HP Strengthens Security Portfolio With IPS, Data Center Services

HP has made major additions to its security portfolio, as part of the company's cloud, mobility, and big data initiative, dubbed the Enterprise Security and Risk Management Strike 2012. This week, the company unveiled the new HP TippingPoint NX Platform Next Generation Intrusion Prevention System (NGIPS) and HP Data Center Protection Services, among other new products and services.

The TippingPoint NX Platform NGIPS prevents network breaches across devices, virtual machines, operation systems and mission-critical applications by adding capacity for deep-packet traffic inspection. A new modular architecture adapts automatically to threats as they're discovered by NGIPS, while the small form factor (2U) helps customers save rack space and maintain consistent power consumption and cooling costs. Swappable interface modules and the highest port density on the market lets customers who have to secure more than the perimeter push the IPS deeper into the core and to different locations on the network.

"The software architecture is designed to provide modular software and security for our customers and allow us to extend our existing software into other areas of the network," says Sanjay Raja, director of product marketing for network and virtualization security in HP's Tipping Point enterprise security division. "Threats are getting more sophisticated and use multi-layer attacks to breach networks. Malware is still occurring, but the growth in that area is not as high as it used to be, and we're seeing more complex attacks."

Thanks to the proliferation of cloud computing and mobile devices, customers are looking to deploy IPS beyond the perimeter. According to Raja, customers seek full visibility across an entire infrastructure and need more security in more places. "We'll do all the standard things that an IPS does around malware protection, packet inspection, identify attacks and vulnerabilities, but we have additional capabilities there," he explains. The architecture is designed to enable HP to add new security modules in the future. As of now, a next-gen firewall is planned for next year, as well as compatibility with virtualization vendors beyond VMware, with whom HP has an existing partnership.

HP's new Data Center Protection Services evaluate organizations' existing security programs, including the command and control and risk management, with legal and regulatory compliance issues in mind. The full HP Data Center Protection Services Suite consists of HP Data Center Protection Optimization Service, HP Data Center Governance Risk and Compliance (GRC) Readiness Service and the HP Data Center Protection Management Service. Using these services, HP provides a list of recommendations to help customers optimize infrastructure and improve data center security management.

"These services evolved from our existing data center transformation business," says Michael Gould, VP of HP's US technology services and consulting division. "It is the consolidation of what we do today. This fills in with the Security Strike initiative that HP is implementing. We dovetail that into the various product offerings and those announcements."

According to Gould, the three services have specific goals in mind:

HP DC Protection Optimization: With this service, HP helps rationalize the current investment that customers have made in risk management and ensures that all assets are being optimized. "Are they adequate to meet future state needs? We want to make sure the cost of reducing risk is commensurate with the value of the assets at risk," Gould explains.

HP DC GRC Readiness Service: The goal of this service is improving governance and compliance, and taking the mystery out of what's happening when moving to the cloud. "If we move this workload to a service provider, [the customer needs] to know what that means for the confidential data moving with it," Gould says. "There could be regulations and fines."

HP DC Protection Management Service: This service examines what it takes to operate and develop a proactive services methodology and awareness of the threat environment. "It's all about being proactive and not reactive to new threats and managing your risk," Gould says.

"The HP acquisition of Tipping Point is one of the cooler things [HP] has done in the security space," says Lawrence Pingree, research director at Gartner. "What we have been looking for is the improvement in the products being strategically placed together in a single group, and it looks like they've done that."

Pingree notes that the new consolidated data center consulting services suite is a step in the right direction. "Security is a growth area, and optimizing security is something a lot of organizations need to do," he says. "There are some things companies do for compliance that are repetitive, so having a second fresh set of eyes look at the problem and make better use of personnel is a good thing."

Other HP announcements include the enhanced HP ArcSight Enterprise Security Manager 6.0c, the new HP Security for Public Sector portfolio, the HP Information Security Pulse free mobile app, and new protection against printer-based intrusions, including protection designed for the healthcare industry and new assessment services.