content-aware identity & access management in a virtual environment
|
|
- Allyson Curtis
- 8 years ago
- Views:
Transcription
1 WHITE PAPER Content-Aware Identity & Access Management in a Virtual Environment June 2010 content-aware identity & access management in a virtual environment Chris Wraight CA Security Management we can
2 table of contents executive summary SECTION 1 Virtual security challenges are more problematic 04 Virtualization technology allows it to respond and reduce operating costs 04 Physical security is well established 04 Virtualization technologies can be more difficult to secure than physical machines 04 Managing roles, identities, and applications 05 Controlling privileged users 05 Data sprawl grows rapidly 06 Inadequate auditing hampers compliance 06 SECTION 2 Protecting the virtual environment 06 SECTION 3 CA Content-Aware IAM provides superior protection 08 Seamlessly secure physical and virtual environments 08 Control identities 08 Control access 08 Control information 09 Verify control 09 SECTION 4 Conclusions 10 SECTION 5 References 10 SECTION 6 About the author 10
3 executive summary Challenge The identity and access management challenges that exist in the physical world identity management, application security, access control, managing sensitive data, user activity logging, and compliance reporting are even more critical in the virtual environments that are growing in use as IT seeks to streamline its operations and reduce operating costs. In fact, in a virtual environment, the security challenges multiply rapidly and introduce new risks. Where an organization might have had a single application server, in a virtual environment they could see that quickly evolve to thirty servers. How can security be maintained, not only on a physical machine, but also on the virtual machines it hosts, and the applications running on those virtual machines? And how easy is it for an organization to manage this from a central location? Opportunity Organizations have begun to quickly adopt virtualization technology to help them streamline their operations and reduce operating costs. Recognizing that their exposure to security risks is increased due to the nature of the virtualization environment, IT should seek to extend their security solutions from the physical server environment to the virtualization environment as seamlessly as possible. In an ideal situation, the organization should be able to manage both environments from a single location with the same software solutions. Benefits CA Content-Aware IAM solutions that help protect our customers in the physical world seamlessly extend to similarly protect virtual environments by controlling identities, access, and information usage. Key benefits of the solutions in a virtual environment include privileged user management of virtual administrators, fine-grained access controls on virtual hosts and guests, enhanced user activity and compliance reporting in virtual environments, sensitive data discovery on virtualized systems, and extension of identity and access management capabilities to virtual systems and applications. 03
4 Section 1: Virtual security challenges are more problematic Virtualization technology allows IT to respond and reduce operating costs IT s increased use of virtualization technology is due to the benefits of streamlined operations and reduced operating costs. But in a virtual environment, the security challenges multiply rapidly and introduce new risks. Where an organization might have had a single application server, they could see that quickly evolve to thirty servers. How can security be maintained, not only on a physical machine, but also on the virtual machines it hosts, and the applications running on those virtual machines? And how can an organization control and manage this from a central location? As an example, a Fortune 50 company takes up to six months to deliver a server to their internal customer, which is five months and three weeks too long for them to remain competitive. By using virtualization technology, they expect to reduce that interval to five business days. From an operating cost perspective, by using virtualization technology, IT can approach 100% utilization of a physical server. In return, they may reduce physical space requirements, which, in turn, may also reduce their real estate, personnel, bandwidth, and HVAC costs. Physical security is well established Over the past fifty years, security for physical IT operations has become well established. Whether the security involves controlling physical access to a server (e.g. rack-mounted server cages) or identity management software, rules, processes, and best practices have been established. Security software has evolved to provide IT with the right tools to manage the physical environment. In addition to identity management, application security, access control, information control, user activity logging, and reporting are all solutions being used effectively today. Virtualization technologies can be more difficult to secure than physical machines Regardless of whether it is a physical or virtual environment, the need for complete security management remains. According to Gartner, through 2012, 60% of virtualized servers will be less secure than the physical servers they replace, dropping to 30% by YE Meeting compliance regulations, managing and governing identities, controlling access, as well as finding, classifying, and controlling how information is used, are the biggest challenges facing IT as they migrate to virtual environments. Virtualization technologies enable the execution of multiple operating system instances, or virtual machines (VMs), on the same physical piece of hardware. Each VM functions as if it were its own physical machine with a dedicated operating system and hosted applications. The layer within the virtualization platform that enables hardware resource sharing among VMs is called the hypervisor. When we want to identify the risks of virtualization, we first need to understand how virtualization is different from traditional physical environments. In the physical server environment, native operating system security does not provide protection for mission-critical data and resources at the level needed to meet regulatory compliance and security best practices, and this carries over to the virtualization environment. The virtualization host becomes more critical as it hosts many virtual machines not 04
