Identity and Access Management

Size: px
Start display at page:

Download "Identity and Access Management"

Transcription

1 Identity and Access Management Prospettiva di un Software vendor Marco Venuti Compliance Sales Lead - Novell EMEA

2 Identity and Access Management Agenda Il Mercato della Sicurezza Logica Produttori - Chi fa cosa Consumatori Chi compra cosa e perche Soluzioni di Sicurezza Logica Identity Management Access Management Event Management Implicazioni del trend verso il Cloud Conclusioni 2 Novell Inc. All rights reserved

3 Making the Connection Il Perchè dell'identity Management IDENTIFY MANAGE MANAGE SECURE

4 Novell at a Glance Countries Years of Experience Partners Million in Revenue Employees Inventions Billion in Cash Customers 4

5 IT Landscape Mixed IT Environments Consulting, Systems Integration Vendors Application Vendors Systems Software Vendors Novell Hardware Vendors 5

6 IT Landscape Mixed IT Environments Consulting, Systems Integration Vendors ACN CAP Atos Solution Providers Application Vendors Systems Software Vendors Hardware Vendors EMC Sun HP SAP Novell Dell Lenovo MS Oracle Hitachi Fujitsu NEC IBM 6

7 IT Landscape Mixed IT Environments Infrastructure Software Stack Consulting, Systems Integration Vendors Application Server Middleware Application Vendors Security Systems Software Vendors Hardware Vendors Novell Systems Management Database Operating Systems 7

8 Novell - Your Needs, Our Capabilities Data Center End-User Computing Identity and Security 8

9 Sicurezza Di cosa ci occupiamo oggi? GESTISCI CHI CONOSCI DIFENDITI DA CHI NON CONOSCI 9

10 Security & Identity Italia Finance & Telco Large Enterprise Public Sector Medium Enterprise Camera dei Deputati 10 Agosto 2008

11 Shrinking Budgets, Growing Concerns Governance Privacy Security Transparency Risks Compliance 11 Novell Inc. All rights reserved

12 Risk Management The set of policies, procedures, practices and organizational structures to proactively manage the risks that the organization is exposed to Kuppinger Cole - A GRC Reference Architecture

13 Compliance The set of policies, procedures, practices and organizational structures to assure the organization behaves according to the laws and regulations it is exposed to Kuppinger Cole - A GRC Reference Architecture

14 Compliance and Risk Management In-success case Vodafone Turkey Sept

15 Greek Watergate Vodafone.gr 2005: - wiretapping of more then 100 Vodafone mobile phone belonging to government members - Identity of the perpetrator never discovered for various reason: - Uncertain identity of admin users on production systems - Lack of details on the activities performed - Too many candidates (employees, IBM, Ericcson) 15

16 Growing Risk, Growing Regulations PCI-DSS Gramm-Leach-Bliley Basel II Sarbanes-Oxley FISMA Privacy Act Solvency II HIPAA 16

17 Market Conditions Compliance Costs are Rising GRC Spending Breakdown $12,640 $12,549 $13,126 Head Count $7,336 $8,945 $9,357 Services Technology $9,881 $10,568 $11, Source: The Governance, Risk Management, and Compliance Spending Report, : Inside the $32B GRC Market AMR Research

18 Normative e requisiti IT Cosa bisogna fare o verificare Regulation Mandating Organization IT Control Requirements (Security) Affected Companies Sarbanes-Oxley US Securities and Exchange Commission (SEC) CobiT framework--authentication, access controls, user account management, credential lifecycle management, nonrepudiation and audit controls Companies publicly traded on US exchanges 21 CFR Part 11 US Food and Drug Administration (FDA) Authentication, access controls, data integrity controls, audit controls, encryption and digital signatures Companies regulated by FDA (i.e. pharmaceuticals) Basel II Basel Committee on Banking Supervision FFIEC framework--access rights administration, authentication, network access, operating system access, application access, remote access, logging and data collection Global financial service organizations 95/46/EC Data Protection Directive European Union (EU) Measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access Companies conducting business in EU member nations 18

19 Problemi Tipici 1.Unidentified or unresolved segregation of duties issues 2.Insecure access controls in O/S supporting applications or portal 3.Insecure access controls in database supporting applications 4.Development staff can run business transactions in production 5.Large number of users with access to super user" status 6.Former employees or consultants still have access 7.Posting periods not restricted within GL application 8.Custom programs, tables & interfaces are not secured 9.Procedures for manual processes non-existent or not followed 10.System documentation does not match actual proces Source: Ken Vander Wal, Partner, National Quality Leader, E&YISACA Sarbanes Conference, 4/6/04 19

20 Problemi Tipici Top Three secondo Deloitte Inability to certify that the right people have the right access to sensitive information Inability to track who is logged into sensitive accounts Inability to track the activities of people who do have access to sensitive information or accounts 20

21 Identity & Access Management In Sintesi: Collegare Persone a Risorse Per ciascuna Persona: Una sola identità Per ciascuna Risorsa: Chi può fare cosa? Come può accedere? Quando/cosa ha acceduto? 21

22 DoITT NYC.ID Executive Overview November, Prepared by Dept. of Information Technology & Telecommunication

23 The Identity Management Problem LAN ID Remote Access App A App B App C Jberry Esiegel Jrowland Mfriedel Sbenson Thanks Jwayne Tcarrol Sharris Bwhite Ddailey Eheiden Lball Hwiggins Cjohnson r_patel Mthomas Browland Mprehn Bbanks Lsulley Lbitmore Ltimble Aboyle Bcoldwel Dparis Clriot Etear Smackay Mturner Mmclain Mcpasch Jpasch rakeshp Tdean Jtorville Cdean Nreagan Rnixon A49320 A39943 A49454 A93934 A39485 A49382 A48382 A49382 A39485 A29483 A49583 A49382 A49302 A42845 A20184 A49284 A49248 A50824 A42948 A49274 Cooperl Tinleyj Harrisd patelr Rowlandr Bensons Quinleys Harminb Travolta Francek Lipperd Skatee Marinoe Flamingo Russiak Crowd Pazzaz Daoudc Louf Peizerat Frenetc Smileys Entrald Novacho Alvarag Narlersh Woodst Nicklausj Hoganb Palmera Dimarcoc Perryk Beards cw33 Fusar RP738 Margaglio Lithowan Vanagas Lightes Sequensh Welchj Pettyr Robertsj Julianr Nantpre Enaget Jhancock Clayton Johnh Woo Hanwayv Composi Initalialy rpatel Stickler Bourne Fusar Margoliao Navka Koskoma Hackinsa Rakesh Patel AD- r_patel Exchange- rakeshp Remote Access- A Application A- patelr Application B- RP738 Application C- rpatel Today Silos of identity information in multiple directories and applications Multiple user names the result? Confusing and inconsistent identity data Bottom line No way to create a single view of all an individual's access privileges 23 Prepared by Dept. of Information Technology & Telecommunication

24 The Identity Management Problem Agency 1 Agency 2 Agency 3 The problem is compounded consider number of agencies Many users have access to resources in multiple agencies The result? Further account proliferation and identity management complexity 24 Prepared by Dept. of Information Technology & Telecommunication

