the roi on intrusion prevention: protecting both your network & investment
TRANSCRIPT
© 2015 IBM Corporation
The Total Economic Impact™ of IBM Security Network Protection (XGS)
Ben HarrisBusiness Technology Strategy ConsultantForrester Consulting
Paul GriswoldProgram Director, Strategy & Product ManagementThreat Protection & X-ForceIBM Security
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
2© 2015 IBM Corporation
Threat Management.NEXTNew protection and integration capabilities
to stay ahead of the threat
Advanced Malware DefenseBlocks malware
infections on the
network
The history of IBM Security Network Protection (XGS)Evolving beyond intrusion prevention to provide greater value
SSL InspectionProtects against attacks
hidden inside encrypted
trafficURL/App Control
Protects users from visiting
risky siteson the web
Web App ProtectionHeuristically protects
against common app-based
attacksBehavioral Defense
Protects against attacks basedon behavior, not specific
vulnerabilities
Intrusion PreventionProtects
attacks on vulnerabilities,
not exploitsIntrusion
Detection
Evo
lutio
n ba
sed
on c
lient
nee
ds
1997+ 2002+ 2005+ 2008+ 2012+ 2013+ 2014+ Future
3© 2015 IBM Corporation
XGS appliance models
IBM Network Protection XGS
Capabilities per Model XGS 3100 XGS 4100 XGS 5100 XGS 7100 XGS Virtual
Inspected Throughput Up to 800 Mbps Up to 1.5 Gbps Up to 7.0 Gbps Up to 25 Gbps Up to 1 Gbps
Flexible Performance Levels 400 and 800 Mbps
750 Mbps and
1.5 Gbps 2.5, 4.0,
5.5, and 7.0 Gbps 5, 10, 15,
20, and 25 Gbps600 Mbps and
1 GBps
Inspected Throughput (with SSL/TLS)
Up to 500 Mbps (in)Up to 400 Mbps (out)
Up to 900 Mbps (in)Up to 700 Mbps (out)
Up to 4.5 Gbps (in)Up to 2.5 Gbps (out)
Up to 12 Gbps (in)Up to 7.5 Gbps (out)
Up to 500 Mbps (in)
Up to 400 Mbps (out)
Pluggable Network Interface Modules 0 1 2 4 0
Protected Segments 2 Up to 6 Up to 10 Up to 16 Up to 4
XGS 5100
XGS 4100
XGS 7100
XGS 3100
4© 2015 IBM Corporation
In the past two years, IBM has introduced:
Five new XGS models, covering throughput from 400 Mbps to 25 Gbps + virtual environments
On-appliance inbound and outbound SSL inspection
IP reputation, including intelligence from 270M hosts via Trusteer
Industry-first Flexible Performance Licensing, allowing customers to increase inspected throughput via a software license
IBM Threat Protection System, including integrations with IBM products + FireEye, Damballa, and Trend Micro (with more to come)
Enhanced QRadar integration, including layer 7 flow data and right-click quarantine to block operator-detected threats
OpenSignature support, which allows users to detect and block custom traffic patterns using the SNORT syntax
5© 2015 IBM Corporation
Ahead of the Threat Protection by IBM X-Force
ShellshockCVE 2014-6271
MS OLE Remote Code ExecutionCVE-2014-6332
MS SharePoint Priv EscalationCVE-2015-1640
IE Cross-Domain Info DisclosureCVE-2015-0070
Cisco PrimeSQL InjectionCVE-2015-6350
DisclosedIBM Protection
2007 2015
Sept 2014Jun 2007
(10 other vulnerabilities covered)
Shell_Command_Injection7.3 years ahead
Oct 2014
6.8 years ahead(201 other vulnerabilities covered)
CompoundFile_Shellcode_DetectedFeb 2008
Apr 2015
(31 other vulnerabilities covered)
HTTP_HTML_Tag_InjectionNov 2008
6.4 years ahead
Feb 2015Nov 2008
(10,000+ other vulnerabilities covered)
Cross_Site_Scripting
6.3 years ahead
Oct 2015Jun 2007
(9,500+ other vulnerabilities covered)
SQL_Injection6.9 years ahead
6© 2015 IBM Corporation
Backed by the reputation and scale of IBM X-Force
IBM X-Force Exchange
Research and collaboration platform and API
Security Analysts and Researchers
Security Operations Centers
(SOCs)
Security Products and Technologies
OPENa robust platform with access to a wealth of threat intelligence data
SOCIALa collaborative platform for sharing threat intelligence
ACTIONABLEan integrated solution to help quickly stop threats
A new platform to consume, share, and act on threat intelligence
IBM X-Force Exchange is:
Try it today at http://xforce.ibmcloud.com
7© 2015 IBM Corporation
Learn more about IBM Security Network Protection (XGS)
countries where IBM delivers managed security services
industry analyst reports rankIBM Security as a LEADER
enterprise security vendor in total revenue
clients protectedincluding…
130+
25No. 1
12K+
90% of the Fortune 100 companies
Visit the website IBM Security Network Protection
Watch the videosIBM Security Network Protection
Read new blog postsSecurityIntelligence.com
Follow us on Twitter@ibmsecurity
Join IBM X-Force Exchangexforce.ibmcloud.com
© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.
