology ever since.
"With the new version we have the new CORR architecture that provides more performance," Callahan said.
The CORR (Correlation Optimized Retention and Retrieval) engine is all about using less space on compute infrastructure in order to obtain quicker answers to security-related queries. The ArcSight 6.0c release is further complemented by HP's EnterpriseView modulethat was first announced in February of this year.
"The interaction between EnterpriseView and ArcSight really comes through the connectors that we have for ArcSight that go out and connect to over 350 devices to get security information," Callahan said. "The new version lets us get information much faster and it now puts information into EnterpriseView so it feeds directly."
The overall goal with EnterpriseView and ArcSight is to provide better visibility into security events in order to take proper actions to remediate risks. According to HP's commissioned study, 53 percent of enterprises manually consolidate their own information risk reports today.
August 27, 2012
CTO Andrzej Kawalec at HP Security says users need to do their part to keep the Internet safe.