25 The Identity Management Solution LAN ID Remote Access App A App B App C Jberry Esiegel Jrowland Mfriedel Sbenson Thanks Jwayne Tcarrol Sharris Bwhite Ddailey Eheiden Lball Hwiggins Cjohnson r_patel Mthomas Browland Mprehn Bbanks Lsulley Lbitmore Ltimble Aboyle Bcoldwel Dparis Clriot Etear Smackay Mturner Mmclain Mcpasch Jpasch rakeshp Tdean Jtorville Cdean Nreagan Rnixon A49320 A39943 A49454 A93934 A39485 A49382 A48382 A49382 A39485 A29483 A49583 A49382 A49302 A42845 A20184 A49284 A49248 A50824 A42948 A49274 Cooperl Tinleyj Harrisd patelr Rowlandr Bensons Quinleys Harminb Travolta Francek Lipperd Skatee Marinoe Flamingo Russiak Crowd Pazzaz Daoudc Louf Peizerat Frenetc Smileys Entrald Novacho Alvarag Narlersh Woodst Nicklausj Hoganb Palmera Dimarcoc Perryk Beards cw33 Fusar RP738 Margaglio Lithowan Vanagas Lightes Sequensh Welchj Pettyr Robertsj Julianr Nantpre Enaget Jhancock Clayton Johnh Woo Hanwayv Composi Initalialy rpatel Stickler Bourne Fusar Margoliao Navka Koskoma Hackinsa Rakesh Patel AD- r_patel Exchange- rakeshp Remote Access- A Application A- patelr Application B- RP738 Application C- rpatel 25 Identity Management links a user in these identity silos together Identity Management creates a platform for standardizing username and synchronizing passwords Identity Management creates a way to create a single view of all an individual's access privileges Prepared by Dept. of Information Technology & Telecommunication

26 Identity Strategy Long-Term goals for the City Unique Identity for any individual, regardless of their relationship with city, e.g. Employee, Consultant, Vendor, Resident, Business Partner, Permit Holder, etc. Automated Provisioning and De-Provisioning Centralized Authentication Registration of Identities Provide self-registration for non-employees Reduced / Single Sign-On Policies and Standards - Enforce policy Improve Auditing and Reporting 26 Prepared by Dept. of Information Technology & Telecommunication

27 Available NYC.ID Service Offerings Password Self Service Automated De-Provisioning Application Integration Desktop Single-Sign-On 27 Prepared by Dept. of Information Technology & Telecommunication

28 Service Offering Password Self Service Provides a web-based password self-service solution for entire NYC.ID internal user population Reduce help desk calls Supplements agencybased desktop password self service features 28 Prepared by Dept. of Information Technology & Telecommunication

29 Service Offering Automated De-provisioning Automatically disable accounts in NYC.ID and agency directories upon HR employee separation Reduce administrative workload Catch employee separation events reliably Enforce agency-specific business and technical termination processes 29 Prepared by Dept. of Information Technology & Telecommunication

30 Conclusion (by Novell) Higher efficiency Improved quality of service for citizens Supporting the city marketing strategy 30 Prepared by Dept. of Information Technology & Telecommunication

31 Identity Identity Access And ans Security Security Management Management Prospettiva Architetturale Solutions 31

32 Identity and Security Framework

33 General Architecture Users JAVA > Term Servr CSO LDAP AD, edirectory, OpenLDAP, etc. ERP / DB SAP, SQLServ, Oracle, DB/2, etc. HOST RACF, ACF/2, AS400, etc. COLLAB Exchange, Notes, Groupwise, etc. I T 33

34 General Architecture Metadirectory Users JAVA > Term Servr CSO LDAP AD, edirectory, OpenLDAP, etc. ERP / DB SAP, SQLServ, Oracle, DB/2, etc. HOST RACF, ACF/2, AS400, etc. COLLAB Exchange, Notes, Groupwise, etc. Metadirectory & Password Sync I T 34

35 User Provisioning General Architecture Metadirectory + Provisioning = Identity Management Users JAVA > Term Servr CSO LDAP AD, edirectory, OpenLDAP, etc. ERP / DB SAP, SQLServ, Oracle, DB/2, etc. HOST RACF, ACF/2, AS400, etc. COLLAB Exchange, Notes, Groupwise, etc. Metadirectory & Password Sync I T 35

36 Identity Management Lifecycle 36

37 ... Identity Management features Administer my resources or workgroup PeopleSoft Notes Search / browse users or resources Identity and provisioning environment Windows Server Databases Request access to resources Approved Identity Vault Mainframes Recover forgotten password Self-administration BMC Remedy Novell Identity Manager delivers: User Provisioning and Deprovisioning Identity Integration / Password Management Delegated Administration / Self Service Automated workflows Avaya PBX LDAP Directories 37

38 Indentity Management Drivers out of the box 38 As of: Mar '09

39 Novell Identity Manager Balancing provisioning mechanism Roles Rules Approvals 39

40 Identity Manager Unified End-User Console 40

41 User Provisioning General Architecture Metadirectory + Provisioning = Identity Management Users JAVA > Term Servr CSO LDAP AD, edirectory, OpenLDAP, etc. ERP / DB SAP, SQLServ, Oracle, DB/2, etc. HOST RACF, ACF/2, AS400, etc. COLLAB Exchange, Notes, Groupwise, etc. Metadirectory & Password Sync I T 41

42 User Provisioning General Architecture Identity Management + SSO Users Access Management & Single Sign On JAVA > Term Servr CSO LDAP AD, edirectory, OpenLDAP, etc. ERP / DB SAP, SQLServ, Oracle, DB/2, etc. HOST RACF, ACF/2, AS400, etc. COLLAB Exchange, Notes, Groupwise, etc. Metadirectory & Password Sync I T 42

43 L'Utente e i Servizi Oggi L'utente accede a più servizi dello stesso ente http App. 1 Network Authent https Su ogni servizio deve ri-autenticarsi Se si usa la smart card ogni applicazione deve essere abilitata per l'autenticazione via certificato Il controllo accessi è delegato ad ogni singola applicazione Per gli utenti interni: nessun riuso dell'autenticazione di rete App. n AD/eDir/LDAP 43

44 L'Utente e i Servizi SSO tra servizi Intra-azienda L'utente accede a più servizi dello stesso ente e beneficia del Single Sign On http(s) Access Manager http(s) App. 1 L'utente si autentica una sola volta L'utente può acconsentire al passaggio automatico di informazioni sulla sua identità tra le applicazioni = evita ri-digitazioni Per gli utenti interni posso riusare l'autenticazione di rete ed evitare così qualsiasi riautenticazione Posso verificare centralmente i diritti di accesso alle singole URL sulla base del profilo utente Network Authent ldap App. n AD/eDir/LDAP Se si usa la Smart card o altri metodi non è necessario modifcare le applicazioni, l'autenticazione è gestita dal AM server e passata alle applicazioni in modo tradizionale 44

45 Access Manager Overview Agentless Integration of existing applications Identity Server Identity Store 1 45 Access Gateway Web server configured Web server configured to accept header-based to accept header-based or form-based or form-based authentication authentication

