IBM Managed Security Services


IBM Managed Security Services










PDF version of this report
You must have Adobe Acrobat reader to view, save, or print PDF files. The reader
is available for free
download.

IBM Managed Security Services

by Karen Spring

Copyright 2019, Faulkner Information Services. All Rights Reserved.

Docid: 00021102

Publication Date: 1904

Report Type: PRODUCT

Preview

IBM offers an extensive portfolio of Managed Security Services designed for
enterprise clients. IBM is a large, stable provider of information
technology (IT) services, including security, and has broad visibility around
the world.

Report Contents

Vendor
Name: International Business
Machines (IBM) Corp
Headquarters
1 New Orchard Road
Armonk, NY 10504-1722
(914) 499-1900
(800) 426-4968
Fax: (914) 765-7382
Web: https://www.ibm.com/
Founded: 1914
Stock Symbol: IBM

Description

[return to top of report]

IBM offers an extensive portfolio of Managed Security Services (MSS) designed
for enterprise clients.


Related Faulkner Reports

AT&T Cybersecurity Services Product
Profile

BT Managed Security Services Product Profile

Dell SecureWorks Managed Security Services Product
Profile

Verizon Enterprise Managed Security Services
Product Profile

Enterprise Services

Maintaining the world’s largest threat and vulnerability database, IBM is
well positioned to offer standard security services, like firewall management;
and more in-depth offerings, like cloud security; Security Intelligence
Analyst, which provides enterprises with personalized security assistance; and
the latest addition to the security portfolio, Amazon GuardDuty Services.

IBM’s Managed Security Services include:

  • Firewall management
    – Provides customized managed firewall protection.
  • Information
    event management     – Protects clients with enhanced
    security intelligence and expertise using best practices.
  • Intelligent log
    management on cloud     – Reduces security risks to mobile and Web
    applications. 
  • Intrusion
    detection and prevention system management     – Secures networks from
    Internet attacks using a flexible pricing model. 
  • Security
    intelligence analyst     – Offers a dedicated specialist to provide
    in-depth analysis of security technologies, policies, and trends. 
  • Unified threat management – Helps protect assets, improve security posture, and better manage regulatory and audit requirements.
  • Security-rich Web gateway management
    Protects critical Web-based
    applications with flexible, cost-effective services.
  • Secure SD-WAN
    – Technologies for software-defined WAN service to secure current
    network infrastructures. 
  • IBM X-Force Cloud Security Services – Protects third-party
    cloud environments through advisory and managed security, including
    oversight into user activity. 
  • Endpoint security services – Comprises security tools and
    technologies to protect networks at the endpoints and enable speedy
    threat resolution. 
  • Amazon GuardDuty services – A suite of managed security
    services for GuardDuty to manage and protect workloads. 

Security Intelligence Analyst

The Security Intelligence Analyst (SIA) is a
dedicated Security Operations Center resource that works with clients to help
strengthen their overall security posture. The SIA:

  • Analyzes security intelligence and reviews daily security events within the context of the client’s network.
  • Prioritizes security efforts and provides feedback on client security policies.
  • Reviews monthly vulnerability scan results to help the client plan appropriate remediation tasks.
  • Supports compliance management and risk reduction through annual security device policy reviews.
  • Briefs the client on intelligence analyst reports.

Amazon GuardDuty Services

IBM announced the the GuardDuty services portfolio in 2018 so that Amazon Web
Services (AWS) customers can have enhanced protection. Features include: 

  • Additional security for GuardDuty’s monitoring capabilities beyond AWS. 
  • IBM X-Force Incident Response and Intelligence to boost security
    integration into existing workflow IBM QRadar Managed SIEM solutions. 
  • Central management of events via IBM’s Virtual Security Operations Center
    portal, Intelligent Security Monitoring, a screen monitoring service, or a
    client-licensed IBM QRadar SIEM. 
  • Second-stage analytics including augmented intelligence, global threat
    insight, and security process expertise for advanced event
    classification. 
  • IBM services for response planning, preparation, and remediation. 

Features

[return to top of report]

IBM Managed Security Services
offer:

  • Real-time access to IBM’s X-Force global threat analysis and service.
  • Customizable reporting capabilities. 
  • Access to IBM’s Virtual Security Operations Center. 
  • Support for third-party solutions including Check Point Software, Fortinet,
    and Cisco.
  • Access prevention of unauthorized users. 
  • Monitoring, management, and analysis of firewall logs.
  • 24/7 system monitoring and threat reporting. 
  • Security and compliance management.
  • A design that scales to support future growth. 
  • Single, unified architecture. 
  • Detection of advanced threats.
  • Choice for on-premise service, a hosted and managed model, or
    Software-as-a-Service option. 
  • Around-the-clock security and monitoring. 
  • Scaling to support millions of events per second. 
  • IBM X-Force threat analysis service.
  • Delivery of correlated data in a single-view portal. 
  • Visibility into user activity.
  • Management of hybrid cloud security. 
  • Consistent policies across multiple clouds and on-premise
    infrastructure. 
  • Real-time event monitoring and notification. 
  • Configuration and customization of policy settings. 
  • Continuous endpoint monitoring. 
  • Analysis and prioritization of daily security events based upon context
    and security policies. 
  • Review of monthly security scans to prioritize remediation efforts. 
  • Annual audits to support compliance and reduce risks. 
  • Management of intrusion prevention systems and firewalls. 
  • Oversight of Web filtering, antispam, and antivirus cap. 

