RSA: IBM delivers on Phantom promise

At RSA Conference 2009, IBM/ISS will make good on a promise it made at last year’s RSA event to deliver protection for virtual environments.

The effort IBM/ISS called Project Phantom will bear fruit with the announcement of the Virtual Network Protection Platform, a network intrusion prevention system (IPS) for protecting virtual network segments.

Slideshow: Hot security products from RSA Conference 2009

ISS already made IPS software, but virtual environments in which virtual machines share the same hardware and replicate to other physical machines create blind spots where traditional IPS products have no vision.

The new software can be deployed on generic hardware to save money and deployed as dedicated machines devoted to a single customer in a service-provider environment. Other vendors including Altor and Catbird are making security software for virtual environments that runs on virtual machines themselves.

In addition, IBM is announcing a blend of its application scanning and content filtering to test Web sites and Web applications for the presence of malware. The capability is a new feature of Rational AppScan automated Web application security software. Customers would point the software at a Web site or application and its scanning engine would find malware and generate reports.

Embedding this capability in Rational AppScan automates the process and requires less time and expertise than alternative scanning methods, IBM says.

IBM is also announcing a new appliance called Network Security Controller that’s designed to aggregate the IPS power of multiple IBM Proventia IPS GX6116 appliances and uplink them to a 10Gbps network. The idea behind the device is to let customers avoid ripping and replacing their current IPS gear when they upgrade to 10Gbps networking.