5 only one. The hypervisor serves as a single management point to all VM images and control over many critical services, creating a vulnerability leverage point. A person with hypervisor access is analogous to a root user in the UNIX world; this person can do anything to any of the hosted machines. Compromising the hypervisor to download an image or introduce a rogue VM is equivalent to bypassing physical security to break into a server room in order to steal a machine or introduce an unauthorized machine to the data center. Virtualization management applications can be bypassed and the hosting operating system or virtualization console can be accessed directly by privileged users. We used to have servers stacked away in our server room with tight physical controls in place to control access to the boxes. In a virtual environment, servers are files that can be copied from the Host. Copying a server image is equivalent to stealing a server from the server room. Furthermore, machine memory can be accessed from the hypervisor, compromising transmitted information like passwords and encryption keys. So, safeuarding access to the virtualization host even remote access is critical. The modern virtual data center is highly distributed, unlike the traditional mainframe. Risks that were previously mitigated using physical security must now be handled by IT security. Managing roles, identities, and applications If identities are not well managed in the physical world, then attempting to implement a virtual environment will exacerbate the identity and access problems that exist today. Using software to clearly define and manage users and roles is what many companies do today. This then coordinates with an identity management solution to confirm that users are only granted the appropriate privileges. If not managed properly, uncontrolled, overprivileged users will be able to wreak havoc on a greater number of systems and applications in a virtual environment. On the other side of the security spectrum is the need to manage secure access to applications, by users as well as other applications or services. In a virtualized environment, application servers will come online and go offline as computing demands ebb and flow. A scalable access management platform to provide proper fine-grained access controls needs to be in place before virtualization of many applications can take place. This enables organizations to leverage a reliable and secure platform for both the physical and virtual environments. Controlling privileged users Normal users are identified and controlled by the operating system and application security. They may make mistakes or attempt misuse; however, provided the controls are correctly set, they should not be able to breach confidentiality or damage the system. The privileged user has elevated privileges on the servers. The privileged user s access is not controlled by the operating system security, and his/her username and/or password is typically shared between administrators, making him/her mostly anonymous. Virtualization makes the problem worse. The administrator not only has leverage over the physical host, but also all of the virtual sessions running on it. He/She can also have access to sensitive data and have an impact on business continuity. Without an independent access control solution, multiple privileged users in various roles have the ability to interact with numerous components of a virtualization deployment. This inadequately regulated access to the hypervisor presents the potential for significant damage to the enterprise through the compromise of valuable information 05
6 and disruption of critical services. VM images can be copied, along with the data and applications that they hold. These images can be brought back online on an unsecured network, making it easier for an intruder to access the contents managed within the copied image. A well-meaning developer at a large insurance company made a clone of a production VM and launched it in a QA environment. The company had no controls on access, so the developer was allowed free access to QA, Development, and Production environments. When he turned on the copy of the system, the machine behaved as though it was in production. The developer ran some claims scenarios in order to test functionality, and didn t realize that the system was actually cutting checks and kicking off the process to mail the checks to customers. One customer received two checks for a claim that was already in process and called to ask about which one should be cashed; this was the way the company found out what was occurring. This is the nightmare scenario for many IT organizations. Data sprawl grows rapidly As virtualized servers grow, so too does the amount of sensitive company data residing on them. Personal medical files, proprietary product plans, employee records, and credit card data is information that needs to be located and prevented from leaving the organization. How can an organization keep track of this information, especially if VMs may come online and go offline? Inadequate auditing hampers compliance Given the leverage the virtualization platform has on the stability of the entire data center and on the integrity of the data it manages, it must be viewed as critical infrastructure. As a result, the virtualization platform is subject to tight regulatory requirements. Organizations must track the interaction that each user has with the virtualization platform and within each of the VMs it hosts. However, native audit capabilities provided by operating systems are too coarse to be effective and are vulnerable to tampering and to snapshot manipulation. Auditors, until lately