Recently a major vulnerability in the open source GNU C Library (aka ‘glibc’) was disclosed to the public. We discussed in a post on February 19th, how to tell if you were affected by the glibc vulnerability and how the CenturyLink Cloud platform was largely unaffected by the issue. For many users and providers, however, that was not the case. Despite a patch being issued in parallel with the disclosure, this revelation undoubtedly kicked-off a scramble in IT organizations of all sizes and industries to evaluate the level of exposure this vulnerability presents within their overall environment.
For most companies the ability to estimate quickly and accurately their level of risk to a vulnerability like glibc just doesn't exist. Even if a company has a robust threat evaluation process, IT personnel usually aren't equipped to answer the real question of whether the cost -- both tangible and intangible -- and risk associated with performing emergency maintenance and patching is a necessary or a worthwhile investment. Sometimes, a patch isn't available at the time of the disclosure and doesn’t have that option. Essentially, IT personnel can know that the company is vulnerable, yet there isn’t anything they can do about it. Either way, it is an unnerving situation for any company to be in. It's also unnecessary.
One of the benefits of our host-based IPS solution is the ability to “virtually” patch a server against a vulnerability without incurring any outage or downtime in the customer environment. That capability eliminates the IT scramble often associated with emergency patching.
Within three (3) days after the glibc venerability disclosure CenturyLink Cloud compiled an updated lists of IPS signatures and associated smart rules needed to protect against any glibc attack. The updates were distributed automatically without any customer action and took effect immediately. Putting that into perspective, while most companies were still evaluating their level of exposure and determining an appropriate course of action, CenturyLink Cloud's Intrusion Prevention Service had already protected servers against the vulnerability without effecting uptime.
Through a simple Agent Install process you can have the peace of mind that comes with knowing your servers are protected with IPS Anywhere. If your IT footprint spans multiple locations, on-premise data centers, colocation facilities, public cloud, or hybrid cloud we still have you covered. Our Intrusion Protection Service can protect you anywhere and everywhere you are. With regular updates we continuously protect your IT environment against new and existing vulnerabilities such as glibc. It's quick and easy, which allows you to focus your efforts on providing value to your customers.
How to Get Started with CenturyLink Cloud IPS
Not yet a Customer? No problem! You can get started with a free trial of the CenturyLink Cloud® platform.
Already a Customer? The Getting Started with CenturyLink Cloud IPS is a great resource to get the service up and running. The IPS Services web page is full of use cases, demos, and information to get you started.
Support Questions? If you need help getting the IPS service deployed in your environment or would like to see additional operating systems supported, we are happy to assist. You can reach us via email.
Want to learn about how to keep your IT environment more secure?
Check out these security articles.