Ibm Security Server Protection For Windows - IBM SP3001 Hardware Configuration Manual

SiteProtector Component
Reporting module
SecurityFusion module
Site Database
SP Core
SiteProtector Firmware
Standalone X-Press Update
Servers (optional)
System requirements
See the "Hardware and software requirements" topic under Planning in the Information Center (online
Help) for information regarding system requirements.
Note: The "Hardware and software requirements" topics apply only to add-on components because the
SiteProtector SP3001 appliance hardware meets all SiteProtector requirements.

IBM Security Server Protection for Windows

An embedded version of the IBM Security Server Protection for Windows is installed and configured on
the SiteProtector SP3001 appliance hardware and is delivered with a security policy that is predefined for
the SiteProtector SP3001 appliance's operating system and configuration.
Purpose of IBM Security Server Protection
IBM Security Server Protection for Windows, formerly Proventia Server for Windows, is a comprehensive
security application that protects the SiteProtector SP3001 appliance and your network from the
following:
v theft of corporate information, passwords, and other sensitive information
v attempts to use the SiteProtector SP3001 appliance to attack other systems
4
SiteProtector System: SP3001 Hardware Configuration
Description
The Reporting module generates graphical summary and compliance reports
that provides the information that you need to assess the state of your security.
Reports cover vulnerability assessment, attack activities, auditing, content
filtering, Desktop Protection security, SecurityFusion
The SiteProtector SecurityFusion module greatly increases your ability to
quickly identify and respond to critical threats at your Site. Using advanced
correlation and analysis techniques, the module identifies both high impact
events and patterns of events that may indicate attacks.
Impact analysis — The module correlates intrusion detection events with
vulnerability assessment and operating system data and immediately estimates
the impact of events.
The SiteProtector database stores raw agent data, occurrence metrics (statistics
for security events triggered by agents), group information, command and
control data, and the status of X-Press Updates (XPUs).
The SP core includes the following components:
v The application server, which includes the Sensor Controller component,
enables communication between the SiteProtector System Console and the
SiteProtector database.
v The X-Press Update Server stores X-Press Updates (XPUs) downloaded from
the IBM Security Download center and makes them available to the agents
and components on the network. The Update Server eliminates the need to
download updates for similar products more than once and allows users to
manage the update process more efficiently.
v SiteProtector Web Access is a interface that provides easy access to
SiteProtector for running reports and monitoring assets and security events.
SiteProtector firmware consists of the operating system and the database that
runs on the SiteProtector SP3001 appliance hardware.
In addition to the X-Press Update (XPU) Server that is installed with the SP
Core, you can install standalone X-Press Update Servers on separate computers.
™
and virus activity.