have not been virtualization savvy, and virtualization audit issues haven t yet been regularly flagged. But this is changing, as seen by the recent updates to various common regulations such as PCI. Access to the hosting operating system must be tracked and audited to prove controls have maintained its integrity and effectiveness. Similarly, within each VM, access gained to each guest operating system is subject to the same regulatory compliance requirements. Section 2: Protecting the virtual environment IT organizations have begun to quickly adopt virtualization technology to help them streamline their operations and reduce operating costs. Recognizing that their exposure to security risks is increased due to the nature of the virtualization environment, IT should seek to move their security solutions from the physical server environment to the virtualization environment as seamlessly as possible. In an ideal situation, the organization should be able to manage both environments from a single location and extend software solutions used in the physical world. Identity and access management solutions are critical to confirming that systems and applications are well managed and controlled. 06
7 The authorized people and security processes that have already been defined should be leveraged to secure and manage the virtual environment. As seen in Figure 1, a content-aware identity and access management solution encompasses several areas. To the left, role and access policy management are outside the virtual server; this solution is defining the various roles of users that are going to be accessing the virtual machines (VMs). On the right, system and application access is being brokered by security software. The applications will be running on the VMs, e.g., a database, ERP, etc. Sometimes this software will also run on a VM as well and it could occasionally be offline. In the middle are the virtual systems and applications. Here, multiple VMs will run an assortment of applications that are critical to the business. They can be running all the time, or just when demand requires. A privileged user management application, along with fine-grained access control, will control privileged users what they can and cannot do both getting to a VM in the first place, or an application running in the VM itself. Compliance reporting will collect activity from all the logs in the environment. As with other areas, the VM could be offline and must be accounted for even though it is not active. As soon as the VM comes online, it needs to be able to begin logging user activity. Information protection facilitates the management of the data sprawl that accompanies VM sprawl so that it remains under control, and sensitive company information can be identified and prevented from leaving the organization via unauthorized means. Figure 1 A content-aware identity & access management virtual environment 07
8 Section 3: CA Content-Aware IAM provides superior control Seamlessly secure physical and virtual environments CA Content-Aware IAM solutions helps organizations control identities, control access, and control information use across their entire environment. These solutions provide protection in the physical world and seamlessly extend to protect virtual environments by controlling identities, access, and information usage, and providing compliance reporting. Key benefits of the solutions in a virtual environment include privileged user management of virtual administrators, fine-grained access controls on virtual hosts and guests, enhanced user activity and compliance reporting in virtual environments, sensitive data discovery on virtualized systems, and extension of identity and access management to virtual systems and applications. Control identities CA Identity Manager provides an integrated identity administration solution, serving as the foundation for user provisioning, self-service requests, and other key processes. With the growing number and types of users requiring access to critical applications, the line between privileged and unprivileged users is not always clear. A robust provisioning solution like CA Identity Manager will allow you to keep better control of all your users, documenting who requested and authorized entitlements and privileges and why they did so. By implementing a workflow-based policy for approvals, you can confirm that users get what they need to do their jobs effectively and efficiently, within the boundaries of corporate policies. CA Role & Compliance Manager is designed to remove the fire drill from your security and compliance initiatives by automating identity governance processes and providing continuous identity controls. Given the heightened security risk associated with virtualization, it becomes more critical to validate that user access to these environments is appropriate through periodic certification or attestation. CA Role & Compliance Manager automates these processes while checking security policies, such as segregation of duties, to highlight violations to business managers or resource owners during certification. Proper identity controls minimize the risk of unauthorized users accessing virtualized systems and applications. Strong governance processes and controls give organizations the confidence needed to leverage virtualization. Control access With advanced security management capabilities and enterprise-class site administration, CA SiteMinder provides the centralized security management your organization needs to authenticate users and control access to web applications and portals regardless of whether they are on physical or virtual servers. This robust solution addresses the critical need for automated tools that can centrally manage your web users and their access to web applications, portals, and services. As new virtual applications come online, CA SiteMinder transfers the SSO experience from physical servers to the virtualization environment by bringing them under a single authentication and authorization platform and removes the need to develop new security mechanisms for virtualized applications. 08
