HP Unveils Threat Protection System Based on Virtual Patching

    Slide Show

    Five Common Data Encryption Myths

    Aiming to provide a closed-loop approach to IT security, Hewlett-Packard this week at the Black Hat 2015 conference unveiled an HP TippingPoint Threat Protection System designed to provide actionable intelligence that gets used to remediate vulnerabilities in real time.

    Don Closser, vice president and general manager for TippingPoint within the HP Enterprise Security Products group, says this offering makes extensive use of “virtual patching” at the edge of the network to thwart attacks by disrupting the malware’s ability to infect a specific application.

    Via a Digital Vaccine service provided by DVLabs, Closser says HP can either tap into a library of signatures that are associated with known threats or dynamically generate new signatures based on the anomalous behavior of a potential threat. Once that threat is identified, the system automatically generates the appropriate virtual patch.

    In addition, Closser notes the system provides IT organizations with visibility into encrypted traffic, which is becoming a much larger percentage of the traffic being generated across the Internet.

    The HP TippingPoint Threat Protection System can be deployed as a next-generation intrusion prevention system (IPS) or a next-generation firewall (NGFW). The platform comes in three flavors: the enterprise class 440T Threat Protection System, the 2200T Threat Protection System for mid to large enterprises, and the V Series Virtual Threat Protection System delivered as a virtual appliance. As network and security services continue to converge, Closser says it’s become easier for vendors to actually deliver closed-loop security products that not only identify threats, but more importantly remediate the vulnerability.

    Most IT organizations have a difficult time keeping up with all the patches they are supposed to deploy to keep applications secure. While virtual patching doesn’t eliminate the need to apply patches, it does buy IT organizations precious time against threats that are often specifically designed to exploit a particular vulnerability. As is often the case when it comes to security, time is, of course, rarely on the side of the IT organization.

    Mike Vizard
    Mike Vizard
    Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.

    Latest Articles