46 Access Manager Overview Agentless Integration of existing applications 2 1 Identity Server Identity Store 1. User Accesses protected resource 2. User is redirected to Identity Server and is presented with an http login form requesting their username and password 3. The Identity Server verifies the username and password against the Identity Store 4. Once the user's identity is validated, the Access Gateway retrieves the user's common name and password 5. The Access Gateway injects the username and password into the authentication header or form and allows access to the encrypted Web content Access Gateway Web server configured to accept header-based or form-based authentication 46

47 L'Utente e i Servizi Federazione dei servizi Inter-azienda L'utente accede a più servizi Federati di enti distinti (o di divisioni distinte di una stessa azienda) http(s) Access Manager http(s) App. 1 L'utente può scegliere se avere SSO tra le applicazioni = si autentica una sola volta L'utente può acconsentire al passaggio automatico di informazioni sulla sua identità tra le applicazioni di enti distinti = evita ri-digitazioni L'utente percepisce una integrazione tra i servizi di enti distinti Le aziende devono concordare i contenuti usando standard SAML o essere Liberty Alliance compatibili Network Authent ldap Novell o altro SAML/Liberty Federation Server App. n AD/eDir/LDAP App. 1 App. n 47

48 IAM in contesto multi-azienda Identity Federation L'identity Federation permette all'utente di: non doversi ricordare userame/password distinte nel passaggio tra siti federati evitare di ridigitare informazioni sulla sua identità più volte L'utente ha un passaporto virtuale valido per i siti federati Vuoi federare? il tuo account X con Y? Se accetti verrano passati ad Y i seguenti dati: nome, cognome... Vuoi Federarti Si/No? 48

49 Liberty Alliance Board and Sponsor members Sponsor Members Management Board Members Feb. '06 49

50 SECURITY SECURITY SECURITY Governemnt of Hong Kong Contesto Oltre 100 Uffici/Dipartimenti - indpendenti nelle scelte IT Circa utenti In-land Revenue Department Officer KenS - xxx In-land Revenue Dep. Treasury Department Officer BellS - yyy Treasury Dep. Police Department Policemen zzz I n t r a n e t Police Dep. 50 Requisiti Single Sign On per gli utenti che usano app di più dipartimenti/uffici Evitare la presenza di un repositori centrale a favore di uno per ogni dipartimento Evitare l'obbligo di unanimità della scelta tecnologica

51 SECURITY infr. SECURITY INFRASTRUCTURE Governemnt of Hong Kong Soluzione Sistema federato di autenticazione. Una singolo logon valido per tutti i servizi autonomia dei singoli Dipartimenti nella gestione delle utenze autonomia dei Dipartimenti nella scelta della soluzione tecnologica (purchè conforme allo standard SAML) In-land Revenue Department Officer SmithK - yyy In-land Revenue Dep. Treasury Department Officer ScottB - xxx Treasury Dep. Police Department Policemen JeffW - xxx I n t r a n e t Police Dep. 51

52 Federated Provisioning Star Alliance Use Case Example 52

53 User Provisioning General Architecture Identity Management + SSO Users Access Management & Single Sign On JAVA > Term Servr CSO LDAP AD, edirectory, OpenLDAP, etc. ERP / DB SAP, SQLServ, Oracle, DB/2, etc. HOST RACF, ACF/2, AS400, etc. COLLAB Exchange, Notes, Groupwise, etc. Metadirectory & Password Sync I T 53

54 Event Management User Provisioning General Architecture Identity Management + SSO + Security Information Event Management Users Access Management & Single Sign On JAVA > Term Servr CSO LDAP AD, edirectory, OpenLDAP, etc. ERP / DB SAP, SQLServ, Oracle, DB/2, etc. HOST RACF, ACF/2, AS400, etc. COLLAB Exchange, Notes, Groupwise, etc. Metadirectory & Password Sync I T 54

55 The Problem To many data 55

56 SIEM Typical needs addressed Low visibility on current state: dashboard and KPI production difficult an imprecise Unstructured resolution process: same problem different path each time Slow reactivity to critical events due to lack of real time detection and proactive remediation systems High cost of compliance audit preparation because of high amount of manual work and hight data source number 56

57 SIEM solution RACF ACF 2 Top Secret 57

58 SIEM Logical Architecture Dashboard Policy Compliance Forensic Reporting KPI Security Datawarehouse Datamart Muldimensional Historical DB Event Management Collect Filter Normalize Taxonomy Correlation Monitoring Allarms Incident Management Real time statistics Event Analysis Router I.D.S Firewall 58 Content Filtering Infrastr. IAM Applications IT Infrastucture Database Vulnerability Scanner Proxy Unix system Windows systems Mainframe

59 Log Management vs. SIEM Log Management is sometimes referred to as Security Information Management or SIM Security Event Management or SEM is focused on real-time monitoring, alerting, incident response SEM Event correlation Robust alerts Incident response Dashboards Data enrichment Filtering Data collection Ad-hoc query alerts Reports Log Management Compression Forensics Data integrity Unknown log support Data retention Raw log forwarding 59

60 Log Management Long term storage of event in original format for forensic purposes Compression Signing Google like Search 60

61 Log Retention Compliance requirements differ per industry and regulation Some are concrete, others vague All require some retention Regulation Retention Requirement PCI SOX HIPAA GLBA/FFIEC* NERC/FERC* FISMA* Basel II* 1 year 7 years 6 years 6 years 3 years 3 years 7 years 61 Novell Inc. All rights reserved

62 Log Manager Data Storage and Archiving 62

63 Log Manager Reporting and Search 63

64 Seamless Search Search UI Online Storage Compressed Offline Storage (SAN or NAS) 64

65 Security Event Management Event flow analysis for violation detection and real time remediation or containment Correlation Event enrichment with business data Automatic firing of countermeasure (tech or process) Business Relevance 65

66 Novell Sentinel Automates Monitoring and Reporting of IT Controls Collect and consolidate feeds from multi-vendor sensors Normalize logs from across the enterprise seamlessly Monitor & Correlate and analyse for control violations in real time Respond to violations. incident mgt tied to existing workflows Report on the effectiveness of the control environment Firewalls Identity Mgmt Real-time View of Event Logs Manage incidents Databases IDS Routers AntiVirus Webservers Aggregate - Normalize - Correlate - Respond - Report 66

67 Correlation: IDS Events (1) Traditional signature-based IDS produces alerts These can be sent to a log management system, central IDS console, or SIEM. [**] [1:1807:10] WEB-MISC Chunked-Encoding transfer attempt [**] [Classification: Web Application Attack] [Priority: 1] 01/20-14:20: :3602 -> a.b.c.d:80 TCP TTL:128 TOS:0x0 ID:35630 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xBFF2387E Ack: 0x9D37BACD Win: 0xFAF0 TcpLen: 20 [**] [119:16:1] (http_inspect) OVERSIZE CHUNK ENCODING [**] [Classification: Web Application Attack] [Priority: 1] 01/20-15:39: :3602 -> a.b.c.d:80 TCP TTL:128 TOS:0x0 ID:35630 IpLen:20 DgmLen:1500 DF ***A**** Seq: 0xBFF2387E Ack: 0x9D37BACD Win: 0xFAF0 TcpLen: 20 These alerts may be in a proprietary format False positives are common as well 67 Novell Inc. All rights reserved