9 CA Access Control (AC) provides the critical layer of protection needed to help effectively protect virtualization platforms. AC operates independently both at the application level and at the operating system level. By enforcing and proving proper administrator access, AC helps protect mission-critical information and services running in the virtual data center. AC protects virtualization deployments at multiple levels: the core console of a hypervisor, operating systems implementing OS-based virtualization, privileged partitions managing hypervisor-based virtualization, and the critical resources in VMs running on all of the above. Support of a wide range of operating systems and virtualization platforms (VMWare, Xen, Hyper-V, etc.) makes Access Control ideal for protecting VMs, especially in a heterogeneous environment. Access Control also allows you to protect privileged users across the IT environments beyond the virtualization host itself on databases, network devices, and applications. It also helps simplify user management by consolidating it under a single authoritative source across all operating systems. Control information The CA DLP solution includes a robust and integrated set of products that help organizations manage the risk of uncontrolled information use and prevent data loss as data sprawls onto virtual systems. The CA DLP solution is a scalable, highly accurate, and cost-effective offering that is designed to protect and control data-in-motion on the network and in the messaging system, data-in-use at the endpoint, and data-at-rest on physical or virtual servers and repositories across the enterprise. By leveraging a single set of policies, a unified management platform CA DLP can find and protect sensitive (e.g., social security numbers) and valuable (e.g., intellectual property) information stored and transmitted throughout the organization. Verify control CA Enterprise Log Manager provides user activity and compliance reporting for identity, access, and data usage across physical, virtual, and cloud environments. It verifies security controls and streamlines reporting and investigation of user and resource access activities to help accelerate and simplify compliance and improve efficiencies. When the auditors ask, IT must be able to easily create and provide reports that track any or all entitlements provisioned, including the time, reason, and persons who approved and provisioned them. Likewise, they must also demonstrate when users were deprovisioned following the end of a contract or termination. Deployed as a virtual soft appliance, CA Enterprise Log Manager can be up and running quickly, providing predefined and easy-to-customize reports covering all user activities, including those from hypervisors. It supports commonly used virtualization platforms, including VMware, Citrix, Microsoft, and Cisco, and provides broad coverage across virtual servers, network, storage, and management systems. The results can include rapid time-to-value, better visibility of user activity, and simplified reporting and analysis of virtualization hosts and guests. 09
10 Section 4: Conclusions The rapid growth of virtualization technology shows no sign of abating, as the potential benefits to IT such as streamlining operations and reducing operating costs are real and significant. Yet IT must recognize that the virtualization environment itself creates new security issues, issues that are best addressed with a comprehensive content-aware identity and access management solution. CA Technologies provides a robust set of identity and access management solutions that can improve security and simplify compliance in both physical and virtualized environments. Section 5: References Securing Virtualized Environments & Accelerating Cloud Computing, white paper by Nimrod Vax. Identity and Access Management for the Cloud: CA s Strategy and Vision CA s Solution for Cloud Security Section 6: About the author Chris Wraight has spent 25+ years in the technology world in various positions of product management, marketing, and sales. He is currently working on the Access Control security solution in CA Technologies Security Management business. Chris has a B.S. in Management with Computer Applications from WPI. 1 Gartner Research Report Addressing the Most Common Security Risks in Data Center Virtualization Projects, N. MacDonald, 25 January 2010, #G Copyright 2010 CA. All rights reserved. All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies. This document is for your informational purposes only. CA assumes no responsibility for the accuracy or completeness of the information. To the extent permitted by applicable law, CA provides this document as is without warranty of any kind, including, without limitation, any implied warranties of merchantability, fitness for a particular purpose, or noninfringement. In no event will CA be liable for any loss or damage, direct or indirect, from the use of this document, including, without limitation, lost profits, business interruption, goodwill, or lost data, even if CA is expressly advised in advance of the possibility of such damages
managing the risks of virtualization
managing the risks of virtualization Chris Wraight CA Technologies 28 February 2011 Session Number 8951 abstract Virtualization opens the door to a world of opportunities and well managed virtualization
More informationsecuring virtualized environments and accelerating cloud computing
WHITE PAPER Securing Virtualized Environments and Accelerating Cloud Computing May 2010 securing virtualized environments and accelerating cloud computing Nimrod Vax CA Security Management we can table
More informationCA Technologies Healthcare security solutions:
CA Technologies Healthcare security solutions: Protecting your organization, patients, and information agility made possible Healthcare industry imperatives Security, Privacy, and Compliance HITECH/HIPAA
More informationHow can Content Aware Identity and Access Management give me the control I need to confidently move my business forward?
