IBM Looks to Lock Down Virtualization


IBM (NYSE: IBM) today unveiled a series of new products and initiatives to build out its security products against the threats of today and tomorrow.

The virtualization security technology called Phantom and a new security event manager are part of IBM’s
multibillion dollar push
to become an end-to-end player in security.

“The investments you see from IBM are part of a grander scheme to look at the life cycle associated with security and understand what it is we have and what we don’t,” Kris Lovejoy, director of IBM corporate security strategy told

Lovejoy explained that, at its core, Phantom is an intrusion-prevention system, or IPS , implemented at various layers. Phantom provides robust security for a variety of virtualization hypervisor technologies, including VMware and Xen.

“If an IPS could monitor for key threats and identify vulnerabilities it would be in a better position to protect virtualized systems,” Lovejoy said.

Lovejoy declined to comment as to when Phantom might become a commercial product offering from IBM. At present she noted that it’s still in research.

In terms of actual commercial products, IBM is rolling out the new IBM Tivoli Security Information and Event Manager, which is an automated system for managing security events.

According to Lovejoy, the Tivoli product is similar in some respects to Cisco’s Monitoring Analysis Response System (MARS), which is part of Cisco’s
Self Defending Network topology and got a major refresh today

She noted that the Tivoli app introduces a new event-handling technology to efficiently store event logs. Every system creates an event log, she added, and from a compliance perspective many organizations are required to keep those logs.

“The solution takes events and analyzes patterns of activity and then escalates them so security people can deal with issues,” Lovejoy explained. “It also allows organizations to take events that are identified and trend over long-term so organizations can understand from a compliance point of view how they’re doing.”

Overall, Lovejoy noted that IBM will continue to build, buy and develop technologies that fit into the company’s broad plan for security products.

“IBM in sum wants to be a strategic security vendor, and for us that means we want to assure business sustainability inclusive of all the various layers,” Lovejoy said.

News Around the Web