68 Correlation: Vulnerability Assessments (1) Scan results from Nessus and other tools can provide large quantities of data Unfocused scans are often less useful Too much data is just as bad as too little! 68 Novell Inc. All rights reserved

69 Sentinel Themes Baseline and Trending 69

70 IT Controls Monitoring Log Management + Security Event Management Business Relevance 70

71 Identity Identity Access And ans Security Security Management Management Prospettiva Architetturale Solutions 71

72 Novell Sentinel Architecture 72

73 Pre-defined Collectors Novell Products Access Manager Audit edirectory Identity Manager Netware NMAS SecretStore SecureLogin SUSE Linux Firewalls CISCO PIX Check Point NGX Juniper Netscreen Symantec Intrusion Prevention ISS Proventia Juniper IDP McAfee Entercept McAfee IntruShield Symantec ManHunt Configuration Management Tripwire Enterprise Tripwire for Servers Intrusion Detection (network-based) CISCO SIDS Enterasys Dragon ISS SiteProtector Juniper Netscreen NFR Sentivist Snort Sourcefire Defense Center Incident Management BMC Remedy HP Service Desk Authentication RSA SecurID Policy Monitoring McAfee epolicy Orchestrator TippingPoint SMS Intrusion Detection (host-based) ISS RealSecure McAfee Entercept/HIDS Symantec Intruder Alert Vulnerability Assessment eeye Retina Foundstone Enterprise ISS Proventia ncircle IP360 Qualys QualysGuard Rapid7 NeXpose Tenable Nessus Operating Systems Hewlett-Packard HP-UX IBM AIX Microsoft Windows NT Microsoft Windows 2000/3 Microsoft Windows XP Sun Solaris 8/9/10 Sun Trusted Solaris/BSM Red Hat Linux SUSE Linux 9/10 Mainframe/Midrange ACF2, RACF, Top Secret AS/400 HP NonStop z/os Anti-Virus McAfee VirusScan Symantec AntiVirus Trend Micro VirusWall Web Servers/Proxy Apache Blue Coat Microsoft IIS Microsoft Proxy Directory Services LDAP (standard) Microsoft Active Directory Novell edirectory Routers & Switches Cisco all Juniper M-series Nortel all VPN CISCO Juniper Nortel Databases Microsoft SQL 2000/2005 MySQL Oracle 9i/10g Miscellaneous Cisco ACS Intersect Alliance Snare Nmap 73 Novell, Novell Inc, Inc. Confidential All rights reserved. & Proprietary As of 10/07

74 Identity And Security Management Prospettiva...e il Cloud Architetturale Computing 74

75 L'Enterprise si estende nel Cloud Internal Data Center COMPLIANCE & SECURITY Business Service Management IT Service Management Existing Internal Capacity 75

76 L'Enterprise si estende nel Cloud Internal Cloud (On-Premise) COMPLIANCE & SECURITY Business Service Management Business Service Management IT Service Management IT Service Management Existing Internal Capacity Virtualized Internal Capacity 76 Firewall

77 L'Enterprise si estende nel Cloud Internal Cloud (On-Premise) External Cloud (Off-Premise) COMPLIANCE & SECURITY Business Service Management Business Service Management Business Service Management Software as a Service IT Service Management IT Service Management IT Service Management Platform as a Service Existing Internal Capacity Virtualized Internal Capacity New External Capacity Infrastructure as a Service 77 Firewall

78 Creating IT Administration Nightmare User data/ permissions User data/ permissions User data/ permissions User data/ permissions Enterprise Challenge IT Department Multiple Username/ passwords Users Apps User data/ permissions Multiple identity silos Disparate administration tools 78 Challenge in timely Directoryde-provisioning User data/ accounts Systems/ of ex-employees permissions tools Novell Inc, Confidential & Proprietary

79 Quali Preoccupazioni / Challenge per i Clienti che si indirizzano verso Cloud Serv? Source: Tier 1 research Cloud Infrastructure Services Managed Hosters based on poll of top 50 managed hosters in US and Europe 79 Proprietary & Confidential

80 Cloud Security Service (CSS) NCSS is a Web-based identity and access solution that enables an enterprise to manage a multi-saas environment and enforce its policies, roles and workflows in the cloud. User Identity and Roles Enterprise with any credentials system Simplified Single Sign-on Enterprise-directed Provisioning/Deprovisioning Leveraging Enterprise-defined Identities & Roles Security Montioring/Compliance Reporting Inspecting WRT Specific Tenants Cloud vendor with NCSS Compliance Events 80

81 How Does NCSS Work? Enterprise User Store User Store NCS Secure Bridge Novell Cloud Security Services IdP AuthN Service 2 SAML 1, SAML 2, WS-Fed Relying Party Participant SaaS Application 1 User User Access 3 Authentication SaaS Resources 1 NCSS handles both use cases: A user directly logging into a cloud service or user logging into their enterprise system first. 81

82 Cloud Security Service Cloud Security Service is a Web-based security service that makes SaaS more secure and manageable. It gives enterprises the ability to: - Manage user access to applications and data hosted in the cloud - Break down trust-related adoption barriers to SaaS by providing: - Single sign-on (SSO) - Provisioning/deprovisioning - Service access and consolidated reporting - Automated rules for user account management and audit reporting Extends on-premise identity infrastructure, policies, roles and workflow compliance enforcement to the cloud. 82

83 Identity and Security Framework

84 Identity and Security Questions? 84

Symantec Security Information Manager Version 4.7

Symantec Security Information Manager Version 4.7 Version 4.7 Agenda What are the challenges? What is Security Information Manager? How does Security Information Manager work? Why? 2 Security Management Challenges 3 Managing IT Security PREVENT INFORM

More information

ArcSight Supports a Wide Range of Security Relevant Products

ArcSight Supports a Wide Range of Security Relevant Products ArcSight Supports a Wide Range of Security Relevant Products ArcSight s data collection capabilities are the most versatile in the industry and run the gamut from a centralized collection point on the

More information

QRadar SIEM 6.3 Datasheet

QRadar SIEM 6.3 Datasheet QRadar SIEM 6.3 Datasheet Overview Q1 Labs flagship solution QRadar SIEM is unrivaled in its ability to provide an organization centralized IT security command and control. The unique capabilities of QRadar

More information

Identity and Access Management Integration with PowerBroker. Providing Complete Visibility and Auditing of Identities

Identity and Access Management Integration with PowerBroker. Providing Complete Visibility and Auditing of Identities Identity and Access Management Integration with PowerBroker Providing Complete Visibility and Auditing of Identities Table of Contents Executive Summary... 3 Identity and Access Management... 4 BeyondTrust

More information

Security Information and Event Management Introduction to envision: The Information Management Platform for Security and Compliance Operations Success

Security Information and Event Management Introduction to envision: The Information Management Platform for Security and Compliance Operations Success Security Information and Event Management Introduction to envision: The Information Management Platform for Security and Compliance Operations Success Copyright 2008 EMC Corporation. All rights reserved.

