News

12:00 PM
Connect Directly
RSS
E-Mail
50%
50%

HP Portal Crowdsources Security Threat Intelligence

Along with threat intelligence sharing portal, HP reveals next-generation firewall, a self-healing BIOS, and revamped DDoS detection and mitigation services.

HP Tuesday announced a number of new and updated security offerings, including its first-ever next-generation firewall, as well as HP Threat Central, which is the company's first-ever crowdsourced portal designed for sharing real-time information on online attacks.

HP Threat Central will allow "vetted and correlated threat intelligence" from HP and selected partners to be disseminated via an online portal, where participants can also discuss and comment on information, said Art Gilliland, senior VP and general manager of HP's enterprise security products, speaking by phone. Related threat intelligence can also be piped directly into HP ArcSight for mitigating related attacks.

HP's push for crowdsourced threat intelligence sharing reflects how the best security tools in the world won't save enterprises if they don't know what types of emerging threats they're facing. To date, too many businesses have been operating in relative information security isolation.

"The things that have been blocking threat sharing: one is trust, and the other is you have to take the data and analyze it yourself," Gilliland said.

On the analysis tip, information from HP Threat Central -- which is currently being beta tested by a group of HP ArcSight customers -- will be in Structured Threat Information eXpression (STIX) language format, and can be obtained using the Trusted Automated eXchange of Indicator Information (TAXII) message exchange service specifications. "Both of those are standards -- neither one has won yet -- being worked on by the MITRE Corporation," Gilliland said, and together they enable cross-platform threat intelligence information sharing.

[ Maybe crowdsourced threat intelligence will be better than this: Federal DDoS Warnings Are Outdated. ]

Beyond Threat Central, HP also announced the debut of its first-ever next-generation firewall, which -- as defined by Gartner -- refers to "deep-packet inspection firewalls that move beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention and bringing intelligence from outside the firewall."

"We have a very good IPS system, which is essentially protecting the apps and data that sits in data center," said Gilliland, referring to the HP TippingPoint IPS (aka intrusion prevention system). "The challenge is that the threats are now coming in and attacking the users, so these next-generation firewalls and IPS systems are, to a certain extent, converging."

HP built its next-generation firewall from scratch, using its IPS platform as a base. "Why we think we'll be quite effective at this is we are incredibly effective at blocking threats with our IPS technology, and that's one of the challenges associated with using next-generation firewalls," Gilliland said, referring to the need to not just spot attacks, but also follow through and adjust defenses throughout the enterprise infrastructure. For example, he said, HP's use of a common policy framework means that if a next-generation firewall reports an ongoing attack, TippingPoint customers can create one related security rule, then apply it to every TippingPoint device, for example to create virtual patches that lock down a vulnerability attackers might be trying to exploit.

HP also announced Tuesday that its HP BIOSphere firmware ecosystem will gain what it's dubbed "HP SureStart technology," which allows the BIOS to heal itself should it be attacked or corrupted. "The hardware will defend itself above and beyond the other types of protections you'll find on the client," Gilliland said.

Other announcements from HP, meanwhile, included a continuous vulnerability monitoring service for U.S. government agencies, plus new enterprise managed security service capabilities, including better distributed denial of service (DDoS) attack detection and mitigation, as well as new bring-your-own-device (BYOD) and mobility services.

Learn more about defending your organization by attending the Interop conference track on Risk Management and Security in New York from Sept. 30 to Oct. 4.

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Laurianne
50%
50%
Laurianne,
User Rank: Apprentice
9/17/2013 | 5:07:26 PM
re: HP Portal Crowdsources Security Threat Intelligence
What are existing similar options like this, Mat? What is HP bringing to the table that's special?
Mathew
50%
50%
Mathew,
User Rank: Apprentice
9/18/2013 | 12:19:44 PM
re: HP Portal Crowdsources Security Threat Intelligence
The self-heeling BIOS is all new. Isn't necessarily defending against real-world attacks, but I think it's interesting nonetheless.

As noted but Marcia, HP is very late to the next-gen firewall game, which has multiple well-regarded players already. HP's play is that IT managers will prefer one throat to choke, and benefit from having a more easy to manage security infrastructure. That's the pitch.

On the threat intelligence sharing front, meanwhile, it's still early days for all concerned, as the yet-to-be-decided MITRE information-sharing standards suggest. Furthermore, there are steep cultural and business barriers today that prevent the easy sharing of threat intelligence. HP is arguably putting a stake in the ground, but whether businesses buy in -- either to its next-gen firewall, or vision for crowdsourced threat intelligence sharing -- remains to be seen.
MarciaNWC
50%
50%
MarciaNWC,
User Rank: Strategist
9/17/2013 | 8:02:21 PM
re: HP Portal Crowdsources Security Threat Intelligence
It seems that HP is sort of late to the next-generation firewall market; it's become a crowded space.
Cartoon
Slideshows
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
2014 State of Unified Communications
2014 State of Unified Communications
If you thought consumerization killed UC, think again: 70% of our 488 respondents have or plan to put systems in place. Of those, 34% will roll UC out to 76% or more of their user base. And there’s some good news for UCaaS providers.
Video
Twitter Feed