SOLUTION BRIEF Content Aware Identity and Access Management May 2010 How can Content Aware Identity and Access Management give me the control I need to confidently move my business forward? we can CA Content
More informationhow can I comprehensively control sensitive content within Microsoft SharePoint?
SOLUTION BRIEF Information Lifecycle Control for Sharepoint how can I comprehensively control sensitive content within Microsoft SharePoint? agility made possible CA Information Lifecycle Control for SharePoint
More informationCA SiteMinder SSO Agents for ERP Systems
PRODUCT SHEET: CA SITEMINDER SSO AGENTS FOR ERP SYSTEMS CA SiteMinder SSO Agents for ERP Systems CA SiteMinder SSO Agents for ERP Systems help organizations minimize sign-on requirements and increase security
More informationSOLUTION BRIEF Improving SAP Security With CA Identity and Access Management. improving SAP security with CA Identity and Access Management
SOLUTION BRIEF Improving SAP Security With CA Identity and Access Management improving SAP security with CA Identity and Access Management The CA Identity and Access Management (IAM) suite can help you
More informationDeployment Options for Microsoft Hyper-V Server
CA ARCserve Replication and CA ARCserve High Availability r16 CA ARCserve Replication and CA ARCserve High Availability Deployment Options for Microsoft Hyper-V Server TYPICALLY, IT COST REDUCTION INITIATIVES
More informationaccelerating time to value in Microsoft Hyper-V environments
SOLUTION BRIEF accelerating time to value in Microsoft Hyper-V environments 01 CA Technologies 30-year partnership with Microsoft uniquely positions us to help you exceed your Microsoft virtual and cloud
More informationCA Virtual Assurance for Infrastructure Managers
DATA SHEET CA Virtual Assurance for Infrastructure Managers (Includes CA Systems Performance for Infrastructure Managers) CA Virtual Assurance for Infrastructure Managers (formerly CA Virtual Performance
More informationCA ControlMinder for Virtual Environments May 2012
FREQUENTLY ASKED QUESTIONS May 2012 Top Ten Questions 1. What is?... 2 2. What are the key benefits of?... 2 3. What are the key capabilities of?... 2 4. Does this release include anything from the recently
More informationhow can I virtualize my mission-critical servers while maintaining or improving security?
SOLUTION BRIEF Securing Virtual Environments how can I virtualize my mission-critical servers while maintaining or improving security? agility made possible CA ControlMinder for Virtual Environments provides
More informationsolution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service?
solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service? provides identity and access management capabilities as a hosted cloud service. This allows you to quickly
More informationCA point of view: Content-Aware Identity & Access Management
TECHNOLOGY BRIEF CA Point of View: Content-Aware Identity and Access Management March 2011 CA point of view: Content-Aware Identity & Access Management table of contents EXECUTIVE SUMMARY SECTION 1 Challenge
More informationSOLUTION BRIEF SEPTEMBER 2014. Healthcare Security Solutions: Protecting your Organization, Patients, and Information
SOLUTION BRIEF SEPTEMBER 2014 Healthcare Security Solutions: Protecting your Organization, Patients, and Information SOLUTION BRIEF CA DATABASE MANAGEMENT FOR DB2 FOR z/os DRAFT 94% of healthcare organizations
More informationUnderstanding Enterprise Cloud Governance
Understanding Enterprise Cloud Governance Maintaining control while delivering the agility of cloud computing Most large enterprises have a hybrid or multi-cloud environment comprised of a combination
More informationIdentity and Access Management for the Cloud
Identity and Access Management for the Cloud What you need to know about managing access to your clouds Organizations need to control who has access to which systems and technology within the enterprise.
