IBM Unveils New Security Tools and Services

May 24, 2006; 05:20 AM
IBM today announced products for IT management and security as well as consulting services capabilities to help businesses address emerging cyber threats. The new offerings are in response to the growing demand for secure industry standard computing that banishes the one-size-fits all proprietary approach of the past so that companies can more easily build service oriented architectures (SOA).

The new IBM WebSphere DataPower SOA appliances and SOA security consulting services can help businesses fend off threats from the estimated 85 percent of malware -- including computer hacking, consumer identity theft crimes, viruses or other security vulnerabilities -- that is motivated by illegal profits. The emergence of organized cyber crime, coupled with the necessity for organizations to comply with myriad government regulations that ensure security and privacy of client data, has made securing IT infrastructures through industry standard technologies critical for organizations of all sizes, and in all industries.

New IBM WebSphere DataPower SOA appliances -- based on technology acquired from DataPower last year -- are less than two inches tall and 19 inches wide and can be installed and configured in minutes to help avoid the aftermath of many of these cyber crimes that costs businesses billions of dollars in lost revenue, lost customers and lost employee productivity. These specialty devices are inserted into a client's existing network to secure, manage and authenticate the validity of messages from various sources including Web transactions, RFID and other wireless devices up to 10 times faster than general purpose systems. When combined with SOA security management software from IBM Tivoli, which securely controls user access to applications and data, the appliances help to ensure that the right people have access to the right data, at the right time.

An IT infrastructure that includes the new IBM WebSphere DataPower SOA appliances and is based on IBM SOA security services can help businesses implement a flexible and dynamic architecture that can securely comply with government regulations including HIPAA, Sarbanes-Oxley and many others. Understanding and reconciling various standards, and ensuring they are properly implemented, is rapidly becoming one of the most complex challenges facing enterprises of all sizes.

"In a rapidly evolving security landscape, businesses face a formidable yet critical challenge to comply with security regulations," said Mike Bilger, partner, Security and Privacy Services, IBM Global Services, IBM. "As more clients begin to realize significant business value from an SOA, including reduced costs and increased revenue, implementing IT security will enable clients to grow the use of SOA across the enterprise so they can stay ahead of fast-changing market conditions."

RouteOne, a joint venture formed by DaimlerChrysler Financial Services, Ford Motor Credit Company, General Motors Acceptance Corporation, and Toyota Financial Services to redefine and improve the credit application process for automobile dealers and their customers, has created an SOA that relies on WebSphere Software and the IBM WebSphere DataPower SOA security appliances. RouteOne's SOA links 21,500 automotive dealerships in North America to 60 finance sources for the purpose of instantly and securely exchanging credit application information online.

"We need to be as frictionless as possible, reliable and bulletproof in handling the credit applications that come from the dealers to the banks," said Joel Gruber, chief information officer, RouteOne. "When you consider the sensitivity of information that flows through an SOA security is paramount. The RouteOne SOA, complemented by the WebSphere DataPower portfolio, delivers the performance, security, and scalability needed for the size and type of our applications."

The new IBM WebSphere DataPower XML Security Gateway XS40 validates, encrypts, signs, and authenticates industry standards including XML and WS-Security to provide a secure web services-based foundation. It also offers firewall functionality to fend off additional threats including denial of service attacks and provides access controls that help assure that the right individuals -- and no one else -- have access to information.

The new XS40 is part of a complete range of SOA appliances offered by IBM including the IBM WebSphere DataPower Integration Appliance XI50 for application integration and the IBM WebSphere DataPower XML Accelerator XA35 which off loads the processing of industry standard to provide more processing power for better application performance. All three SOA appliances are new today.

The WebSphere DataPower XML Security Gateway XS40 can also be integrated with IBM Tivoli security and management software to help enterprises reduce IT administration costs and address compliance needs. The WebSphere DataPower XML Security Gateway XS40 can be integrated with Tivoli Identity Manager and Tivoli Access Manager to efficiently manage user identities and control access to a company's applications. Tivoli Federated Identity Manager is used with the XS40 to provide policy-based integrated security management for federated Web services in an SOA environment. The WebSphere DataPower XML Security Gateway XS40 and the WebSphere DataPower Integration Appliance XI50 can also be integrated with IBM Tivoli Composite Application Manager for SOA to provide a comprehensive solution for monitoring, problem determination and centralized management of services.