IBM PowerSC

Real security means protecting information in your virtualized environment

CIOs and IT Architects are transitioning to new IT architectures like Cloud Computing, Service Oriented Architecture (SOA) and xml web services to facilitate rapid deployment of new workloads to meet changing business demands. These new architectures pose new security risks. IBM Power Systems servers coupled with PowerVM technology are designed to help clients build a dynamic infrastructure with a secure virtualization environment.

PowerVM hypervisor provides isolation in these virtualized environments. Through advanced dynamic logical partitioning (LPAR) capabilities, a single partition can act as a completely separate AIX, i, or Linux operating environment. Partitions can have dedicated or shared processor resources. Application development and testing can be performed in secure independent domains.

PowerVM hypervisor facts:

• The PowerVM hypervisor is secure by design. IBM is the only vendor who designs the virtualized environment from bare metal through the hypervisor.
• PowerVM is certified at an Evaluated Assurance Level 4+
• Zero vulnerabilities reported against PowerVM by US CERT (link resides outside of ibm.com) or by MITRE Corporation (link resides outside of ibm.com)

Real security means mitigating threats before they become a problem

IBM’s UNIX operating system introduces multiple security enhancements to help you secure your IT environment.

AIX facts:

• Role Based Access Control (RBAC) offers simplified administration and least privilege use hardening
• Trusted AIX/Multi Level Security (MLS)* offers Labeled security, mandatory access controls
• Enhanced long password hashing and support for pass phrases
• AIX Stack Execution Disable (SED) prevents the successful exploitation of many types of buffer overflows.
• RealSecure Server Sensor combines several protection technologies into a single multi-layered agent that protects AIX servers and applications from known and unknown threats with integrated firewall and a vulnerability-centric Intrusion Prevention System (IPS).