THANK YOUwww.ibm.com/security
The Total Economic Impact™ Of IBM Security Network Protection (XGS) WebinarForrester Consulting
Ben HarrisConsultantFebruary 10, 2016
© 2016 Forrester Research, Inc. Reproduction Prohibited11
Source: The Total Economic Impact of IBM Security Network Protection (XGS), February 2016
Agenda
›What is TEI?›Executive summary›Analysis›Financial summary›Question and answer
Please note:This slide presentation is an abridged, graphical, and complementary representation of a case study.
For a full explanation of methodology and details on model calculations, please refer to the full case study IBM Security Network Protection (XGS) February 2016
© 2016 Forrester Research, Inc. Reproduction Prohibited 12
What is TEI?Background and methodology
© 2016 Forrester Research, Inc. Reproduction Prohibited13
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
“Next level” business case justifications are increasingly vital for critical investments
Somewhat important
33%
Somewhat unimpor-
tant4%
Not at all important
3%
Very important60%
TCO ROI TEI
IT ImpactIT costs
IT cost savings
Business Impact
User efficiency
Business effectiveness
Risk/ uncertainty
Risk mitigation
Risk versus reward
Strategic Impact
Scalability
Flexibility Base: 825 IT decision-makers at North American enterprises
Do I need a business case? What is an effective business case?• Over 90% of IT decision-makers
find value in a business case• TEI adjusts for risks and factors the flexibility
of a product into the case study
© 2016 Forrester Research, Inc. Reproduction Prohibited14
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
The TEI framework centers on quantifying benefits, capturing costs, evaluating flexibility, and adjusting risk
Benefits
Costs
Flexibility
Total Economic ImpactTM
(TEI)
Risk
© 2016 Forrester Research, Inc. Reproduction Prohibited15
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
The TEI approach involves key stakeholders at Forrester, IBM, and IBM’s customers
Perform due diligence
Conduct customer interview
Construct financial
model
Write case study
Deliver webinar
• Consult Forrester Analyst
• Interview IBM stakeholders
• Interview with IBM customer
• Collect data
• Populate model
• Describe the model
• Review with interviewee
• Webinars• Presentation
© 2016 Forrester Research, Inc. Reproduction Prohibited16
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
Disclosures
The audience should be aware of the following:› This document is an abridged webinar version of a full case study (Forrester Total Economic
Impact of IBM Security Network Protection (XGS), February 2016).
› The study is commissioned by IBM and delivered by the Forrester Consulting group.
› Forrester makes no assumptions as to the potential return on investment that other organizations will receive. Forrester strongly advises that readers should use their own estimates within the framework provided in the report to determine the appropriateness of an investment in IBM
› IBM reviewed and provided feedback to Forrester, but Forrester maintains editorial control over the study and its findings and does not accept changes to the study that contradict Forrester’s findings or obscure the meaning of the study.
› The customer name for the interview was provided by IBM.
› Forrester does not endorse IBM.
© 2016 Forrester Research, Inc. Reproduction Prohibited 17
Executive summaryHigh level findings
© 2016 Forrester Research, Inc. Reproduction Prohibited18
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
XGS delivers security and performance as well as an attractive ROI
Return on Investment: 340%
Net Present Value: $1,075,592
Payback Period: 1.9 months
Based on an analysis of IBM XGS’s customer feedback, Forrester has determined XGS has the following three-year risk-adjusted financial impact:
EXECUTIVE SUMMARY
XGS Interviewed organization Robust security and desirable performance
© 2016 Forrester Research, Inc. Reproduction Prohibited 19
AnalysisInterview highlights and model
© 2016 Forrester Research, Inc. Reproduction Prohibited20
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
Forrester interviewed one organization, who shared their challenges and objectives prior to using XGS
Small security team Required high availability
Network performance critical Security attacks common to region
© 2016 Forrester Research, Inc. Reproduction Prohibited21
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
The interviewed organization noted several key results from its investment in XGS
“Choosing XGS was a no-brainer because of the ability to utilize the SSL decryption for inbound traffic.”
- Deputy chief security officer
“Configuring the rules is incredibly easy.”