More information

IBM Tivoli Identity Manager

IBM Tivoli Identity Manager Automated, role-based user management and provisioning of user services IBM Tivoli Identity Manager Reduce help-desk costs and IT staff workload with Web self-service and password reset/synch interfaces

More information

Intro to QualysGuard IT Compliance SaaS Services. Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe

Intro to QualysGuard IT Compliance SaaS Services. Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe Intro to QualysGuard IT Compliance SaaS Services Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe QualysGuard ICT Security Management Integrated Suite of ICT Security

More information

Novell Cloud Security Service Reducing Risk by Securing the Cloud. Stefan Stiehl Senior Sales Technology Specialist sstiehl@novell.

Novell Cloud Security Service Reducing Risk by Securing the Cloud. Stefan Stiehl Senior Sales Technology Specialist sstiehl@novell. Novell Cloud Security Service Reducing Risk by Securing the Cloud Stefan Stiehl Senior Sales Technology Specialist sstiehl@novell.com Disclaimer for Product in Development Unpublished Work of Novell, Inc.

More information

Best Practices in Identity and Access Management (I&AM) for Regulatory Compliance. RSA Security and Accenture February 26, 2004 9:00 AM

Best Practices in Identity and Access Management (I&AM) for Regulatory Compliance. RSA Security and Accenture February 26, 2004 9:00 AM Best Practices in Identity and Access Management (I&AM) for Regulatory Compliance RSA Security and Accenture February 26, 2004 9:00 AM Agenda Laura Robinson, Industry Analyst, RSA Security Definition of

More information

RSA envision. Supported Event Sources. Vendor Device Collection Method. Vendor Device Collection Method. Vendor Device Collection Method

RSA envision. Supported Event Sources. Vendor Device Collection Method. Vendor Device Collection Method. Vendor Device Collection Method RSA envision Supported Event Sources A Actividentity 4TRESS AAA Server - version 6.4.1 AirDefense AirDefense Enterprise Server - version 7.2 Airmagnet Airmagnet Enterprise - version 7.5.0 Apache HTTP Server

More information

List of Supported Systems & Devices

List of Supported Systems & Devices List of Supported Systems & Devices February 2012 Cyber-Ark's Privileged Identity Management (PIM) Suite is an enterprise-class, unified policy-based solution that secures, manages and monitors all privileged

More information

Peter Dulay, CISSP Senior Architect, Security BU

Peter Dulay, CISSP Senior Architect, Security BU CA Enterprise Log Manager 12.5 Peter Dulay, CISSP Senior Architect, Security BU Agenda ELM Overview ELM 12.5: What s new? ELM to CA Access Control/PUPM Integration CA CONFIDENTIAL - Internal Use Only Overview

More information

CiscoWorks SIMS(Netforensics)

CiscoWorks SIMS(Netforensics) Managing Logs and Security Events CiscoWorks SIMS(Netforensics) Georg Bommer, Inter-Networking AG (Switzerland) Table of Content Challenges/Problems Main Functionality Product Tour Report Examples Architecture

More information

Secure Cloud Computing

Secure Cloud Computing Secure Cloud Computing Agenda Current Security Threat Landscape Over View: Cloud Security Overall Objective of Cloud Security Cloud Security Challenges/Concerns Cloud Security Requirements Strategy for

More information

Securing the Cloud through Comprehensive Identity Management Solution

Securing the Cloud through Comprehensive Identity Management Solution Securing the Cloud through Comprehensive Identity Management Solution Millie Mak Senior IT Specialist What is Cloud Computing? A user experience and a business model Cloud computing is an emerging style

More information

Introduction to QualysGuard IT Compliance SaaS Services. Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe

Introduction to QualysGuard IT Compliance SaaS Services. Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe Introduction to QualysGuard IT Compliance SaaS Services Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe A Unified and Continuous View of ICT Security, Risks and

More information

REQUEST FOR PROPOSAL ACQUISITION & IMPLEMENTATION OF CENTRALIZED LOG MANAGEMENT SYSTEM

REQUEST FOR PROPOSAL ACQUISITION & IMPLEMENTATION OF CENTRALIZED LOG MANAGEMENT SYSTEM REQUEST FOR PROPOSAL ACQUISITION & IMPLEMENTATION OF CENTRALIZED LOG MANAGEMENT SYSTEM Proposal Release Date: AUGUST 20 th 2008 Proposal Due Date: SEPTEMBER 16 th 2008 TABLE OF CONTENTS 1 - INTRODUCTION...

More information

Real-Time Database Protection and. Overview. 2010 IBM Corporation

Real-Time Database Protection and. Overview. 2010 IBM Corporation Real-Time Database Protection and Monitoring: IBM InfoSphere Guardium Overview Agenda Business drivers for database security InfoSphere Guardium architecture Common applications The InfoSphere portfolio

More information

Effective Use of Security Event Correlation

Effective Use of Security Event Correlation Effective Use of Security Event Correlation Mark G. Clancy Chief Information Security Officer The Depository Trust & Clearing Corporation DTCC Non-Confidential (White) About DTCC DTCC provides custody

More information

Juniper Security Threat Response Manager (STRM) Mikko Kuljukka COMPUTERLINKS Oy

Juniper Security Threat Response Manager (STRM) Mikko Kuljukka COMPUTERLINKS Oy Juniper Security Threat Response Manager (STRM) Mikko Kuljukka COMPUTERLINKS Oy Customer Challenges Dispersed Threats IT Overload IT information overload Flood of logged events from many point network

More information

OracleAS Identity Management Solving Real World Problems

OracleAS Identity Management Solving Real World Problems OracleAS Identity Management Solving Real World Problems Web applications are great... Inexpensive development Rapid deployment Access from anywhere BUT. but they can be an administrative and usability

More information

An Introduction to SIEM & RSA envision (Security Information and Event Management) January, 2011

An Introduction to SIEM & RSA envision (Security Information and Event Management) January, 2011 An Introduction to SIEM & RSA envision (Security Information and Event Management) January, 2011 Brian McLean, CISSP Sr Technology Consultant, RSA Changing Threats and More Demanding Regulations External

More information

Achieving PCI Compliance with Red Hat Enterprise Linux. June 2009

Achieving PCI Compliance with Red Hat Enterprise Linux. June 2009 Achieving PCI Compliance with Red Hat Enterprise Linux June 2009 CONTENTS EXECUTIVE SUMMARY...2 OVERVIEW OF PCI...3 1.1. What is PCI DSS?... 3 1.2. Who is impacted by PCI?... 3 1.3. Requirements for achieving

More information

ABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES

ABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES CONTENTS About Tools4ever... 3 About Deloitte Risk Services... 3 HelloID... 4 Microsoft Azure... 5 HelloID Security Architecture... 6 Scenarios... 8 SAML Identity Provider (IDP)... 8 Service Provider SAML

More information

Secret Server Qualys Integration Guide

Secret Server Qualys Integration Guide Secret Server Qualys Integration Guide Table of Contents Secret Server and Qualys Cloud Platform... 2 Authenticated vs. Unauthenticated Scanning... 2 What are the Advantages?... 2 Integrating Secret Server