More informationidentity as the new perimeter: securely embracing cloud, mobile and social media agility made possible
identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible IT transformation and evolving identities A number of technology trends, including cloud, mobility,
More informationIBM Security Privileged Identity Manager helps prevent insider threats
IBM Security Privileged Identity Manager helps prevent insider threats Securely provision, manage, automate and track privileged access to critical enterprise resources Highlights Centrally manage privileged
More informationTECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management
TECHNOLOGY BRIEF: INTEGRATED IDENTITY AND ACCESS MANAGEMENT (IAM) An Integrated Architecture for Identity and Access Management Table of Contents Executive Summary 1 SECTION 1: CHALLENGE 2 The Need for
More informationSOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite
SOLUTION BRIEF Enterprise Mobility Management Critical Elements of an Enterprise Mobility Management Suite CA Technologies is unique in delivering Enterprise Mobility Management: the integration of the
More informationLogging and Alerting for the Cloud
Logging and Alerting for the Cloud What you need to know about monitoring and tracking across your enterprise The need for tracking and monitoring is pervasive throughout many aspects of an organization:
More informationIdentity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control
Identity and Access Management (IAM) Across Cloud and On-premise Environments: Best Practices for Maintaining Security and Control agility made possible Enterprises Are Leveraging Both On-premise and Off-premise
More informationCA Virtual Assurance for Infrastructure Managers
PRODUCT SHEET: CA Virtual Assurance for Infrastructure Managers CA Virtual Assurance for Infrastructure Managers agility made possible CA Virtual Assurance for Infrastructure Managers is an add-on product
More informationSecurely Outsourcing to the Cloud: Five Key Questions to Ask
WHITE PAPER JULY 2014 Securely Outsourcing to the Cloud: Five Key Questions to Ask Russell Miller Tyson Whitten CA Technologies, Security Management 2 WHITE PAPER: SECURELY OUTSOURCING TO THE CLOUD: FIVE
More informationMANAGED SERVICE PROVIDERS SOLUTION BRIEF
MANAGED SERVICE PROVIDERS SOLUTION BRIEF The Assured Recovery Services Platform The data protection world has drastically changed in the past few years. Protection and recovery of data and systems has
More informationcan you effectively plan for the migration and management of systems and applications on Vblock Platforms?
SOLUTION BRIEF CA Capacity Management and Reporting Suite for Vblock Platforms can you effectively plan for the migration and management of systems and applications on Vblock Platforms? agility made possible
More information10 Steps to Establishing an Effective Email Retention Policy
WHITE PAPER: 10 STEPS TO EFFECTIVE EMAIL RETENTION 10 Steps to Establishing an Effective Email Retention Policy JANUARY 2009 Eric Lundgren INFORMATION GOVERNANCE Table of Contents Executive Summary SECTION
More informationReal-Time Security for Active Directory
Real-Time Security for Active Directory Contents The Need to Monitor and Control Change... 3 Reducing Risk and Standardizing Controls... 3 Integrating Change Monitoring... 4 Policy Compliance... 4 The
More informationSecuring Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption
THE DATA PROTECTIO TIO N COMPANY Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption whitepaper Executive Summary Long an important security measure, encryption has
More informationCA Automation Suite for Data Centers
PRODUCT SHEET CA Automation Suite for Data Centers agility made possible Technology has outpaced the ability to manage it manually in every large enterprise and many smaller ones. Failure to build and
More informationsolution brief September 2011 Can You Effectively Plan For The Migration And Management of Systems And Applications on Vblock Platforms?
solution brief September 2011 Can You Effectively Plan For The Migration And Management of Systems And Applications on Vblock Platforms? CA Capacity Management and Reporting Suite for Vblock Platforms
More informationLeveraging Privileged Identity Governance to Improve Security Posture
Leveraging Privileged Identity Governance to Improve Security Posture Understanding the Privileged Insider Threat It s no secret that attacks on IT systems and information breaches have increased in both
More informationCA Capacity Manager. Product overview. agility made possible
PRODUCT SHEET: CA Capacity Manager agility made possible CA Capacity Manager Business stakeholders demand application performance in support of their business goals. IT executives must deliver that service
More informationSOLUTION BRIEF BIG DATA MANAGEMENT. How Can You Streamline Big Data Management?
