cases for ibm xgs5000 (5.0) demo

© 2013 IBM Corporation

IBM Security Systems

IBM Next Generation IPS (XGS5000) demo



XGS5000 demo setup

Hacker

InternetInternet

Server UserDesktop

XGS5000



XGS5000 demo setup – firmware, xpu, url & web db



XGS5000 demo setup – inline blocking



XGS5000 demo setup – leverage on X-Force default signature & blocking



XGS5000 demo setup – fixpacks



Test cases

1. Blocking Web Application attacks2. Blocking malicious files3. Application control

• Blocking uploads4. URL control5. Enforcing user authentication6. Identifying applications and users

• Application that takes up the most bandwidth• Top users of a specific application• Breakdown of network and application traffic for a specific user• Breakdown of Web traffic category



IBM X-Force detailed information on web applications, URLs



Blocking Web Application attacks – vulnerable web server



Blocking Web Application attacks – attempting XSS injection attack



Blocking Web Application attacks – page cannot load



Blocking Web Application attacks – XGS blocks attack



Blocking malicious files – attempt to download file from server



Blocking malicious files – download disrupted



Blocking malicious files – XGS blocks malicious file download



Blocking uploads



Blocking uploads – create new rule



Blocking uploads – create web application object



Blocking uploads – control uploading of data



Blocking uploads – deploy changes



Blocking uploads – add web application object to the rule



Blocking uploads – policy deployed



Blocking uploads – user logs in to email



Blocking uploads – user compose email



Blocking uploads – user attempt to upload file as attachment in the email



Blocking uploads - uploading



Blocking uploads – upload fail



Blocking uploads – XGS blocks upload via email



URL control – create a new rule



URL control – deploy changes



URL control – create new URL list



URL control – add URL to block in the list



URL control – URL list to rule



URL control – user attempt to access URL



URL control – user redirected to XGS



URL control – XGS display warning message, URL has been blocked



URL control – XGS blocks URL



URL control – access to other URL in the same domain is allowed



Enforcing user authentication – create group and user objects



Enforcing user authentication – create group



Enforcing user authentication – create group and user objects



Enforcing user authentication – user object



Enforcing user authentication – specify group membership



Enforcing user authentication – object created



Enforcing user authentication – create rule, source = unauthenticated users



Enforcing user authentication – deploy changes



Enforcing user authentication – create web application object



Enforcing user authentication – specify granular control for YouTube



Enforcing user authentication – add object to rule



Enforcing user authentication – set action to Authenticate



Enforcing user authentication – user attempt to access youtube



Enforcing user authentication – user attempt to load a video on YouTube



Enforcing user authentication – user redirected to authentication page



Enforcing user authentication – user fills in credentials



Enforcing user authentication – user redirected to YouTube video



Application that takes up the most bandwidth



Top users of a specific application



Breakdown of network and application traffic for a specific user



Breakdown of Web traffic category



ibm.com/security

© Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposesonly, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the useof, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating anywarranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreementgoverning the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available inall countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s solediscretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in anyway. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the UnitedStates, other countries or both. Other company, product, or service names may be trademarks or service marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and responseto improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriatedor can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secureand no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed tobe part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems,products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THEMALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

cases for ibm xgs5000 (5.0) demo

Technology

web application object

web application attacks2

web applications

application traffic

users application

url web db

malicious file download

malicious files3