More information

MySQL Security: Best Practices

MySQL Security: Best Practices MySQL Security: Best Practices Sastry Vedantam sastry.vedantam@oracle.com Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes

More information

RSA ACCESS MANAGER. Web Access Management Solution ESSENTIALS SECURE ACCESS TO WEB APPLICATIONS WEB SINGLE SIGN-ON CONTEXTUAL AUTHORIZATION

RSA ACCESS MANAGER. Web Access Management Solution ESSENTIALS SECURE ACCESS TO WEB APPLICATIONS WEB SINGLE SIGN-ON CONTEXTUAL AUTHORIZATION RSA ACCESS MANAGER Web Access Management Solution ESSENTIALS Secure Access Enforces access to Web applications based on risk and context Centralizes security and enforces business policy Web Single Sign-on

More information

Configuration Audit & Control

Configuration Audit & Control The Leader in Configuration Audit & Control Configuration Audit & Control Brett Bartow - Account Manager Kelly Feagans, Sr. Systems Engineer ITIL, CISA March 4, 2009 Recognized leader in Configuration

More information

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges 1 Building an Identity Management Business Case Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications Justifying investment in identity management automation. 2 Agenda Business challenges

More information

Enforcive /Cross-Platform Audit

Enforcive /Cross-Platform Audit Enforcive /Cross-Platform Audit Enterprise-Wide Log Manager and Database Activity Monitor Real-time Monitoring Alert Center Before & After Change Image Custom Reports Enforcive's Cross-Platform Audit (CPA)

More information

CERN, Information Technology Department alberto.pace@cern.ch

CERN, Information Technology Department alberto.pace@cern.ch Identity Management Alberto Pace CERN, Information Technology Department alberto.pace@cern.ch Computer Security The present of computer security Bugs, Vulnerabilities, Known exploits, Patches Desktop Management

More information

STATE OF NEW YORK IT Transformation. Request For Information (RFI) Enterprise Identity and Access Management Consolidated Questions and Responses

STATE OF NEW YORK IT Transformation. Request For Information (RFI) Enterprise Identity and Access Management Consolidated Questions and Responses STATE OF NEW YORK IT Transformation Request For Information (RFI) Enterprise Identity and Access Management Consolidated Questions and Responses June 8, 2012 Appendix B Consolidated Vendor Questions with

More information

Enterprise Database Security & Monitoring: Guardium Overview

Enterprise Database Security & Monitoring: Guardium Overview Enterprise Database Security & Monitoring: Guardium Overview Phone: 781.487.9400 Email: info@guardium.com Guardium: Market-Proven Leadership Vision Enterprise platform for securing critical data across

More information

Take Control of Identities & Data Loss. Vipul Kumra

Take Control of Identities & Data Loss. Vipul Kumra Take Control of Identities & Data Loss Vipul Kumra Security Risks - Results Whom you should fear the most when it comes to securing your environment? 4. 3. 2. 1. Hackers / script kiddies Insiders Ex-employees

More information

IBM Global Technology Services Preemptive security products and services

IBM Global Technology Services Preemptive security products and services IBM Global Technology Services Preemptive security products and services Providing protection ahead of the threat Today, security threats to your organization leave little margin for error. To consistently

More information

Password Self-Service for Novell edirectory. Brent McCormick Novell Corporate Technology Strategist

Password Self-Service for Novell edirectory. Brent McCormick Novell Corporate Technology Strategist Password Self-Service for Novell edirectory Brent McCormick Novell Corporate Technology Strategist Audience by Industry Government Healthcare Financial Services Education Telecommunications Manufacturing

More information

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities PRODUCT SHEET: CA SiteMinder CA SiteMinder we can CA SiteMinder provides a centralized security management foundation that enables the secure use of the web to deliver applications and cloud services to

More information

CA SiteMinder SSO Agents for ERP Systems

CA SiteMinder SSO Agents for ERP Systems PRODUCT SHEET: CA SITEMINDER SSO AGENTS FOR ERP SYSTEMS CA SiteMinder SSO Agents for ERP Systems CA SiteMinder SSO Agents for ERP Systems help organizations minimize sign-on requirements and increase security

More information

Identity Governance Evolution

Identity Governance Evolution Identity Governance Evolution Paola Marino Principal Sales Consultant Agenda Oracle Identity Governance Innovation Cloud Scenarios enabled by Oracle Identity Platform Agenda Oracle

More information

Regulatory Compliance Using Identity Management

Regulatory Compliance Using Identity Management Regulatory Compliance Using Identity Management 2015 Hitachi ID Systems, Inc. All rights reserved. Regulations such as Sarbanes-Oxley, FDA 21-CFR-11 and HSPD-12 require stronger security, to protect sensitive

More information

IBM Security QRadar SIEM Version 7.1.0 MR1. Vulnerability Assessment Configuration Guide

IBM Security QRadar SIEM Version 7.1.0 MR1. Vulnerability Assessment Configuration Guide IBM Security QRadar SIEM Version 7.1.0 MR1 Vulnerability Assessment Configuration Guide Note: Before using this information and the product that it supports, read the information in Notices and Trademarks

More information

RSA Via Lifecycle and Governance 101. Getting Started with a Solid Foundation

RSA Via Lifecycle and Governance 101. Getting Started with a Solid Foundation RSA Via Lifecycle and Governance 101 Getting Started with a Solid Foundation Early Identity and Access Management Early IAM was all about Provisioning IT tools to solve an IT productivity problem Meet

More information

FISMA / NIST 800-53 REVISION 3 COMPLIANCE

FISMA / NIST 800-53 REVISION 3 COMPLIANCE Mandated by the Federal Information Security Management Act (FISMA) of 2002, the National Institute of Standards and Technology (NIST) created special publication 800-53 to provide guidelines on security

More information

2013 AWS Worldwide Public Sector Summit Washington, D.C.

2013 AWS Worldwide Public Sector Summit Washington, D.C. Washington, D.C. Next Generation Privileged Identity Management Control and Audit Privileged Access Across Hybrid Cloud Environments Ken Ammon, Chief Strategy Officer Who We Are Security software company

More information

Developing Value from Oracle s Audit Vault For Auditors and IT Security Professionals

Developing Value from Oracle s Audit Vault For Auditors and IT Security Professionals Developing Value from Oracle s Audit Vault For Auditors and IT Security Professionals November 13, 2014 Michael Miller Chief Security Officer Integrigy Corporation Stephen Kost Chief Technology Officer

More information

DirX Identity V8.4. Secure and flexible Password Management. Technical Data Sheet

DirX Identity V8.4. Secure and flexible Password Management. Technical Data Sheet Technical Data Sheet DirX Identity V8.4 Secure and flexible Password Management DirX Identity provides a comprehensive password management solution for enterprises and organizations. It delivers self-service

More information

Clavister InSight TM. Protecting Values

Clavister InSight TM. Protecting Values Clavister InSight TM Clavister SSP Security Services Platform firewall VPN termination intrusion prevention anti-virus anti-spam content filtering traffic shaping authentication Protecting Values & Enterprise-wide

More information

CimTrak Technical Summary. DETECT All changes across your IT environment. NOTIFY Receive instant notification that a change has occurred

CimTrak Technical Summary. DETECT All changes across your IT environment. NOTIFY Receive instant notification that a change has occurred DETECT All changes across your IT environment With coverage for your servers, network devices, critical workstations, point of sale systems, and more, CimTrak has your infrastructure covered. CimTrak provides

More information

Information Security. Incident Management Program. What is an Incident Management Program? Why is it needed?

