Scenario... Over the past year you have invested in antivirus software for your user workstations. You thought you had established a widespread and far reaching approach to protect your company from malicious code. Then it happens - you receive a phone call. The network administrator from one of your partner companies tells you that your Web Server is transferring viruses their way. How could this have been avoided? Was there a better way to prepare? Was there a more beneficial approach to deployment?
Through its Managed Security Services, IBM can offer anti-virus management to provide complete outsourcing of key activities at various points in your infrastructure. This provides a multi-tiered and in-depth approach to help protect against malicious code.
Managed antivirus perimeter defense
Managed antivirus perimeter defense will allow for the installation and configuration of software, owned by you, on your firewalls and/or gateways. The technology will work with the firewall to scan various protocols in and our outside of your company for malicious code. Virus definition updates will occur on schedule or as required and virus event logs will be monitored weekly for events requiring attention.
IBM consultants will provide advice on virus activity, providing limited incident response, and real-time response to "threshold monitoring" at an additional cost.
Managed antivirus vendor product updates
Though tested prior to release, antivirus software updates may require additional testing against your infrastructure to validate its effectiveness in your environment. IBM will provide virus pattern updates that have been properly tested with a scripted quality assurance test on a your client workstation for the protection of malicious code penetration. We will support customer anti-virus client products such as Symantec's Norton Anti Virus, McAfee, and Trend that have a defined virus definition update delivery system.
These tests are performed against six images that you provide. Any required updates to the product will be rolled out to your clients or gateways.
Antivirus and Internet security workshop
Understanding everything there is to know about security is impossible. With thousands of new vulnerabilities discovered every year and computer systems becoming more complex, it has become more than a full-time job to keep up with what is new in security.
Where do you start? There are industry conferences you can attend, papers and books you can read, but these can be time consuming, costly and sometimes frustrating. IBM can present your security team with a "Quick Start" workshop, designed to give your organisation the basics for starting or updating your security program. We offer two workshops that are focused on managed security - a two-day antivirus workshop and a five-day Internet security workshop, which includes the two-day anti-virus workshop.
Assess the possibility of malicious code in your business environment
The antivirus workshop is designed to assist with a malicious code security assessment of your business environment. The workshop results in a suggested action plan to protect their business assets from risks of unwanted malicious code intrusions. This session will take place at your site with an IBM consultant who is experienced and skilled in dealing with malicious code security matters. It is designed to assist in exploring various aspects of virus security and is customised to meet your needs. IBM will provide a written report upon completion of this workshop.
Assess the security of your Internet business environment
The Internet security workshop is designed to assist with a general security assessment of your Internet business environment. The workshop results in a suggested action plan to protect your business assets from risks of unwanted intrusions. This workshop includes the two day antivirus workshop. The Internet security planning session will take place at your site with an IBM consultant who is experienced and skilled in dealing with Internet security matters and incident management in today's business environment.
Managed antivirus enterprise defense
A comprehensive antivirus management solution for your entire network is your best defense against malicious code penetration. IBM can provide installation assistance, management, configuration, updates, and notification services for clients, servers, firewalls, gateways, and URL filter servers. Managed antivirus enterprise defense also includes emergency notification of new viruses, scheduled antivirus software definition updates, and an annual on-site workshop.
Managed URL filtering
This filtering will monitor and prevent users from visiting undesirable Web sites that could lead to malicious code activity.
Your URL filtering software will be installed and configured on your servers. IBM will support URL filtering software that automatically obtains rule updates from the software vendor. URL rule updates will occur on schedule and software will be updated as required. Logs will be monitored weekly for events requiring attention and your requests will be reviewed as they arise.
Early detection of virus activity can minimise the impact of a virus infection. IBM offers 24 hours 7 days a week monitoring of alerts generated by the anti-virus software when predetermined thresholds are exceeded. Personnel from the IBM Security Operations Center will analyze the incident(s) and initiate an agreed upon escalation process.