SOLUTION BRIEF BIG DATA MANAGEMENT How Can You Streamline Big Data Management? Today, organizations are capitalizing on the promises of big data analytics to innovate and solve problems faster. Big Data
More informationagility made possible
SOLUTION BRIEF CA Private Cloud Accelerator for Vblock Platforms how quickly can your private cloud support the increasing demand for business services and accelerate time-to-value for your Vblock platforms
More informationSecuring Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits
A Clear View of Challenges, Solutions and Business Benefits Introduction Cloud environments are widely adopted because of the powerful, flexible infrastructure and efficient use of resources they provide
More informationSolving the Security Puzzle
Solving the Security Puzzle How Government Agencies Can Mitigate Today s Threats Abstract The federal government is in the midst of a massive IT revolution. The rapid adoption of mobile, cloud and Big
More informationagility made possible
SOLUTION BRIEF CA Technologies and NetApp Integrated Service Automation Across the Data Center can you automate the provisioning and management of both virtual and physical resources across your data center
More information20 Critical Security Controls
WHITE PAPER June 2012 20 Critical Security Controls How CA Technologies can help federal agencies automate compliance processes Philip Kenney CA Security Management Table of Contents Executive Summary
More informationagility made possible
SOLUTION BRIEF Mainframe Software Rationalization Program want to reduce costs and rationalize your mainframe software change management environment? agility made possible CA Endevor Software Change Manager
More informationTECHNOLOGY BRIEF: PREVENTING UNAUTHORISED ACCESS TO CRITICAL SYSTEMS AND DATA. Colruyt ensures data privacy with Identity & Access Management.
TECHNOLOGY BRIEF: PREVENTING UNAUTHORISED ACCESS TO CRITICAL SYSTEMS AND DATA Colruyt ensures data privacy with Identity & Access Management. Table of Contents Executive Summary SECTION 1: CHALLENGE 2
More informationHow Can Central IT Use Cloud Technologies to Revolutionize Remote Store Operation?
SOLUTION BRIEF CA APPLOGIC CLOUD PLATFORM FOR ENTERPRISE How Can Central IT Use Cloud Technologies to Revolutionize Remote Store Operation? agility made possible CA AppLogic combines applications, virtual
More informationCA Compliance Manager for z/os
PRODUCT SHEET CA Compliance Manager for z/os CA Compliance Manager for z/os CA Compliance Manager for z/os (CA Compliance Manager) provides your organization with a single source for real-time, compliancerelated
More informationHow To Protect Your Cloud From Attack
A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to
More informationSOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. How Can I Both Enable and Protect My Organization in the New Application Economy?
SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY How Can I Both Enable and Protect My Organization in the New Application Economy? CA Security solutions can help you enable and protect your business
More informationIBM Data Security Services for endpoint data protection endpoint data loss prevention solution
Automating policy enforcement to prevent endpoint data loss IBM Data Security Services for endpoint data protection endpoint data loss prevention solution Highlights Facilitate policy-based expertise and
More informationGovernance and Control of Privileged Identities to Reduce Risk
WHITE PAPER SEPTEMBER 2014 Governance and Control of Privileged Identities to Reduce Risk Merritt Maxim CA Security Management 2 WHITE PAPER: PRIVILEGED IDENTITY GOVERNANCE Table of Contents Executive
More informationhow can I improve performance of my customer service level agreements while reducing cost?
SOLUTION BRIEF CA Business Service Insight for Service Level Management how can I improve performance of my customer service level agreements while reducing cost? agility made possible By automating service
More informationdefending against advanced persistent threats: strategies for a new era of attacks agility made possible
defending against advanced persistent threats: strategies for a new era of attacks agility made possible security threats as we know them are changing The traditional dangers IT security teams have been
More informationCA Systems Performance for Infrastructure Managers
PRODUCT SHEET: CA Systems Performance for Infrastructure Managers agility made possible CA Systems Performance for Infrastructure Managers CA Systems Performance for Infrastructure Managers is an add-on
More informationDatacenter Management and Virtualization. Microsoft Corporation
Datacenter Management and Virtualization Microsoft Corporation June 2010 The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the
More informationSOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY. Identity-centric Security: The ca Securecenter Portfolio
SOLUTION BRIEF CA TECHNOLOGIES IDENTITY-CENTRIC SECURITY Identity-centric Security: The ca Securecenter Portfolio How can you leverage the benefits of cloud, mobile, and social media, while protecting
More informationcan you improve service quality and availability while optimizing operations on VCE Vblock Systems?
SOLUTION BRIEF Service Assurance Solutions from CA Technologies for VCE Vblock Systems can you improve service quality and availability while optimizing operations on VCE Vblock Systems? agility made possible
More informationCA CMDB Connector for z/os version 2.0
PRODUCT SHEET CA CMDB Connector for z/os version 2.0 CA CMDB Connector for z/os version 2.0 CA CMDB Connector for z/os is the final piece in the puzzle to create an enterprise CMDB, providing you the ability
More informationcan I customize my identity management deployment without extensive coding and services?