Environment

[return to top of report]

Virtual SOC Portal

IBM Managed Security Services (MSS) clients receive access
to the Virtual SOC Portal, a secure Web-based tool
that allows them to easily monitor the security of their systems 24/7/365.

The Virtual SOC Portal features:

  • Security
    intelligence and threat analysis summaries that review Internet threat
    activity around the world.
  • Interactive content, daily notifications,
    alerts, advisories, trend analysis, and attack metric reporting. 
  • Easy-to-read,
    business-focused reports with customizable views of activity at the
    enterprise, work group, and device levels.
  • Support
    on demand with real-time, interactive communications, and security "ticket"
    data.
  • Intelligent
    event correlation and analysis that matches all security datasets against
    pre-determined alert and response criteria – as well as initiate actions
    to thwart malicious activity.
  • Analysis of past and current security events with full portal search
    capabilities.
  • Scanning
    and penetration testing tools to periodically check security devices,
    networks, and applications for vulnerabilities.
  • A mobile interface
    access option that enables remote access from portable, mobile electronic devices.

Security Operations Centers

IBM Managed Security Services are delivered from eight 24/7
Security Operations Centers (SOCs):

  • Two in the US
  • One in India
  • One in Belgium
  • One in Costa Rica
  • One
    in Brazil
  • One in Tokyo
  • One in Wroclaw, Poland

Major Competitors

[return to top of report]

  • AT&T
  • Cisco
  • Secureworks
  • Symantec
  • Verizon Enterprise
  • Trustwave
  • Sophos

Conclusion

[return to top of report]

As a respected, often revered,
brand in information technology, IBM has the experience, expertise, and
resources to mount a robust and reliable defense against network,
server, and desktop threats. No newcomer to the managed security
space, IBM has offered Managed Security Services since 1995.

IBM has invested heavily in its security offerings year after year. In April
2018, the vendor announced new machine learning security tools in the form of
its Resilient Incident Response Platform. According to IBM, its scientists spent
about 200,000 hours developing this software, which is intended to help
companies swiftly deal with data breaches. Another new offering is X-Force
Threat Management Services, which automates the detection of threats through
artificial intelligence. IBM has determined that the best way to combat threats
is by marrying human intelligence with machine-based intelligence. Marc von
Zadelhoff, IBM Security general manager, said, "The collaboration between
humans and intelligent machines is going to affect every industry. In security,
we see this manifesting itself first in the security operations center where the
data only keeps growing."1

Gartner recognized IBM in its 2018
Magic Quadrant for Managed Security Services. IBM has consistently been a
leader for a number of years along with other notable vendors. 

With security being such a critical topic today, companies realize they must
make the investment to secure their networks, infrastructures, and devices.
Recent high-profile breaches like those affecting Marriott, Equifax, Yahoo, and the Office of Personnel and Management are just a few of the
data compromises that have dotted the news. Alongside data breaches,
phishing attacks and malware continue to rise. IBM has also pointed out that
cryptojacking – a technique that swipes an organization’s computing power to
mine for cryptocurrency without the victim being aware – rose exponentially in
2018. 

One
thing is certain: no company or individual is
immune. Companies have also had to bend to the convenience and efficiency of
employees using their own mobile devices and smartphones in the workplace. This
opens up a whole new proverbial can of worms when it comes to security, but many
organizations don’t have the manpower or resources in their own IT departments
to handle constantly emerging and sophisticated threats. IBM’s
wealth of security services are designed to alleviate the danger caused by
today’s threats. Although
there are other vendors in this market, IBM is clearly a leader. 

[return to top of report]

AT&T: https://www.att.com/
Cisco: https://www.cisco.com/ 
IBM: https://www.ibm.com/
Secureworks: https://www.secureworks.com/
Sophos: https://www.sophos.com/ 
Symantec: https://www.symantec.com/
Trustwave: https://www.trustwave.com/ 
Verizon Enterprise: http://www.verizonenterprise.com/

References

1 Jonathan Dyble. "IBM Security
Enhances Capabilities Using Machine Learning." Gigabit. April
17, 2018. 

About the Author

[return to top of this report]

Karen M. Spring is a staff editor for Faulkner Information
Services, tracking high-tech industries, including network security, data
breaches and cybercriminal activity, CRM, network management, Internet security,
and software tools. She writes regularly on high-tech topics for publications in
the k-12 and higher education industry. Previously, Ms. Spring was a marketing
specialist for two computer distributors, working closely with such clients as
3Com, IBM, Okidata, Unisys, and Acer.

[return to top of this report]