IBM Internet Security Systems: Early BirdBy Brian P. Watson | Posted 2006-12-06 Email Print
A vendor with a knack for getting ahead of network threats begins a new life with IBM.
When Internet Security Systems (ISS) entered the network security business in 1996, the Web was still emerging and commercial sites were just beginning to rise. The biggest threats, according to product marketing manager Jim Brennan, were exploiting vulnerabilities in Web servers and defacing Internet sites.
Recognizing those vulnerabilitiesnot just the potential threatsset apart ISS from the competition, customers say. Now the vendor begins its second life, with another three-letter company, IBM, which acquired ISS for $1.3 billion in October.
Eric Latalladi, chief technology officer for J.B. Hanauer, a Parsippany, N.J., brokerage firm, first worked with ISS products in 1999, when he worked at General Motors Acceptance Corp.
He first used ISS' RealSecure, an intrusion detection system, and switched to the Proventia Network Intrusion Prevention System, an appliance that sits in-line on the network and blocks malicious traffic.
When Zotoba worm that attacked a vulnerability in Microsoft Windows 2000 systemsstruck computer networks in August 2005, J.B. Hanauer was secure. Why? According to Latalladi, ISS had identified the threat in April, notified Microsoft and sent a patch to users.
This was no surprise for Latalladi: "Seven times out of 10, when a Microsoft exploitation comes out, I was protected three months ago" by ISS, he says.
Same goes for Bob Hartland, director of information-technology servers and networking systems at Baylor University in Waco, Texas. In the case of the Zotob worm, Hartland, too, says ISS helped secure his network three months in advance. "That's happened on many occasions for us," he adds.
The company's success fighting Zotob and other attacks is at the heart of ISS' approach, Brennan says. Instead of developing technology to only identify intrusive traffic, he says, ISS also focused on finding core vulnerabilities in the network.
Hartland says he was "amazed" how easy the Proventia system was to use. For one, he says his team learned the tools themselves, without any training. On top of that, getting the system ready out of the box was practically instantaneous. "They told us it was plug and play. We said, "Yeah, right,'" he says. "But literally, when we got the box, we plugged it in, and it was on."
Brennan says ISS will benefit from added R&D budget and personnel from IBM. Still, some customers are closely watching the deal, hoping ISS' support won't get swallowed up in IBM's global organization.
"I don't like dealing with big companies all the time," Latalladi says. "I'm not a big client, but [ISS] pays a lot of attention to me."
Wayne Jones, information and communication technologies manager for Basis, a U.K. management consultancy, says he hasn't heard anything from ISS about the merger, but agrees with Latalladi.
Jones says getting answers to support questions slowed by a day or two when IBM took over support for one of Basis' vendors, Cable & Wireless.
But Jones says he can't help but be optimistic. Basis started using a Proventia M10 intrusion detec-
tion and prevention appliance in 2004. Since then, Jones says he's had two problems: one with hardware, the other with software updates failing to come through to the box.
In both cases, he says, ISS resolved the problem within two days. "The box has been totally reliable," he says.
"I can't say enough about it."