Information Security. Incident Management Program. What is an Incident Management Program? Why is it needed? Information Security Incident Management Program What is an Incident Management Program? It is a coordinated program of people, processes, tools and technology, which prevents and manages information security

More information

Identity and Access Management Point of View

Identity and Access Management Point of View Identity and Access Management Point of View Agenda What is Identity and Access Management (IAM)? Business Drivers and Challenges Compliance and Business Benefits IAM Solution Framework IAM Implementation

More information

National Information Assurance Partnership

National Information Assurance Partnership National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report NetIQ Security Manager Version 5.5 Report Number: CCEVS-VR-07-0058 Dated: 9 August 2007

More information

Eoin Thornton Senior Security Architect Zinopy Security Ltd.

Eoin Thornton Senior Security Architect Zinopy Security Ltd. RSA envision: Transform your Security Operations A Technical overview & demo of RSA envision The Information Log Management Platform for Security and Compliance Success Eoin Thornton Senior Security Architect

More information

How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions

How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions Introduction This paper provides an overview of the integrated solution and a summary of implementation options

More information

Review: McAfee Vulnerability Manager

Review: McAfee Vulnerability Manager Review: McAfee Vulnerability Manager S3KUR3, Inc. Communicating Complex Concepts in Simple Terms Tony Bradley, CISSP, Microsoft MVP September 2010 Threats and vulnerabilities are a way of life for IT admins.

More information

The self-defending network a resilient network. By Steen Pedersen Ementor, Denmark

The self-defending network a resilient network. By Steen Pedersen Ementor, Denmark The self-defending network a resilient network By Steen Pedersen Ementor, Denmark The self-defending network - a resilient network What is required of our internal networks? Available, robust, fast and

More information

VMware Integrated Partner Solutions for Networking and Security

VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Security and Compliance VMware vcloud Networking and Security is the leading networking and security

More information

The syslog-ng Store Box 3 F2

The syslog-ng Store Box 3 F2 The syslog-ng Store Box 3 F2 PRODUCT DESCRIPTION Copyright 2000-2014 BalaBit IT Security All rights reserved. www.balabit.com Introduction The syslog-ng Store Box (SSB) is a high-reliability and high-performance

More information

Security Specifications

Security Specifications Security Specifications Overview Password Manager Pro deals with administrative passwords that offer secure access to enterprise credentials and devices. Any compromise on the security of these passwords

More information

SECURE YOUR DATA EXCHANGE WITH SAFE-T BOX

SECURE YOUR DATA EXCHANGE WITH SAFE-T BOX SECURE YOUR DATA EXCHANGE SAFE-T BOX WHITE PAPER Safe-T. Smart Security Made Simple. 1 The Costs of Uncontrolled Data Exchange 2 Safe-T Box Secure Data Exchange Platform 2.1 Business Applications and Data

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

nexus Hybrid Access Gateway

nexus Hybrid Access Gateway Product Sheet nexus Hybrid Access Gateway nexus Hybrid Access Gateway nexus Hybrid Access Gateway uses the inherent simplicity of virtual appliances to create matchless security, even beyond the boundaries

More information

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com VENDOR PROFILE Passlogix and Enterprise Secure Single Sign-On: A Success Story Sally Hudson IDC OPINION Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

More information

Case Study: University of Dayton and Novell Identity & Security Solutions Rick Wagner

Case Study: University of Dayton and Novell Identity & Security Solutions Rick Wagner Case Study: University of Dayton and Novell Identity & Security Solutions Rick Wagner Senior Product Manager, Security Management rwagner@novell.com University of Dayton Recognized by US News and World

More information

An Introduction to RSA envision The Information Log Management Platform for Security and Compliance Success. September, 2009

An Introduction to RSA envision The Information Log Management Platform for Security and Compliance Success. September, 2009 An Introduction to RSA envision The Information Log Management Platform for Security and Compliance Success September, 2009 Changing Threats and More Demanding Regulations External attacks Malicious insiders

More information

Oracle Identity And Access Management

<Insert Picture Here> Oracle Identity And Access Management Oracle Identity And Access Management Gautam Gopal, MSIST, CISSP Senior Security Sales Consultant Oracle Public Sector The following is intended to outline our general product direction.

More information

RSA Identity Management & Governance (Aveksa)

RSA Identity Management & Governance (Aveksa) RSA Identity Management & Governance (Aveksa) 1 RSA IAM Enabling trusted interactions between identities and information Access Platform Authentication Federation/SSO Employees/Partners/Customers Identity

More information

VULNERABILITY & COMPLIANCE MANAGEMENT SYSTEM

VULNERABILITY & COMPLIANCE MANAGEMENT SYSTEM VULNERABILITY & COMPLIANCE MANAGEMENT SYSTEM 2 REDUCE COSTS. IMPROVE EFFICIENCY. MANAGE RISK. MaxPatrol from Positive Technologies provides visibility and control of security compliance across your entire

More information

Unified Security Management

Unified Security Management Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy

More information

Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.

Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments. Security management solutions White paper IBM Tivoli and Consul: Facilitating security audit and March 2007 2 Contents 2 Overview 3 Identify today s challenges in security audit and compliance 3 Discover

More information

Current IBAT Endorsed Services

Current IBAT Endorsed Services Current IBAT Endorsed Services Managed Network Intrusion Prevention and Detection Service SecureWorks provides proactive management and real-time security event monitoring and analysis across your network

More information

Oracle Database Security Overview

<Insert Picture Here> Oracle Database Security Overview Oracle Database Security Overview Tammy Bednar Sr. Principal Product Manager tammy.bednar@oracle.com Data Security Challenges What to secure? Sensitive Data: Confidential, PII, regulatory

More information

Worldwide Security and Vulnerability Management 2009 2013 Forecast and 2008 Vendor Shares

Worldwide Security and Vulnerability Management 2009 2013 Forecast and 2008 Vendor Shares EXCERPT Worldwide Security and Vulnerability Management 2009 2013 Forecast and 2008 Vendor Shares IN THIS EXCERPT Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015

More information

Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration

Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration Horst Bliedung Director International Sales CEE Siemens IT Solutions and Services

More information

Unified Identity Management

Unified Identity Management Unified Identity Management Across Data Center, Cloud and Mobile Enterprise of Things = More Complexity DESKTOPS + MOBILE DATA CENTER APPS CLOUD (SaaS) by Red Hat + DATA CENTER SERVERS + CLOUD (IaaS &