- Deputy chief security officer
“We deployed the configuration that actually blocks the regions that are known for their hostility against our country’s organizations.”
- Deputy chief security officer
© 2016 Forrester Research, Inc. Reproduction Prohibited22
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
The interviewed organization quantified key benefits resulting from its investment in XGS
NETWORK PERFORMANCENo degradation in
network speed
SECURITYFinancial impact of
a breach
AVAILABILITYHighly available
network
MANAGEMENT &
CONFIDENCEManage access and traffic from
one solution
© 2016 Forrester Research, Inc. Reproduction Prohibited23
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
Network performance with robust security
• XGS allows for high productivity without additional network tuning
• Hardware and software is a one-time metric
Metric Year 1 Year 2 Year 3
Total population 2500 2500 2500
% of population affected 15% 15% 15%
Time impacted 40 40 40
Productivity factor 20% 20% 20%
FTE cost per hour $60 $60 $60
FTE cost avoidance of network tuning $150,000 $150,000 $150,000
Current HW & SW solution costs, including maintenance (already purchased) $200,000
Network performance $530,000 $330,000 $330,000
Network per-formance
73%
Three-Year Benefit
© 2016 Forrester Research, Inc. Reproduction Prohibited24
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
The cost avoidance of a security breach
• Assuming one breach in a three-year period
• Reflects benefit realization in the first year
Metric Year 1 Year 2 Year 3
Cost of an incident $15,400,000
Probability of breach 9.000%
% reduction 20%
Security $277,200
Security $277,200
Security17%
Three-Year Benefit
© 2016 Forrester Research, Inc. Reproduction Prohibited25
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
What availability means
• Lost revenue and % reduction are key drivers
• Variables are based on research
Metric Year 1 Year 2 Year 3
Lost revenue $1,570,000 $1,570,000 $1,570,000
Regulatory fines related to downtime $125,000 $125,000 $125,000
Probability of breach 3.000% 3.000% 3.000%
% reduction 20% 20% 20%
Availability $10,170 $10,170 $10,170
Availability2%
Three-Year Benefit
© 2016 Forrester Research, Inc. Reproduction Prohibited26
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
Benefits to the technology executives
• Extends security team by taking security policy updates away
• Allows the team to control access simply yet effectively
Metric Year 1 Year 2 Year 3
FTE cost avoidance of managing security policies $150,000 $150,000 $150,000
% reduction 30% 30% 30%
Management and confidence $45,000 $45,000 $45,000
Management & Confidence
8%
Three-Year Benefit
© 2016 Forrester Research, Inc. Reproduction Prohibited27
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
Traditional hardware and licensing cost structure
29%
16%27%
28%
Hardware -- $101,352
Initial costs• $101,352
Ongoing costs• N/A
Licensing fees -- $57,680
Initial costs• N/A
Ongoing costs• $57,680 in year 2
© 2016 Forrester Research, Inc. Reproduction Prohibited28
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
Modest maintenance and implementation costs
29%
16%27%
28%
Maintenance -- $95,584
Initial costs• $22,248
Ongoing costs• $36,668 in years 2 & 3
Implementation -- $100,000
Initial costs• N/A
Ongoing costs• $75,000 in year 1• $25,000 in year 3
© 2016 Forrester Research, Inc. Reproduction Prohibited29
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
In addition to benefits and costs, TEI includes potential future “flexibility” options
Flexibility, as defined by TEI, represents the opportunity to make an investment in additional capacity or capability that could be turned into future business benefit:› SLL encryption inspection
› Geo-blocking
© 2016 Forrester Research, Inc. Reproduction Prohibited 30
Financial summaryResults
© 2016 Forrester Research, Inc. Reproduction Prohibited31
Source: The Total Economic Impact™ Of IBM Security Network Protection (XGS), February 2016
The three-year cash flow for XGS shows a ROI of 340%, a NPV of over $1M, and a payback period of 1.9 months
Initial Year 1 Year 2 Year 3($200,000)
$0
$200,000
$400,000
$600,000
$800,000
$1,000,000
$1,200,000
$1,400,000
Financial Analysis (risk-adjusted)
Total costs Total benefits Cumulative total
Cas
h flo
ws
Cash Flow Analysis
Summary Initial Year 1 Year 2 Year 3 TotalPresent Value
Total costs ($123,600) ($75,000) ($94,348) ($61,668) ($354,616) ($316,087)
Total benefits $0 $862,370 $385,170 $385,170 $1,632,710 $1,391,679
Total ($123,600) $787,370 $290,822 $323,502 $1,278,094 $1,075,592
ROI 334% 340%
Payback period (months) 1.9
© 2016 Forrester Research, Inc. Reproduction Prohibited 32
Question and answer