More information

SAP Secure Operations Map. SAP Active Global Support Security Services May 2015

SAP Secure Operations Map. SAP Active Global Support Security Services May 2015 SAP Secure Operations Map SAP Active Global Support Security Services May 2015 SAP Secure Operations Map Security Compliance Security Governance Audit Cloud Security Emergency Concept Secure Operation

More information

SWOT Assessment: BeyondTrust Privileged Identity Management Portfolio

SWOT Assessment: BeyondTrust Privileged Identity Management Portfolio SWOT Assessment: BeyondTrust Privileged Identity Management Portfolio Analyzing the strengths, weaknesses, opportunities, and threats Publication Date: 11 Jun 2015 Product code: IT0022-000387 Andrew Kellett

More information

Corso: Supporting and Troubleshooting Windows 10 Codice PCSNET: MW10-3 Cod. Vendor: 10982 Durata: 5

Corso: Supporting and Troubleshooting Windows 10 Codice PCSNET: MW10-3 Cod. Vendor: 10982 Durata: 5 Corso: Supporting and Troubleshooting Windows 10 Codice PCSNET: MW10-3 Cod. Vendor: 10982 Durata: 5 Obiettivi Al termine del corso i partecipanti saranno in grado di: Descrivere i processi coinvolti nella

More information

Windows Least Privilege Management and Beyond

Windows Least Privilege Management and Beyond CENTRIFY WHITE PAPER Windows Least Privilege Management and Beyond Abstract Devising an enterprise-wide privilege access scheme for Windows systems is complex (for example, each Window system object has

More information

Tripwire Log Center PRODUCT BRIEF HIGH PERFORMANCE LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE

Tripwire Log Center PRODUCT BRIEF HIGH PERFORMANCE LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE PRODUCT BRIEF Tripwire Log Center HIGH PERFORMANCE LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE Enterprise organizations of all sizes need to achieve compliance with regulations and standards and

More information

Secure & Unified Identity

Secure & Unified Identity Secure & Unified Identity for End Users & Privileged Users Copyright 2015 Centrify Corporation. All Rights Reserved. 1 Identity at Center of Cyber Attacks PRIVILEGED USERS END USERS Copyright 2015 Centrify

More information

IBM Internet Security Systems products and services

IBM Internet Security Systems products and services Delivering preemptive security products and services IBM Internet Security Systems products and services Highlights Helps protect critical assets and reduce costs by preempting online threats Helps secure

More information

ManageEngine (division of ZOHO Corporation) www.manageengine.com. Infrastructure Management Solution (IMS)

ManageEngine (division of ZOHO Corporation) www.manageengine.com. Infrastructure Management Solution (IMS) ManageEngine (division of ZOHO Corporation) www.manageengine.com Infrastructure Management Solution (IMS) Contents Primer on IM (Infrastructure Management)... 3 What is Infrastructure Management?... 3

More information

TECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management

TECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management TECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management Table of Contents Executive Summary 1 SECTION 1: CHALLENGE 2 The Need for

More information

Enterprise Identity Management Reference Architecture

Enterprise Identity Management Reference Architecture Enterprise Identity Management Reference Architecture Umut Ceyhan Principal Sales Consultant, IDM SEE Agenda Introduction Virtualization Access Management Provisioning Demo Architecture

More information

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP belka@att.net Security Frameworks An Enterprise Approach to Security Robert Belka Frazier, CISSP belka@att.net Security Security is recognized as essential to protect vital processes and the systems that provide those

More information

CimTrak Technical Summary. DETECT All changes across your IT environment. NOTIFY Receive instant notification that a change has occurred

CimTrak Technical Summary. DETECT All changes across your IT environment. NOTIFY Receive instant notification that a change has occurred DETECT All changes across your IT environment With coverage for your servers, network devices, critical workstations, point of sale systems, and more, CimTrak has your infrastructure covered. CimTrak provides

More information

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform Managing Privileged Identities in the Cloud How Privileged Identity Management Evolved to a Service Platform Managing Privileged Identities in the Cloud Contents Overview...3 Management Issues...3 Real-World

More information

Ovation Security Center Data Sheet

Ovation Security Center Data Sheet Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations

More information

DirX Identity V8.5. Secure and flexible Password Management. Technical Data Sheet

DirX Identity V8.5. Secure and flexible Password Management. Technical Data Sheet Technical Data Sheet DirX Identity V8.5 Secure and flexible Password Management DirX Identity provides a comprehensive password management solution for enterprises and organizations. It delivers self-service

More information

CSN38:Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO

CSN38:Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO CSN38:Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO 2009 by Lieberman Software Corporation. Rev 20090921a Identity Management Definitions

More information

Enforcive / Enterprise Security

Enforcive / Enterprise Security TM Enforcive / Enterprise Security End to End Security and Compliance Management for the IBM i Enterprise Enforcive / Enterprise Security is the single most comprehensive and easy to use security and compliance

More information

Everything You Always Wanted to Know About Log Management But Were Afraid to Ask. August 21, 2013

Everything You Always Wanted to Know About Log Management But Were Afraid to Ask. August 21, 2013 Everything You Always Wanted to Know About Log Management But Were Afraid to Ask August 21, 2013 Logging and Log Management Logging and Log Management The authoritative Guide to Understanding the Concepts

More information

Security Solutions. MyDBA s. Security Solutions. For Databases. October 2012. Copyright 2012 MyDBA CC. Version 3

Security Solutions. MyDBA s. Security Solutions. For Databases. October 2012. Copyright 2012 MyDBA CC. Version 3 MyDBA s Security Solutions For Databases October 2012 Version 3 The Protection of Personal Information (POPI) Bill The Bill requires that: Anyone who processes personal information will need to take appropriate

More information

Simplified IT Compliance Frameworks to Reduce Costs and Strengthen Security

Simplified IT Compliance Frameworks to Reduce Costs and Strengthen Security Copyright 2008 EMC Corporation. All rights reserved. Simplified IT Compliance Frameworks to Reduce Costs and Strengthen Security Dave Simmons EMC Corporation Why is Information Security So Difficult? because

More information

Access Management Analysis of some available solutions

Access Management Analysis of some available solutions Access Management Analysis of some available solutions Enterprise Security & Risk Management May 2015 Authors: Yogesh Kumar Sharma, Kinshuk De, Dr. Sundeep Oberoi Access Management - Analysis of some available

More information

Trust but Verify: Best Practices for Monitoring Privileged Users

Trust but Verify: Best Practices for Monitoring Privileged Users Trust but Verify: Best Practices for Monitoring Privileged Users Olaf Stullich, Product Manager (olaf.stullich@oracle.com) Arun Theebaprakasam, Development Manager Chirag Andani, Vice President, Identity

More information

PROTECT YOUR WORLD. Identity Management Solutions and Services

PROTECT YOUR WORLD. Identity Management Solutions and Services PROTECT YOUR WORLD Identity Management Solutions and Services Discussion Points Security and Compliance Challenges Identity Management Architecture CSC Identity Management Offerings Lessons Learned and

More information

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

Copyright 2013, Oracle and/or its affiliates. All rights reserved. 1 Security Inside-Out with Oracle Database 12c Denise Mallin, CISSP Oracle Enterprise Architect - Security The following is intended to outline our general product direction. It is intended for information

More information