SOLUTION BRIEF Connector Xpress and Policy Xpress Utilities in CA IdentityMinder can I customize my identity management deployment without extensive coding and services? agility made possible You can.
More informationWhite paper September 2009. Realizing business value with mainframe security management
White paper September 2009 Realizing business value with mainframe security management Page 2 Contents 2 Executive summary 2 Meeting today s security challenges 3 Addressing risks in the mainframe environment
More informationLogicalis delivers low-risk, cost-effective cloud computing services with CA Technologies
CUSTOMER SUCCESS STORY Logicalis delivers low-risk, cost-effective cloud computing services with CA Technologies CUSTOMER PROFILE Industry: IT services Organisation: Logicalis Employees: 1,900 Revenue:
More informationCA ARCserve Replication and High Availability Deployment Options for Hyper-V
Solution Brief: CA ARCserve R16.5 Complexity ate my budget CA ARCserve Replication and High Availability Deployment Options for Hyper-V Adding value to your Hyper-V environment Overview Server virtualization
More informationSOLUTION BRIEF CA Cloud Compass how do I know which applications and services to move to private, public and hybrid cloud? agility made possible
SOLUTION BRIEF CA Cloud Compass how do I know which applications and services to move to private, public and hybrid cloud? agility made possible You don t. But you can get complete visibility to the cloud
More informationEnterprise Report Management CA View, CA Deliver, CA Dispatch, CA Bundl, CA Spool, CA Output Management Web Viewer
PRODUCT FAMILY SHEET Enterprise Report Management Enterprise Report Management CA View, CA Deliver, CA Dispatch, CA Bundl, CA Spool, CA Output Management Web Viewer CA Technologies provides leading software
More informationCA Server Automation. Overview. Benefits. agility made possible
PRODUCT SHEET: CA Server Automation CA Server Automation agility made possible CA Server Automation is an integrated data center management solution that automates provisioning, patching, and configuration
More informationIntroducing Arcserve Unified Data Protection
Introducing Arcserve Unified Data Protection Arcserve UDP is based on a next generation unified architecture for both virtual and physical environments. Its unmatched breadth, ease of use, and Assured
More informationCA NSM System Monitoring Option for OpenVMS r3.2
PRODUCT SHEET CA NSM System Monitoring Option for OpenVMS CA NSM System Monitoring Option for OpenVMS r3.2 CA NSM System Monitoring Option for OpenVMS helps you to proactively discover, monitor and display
More informationagility made possible
SOLUTION BRIEF CA IT Asset Manager how can I manage my asset lifecycle, maximize the value of my IT investments, and get a portfolio view of all my assets? agility made possible helps reduce costs, automate
More informationProtectV. Securing Sensitive Data in Virtual and Cloud Environments. Executive Summary
VISIBILITY DATA GOVERNANCE SYSTEM OS PARTITION UNIFIED MANAGEMENT CENTRAL AUDIT POINT ACCESS MONITORING ENCRYPTION STORAGE VOLUME POLICY ENFORCEMENT ProtectV SECURITY SNAPSHOT (backup) DATA PROTECTION
More informationAccess to easy-to-use tools that reduce management time with Arcserve Backup
Access to easy-to-use tools that reduce management time with Arcserve Backup In business, evolution is constant. Staff grows. New offices spring up. New applications are being implemented, and typically,
More informationCA Chorus for Security and Compliance Management Deep Dive
Mainframe Optimization and Modernization CA Chorus for Security and Compliance Management Deep Dive Maddalena Tosoni Principal Engineering Services Architect CA Chorus Recap Improve Staff Efficiency CA
More informationProtecting Data with a Unified Platform
Protecting Data with a Unified Platform The Essentials Series sponsored by Introduction to Realtime Publishers by Don Jones, Series Editor For several years now, Realtime has produced dozens and dozens
More informationBeyond Passwords: A Fine-Grained Approach to Privileged Identity Management
WHITE PAPER January 2013 Beyond Passwords: A Fine-Grained Approach to Privileged Identity Management Russell Miller Security Management / CA Technologies Table of Contents Executive Summary 3 Section 1:
More informationCA Technologies Solutions for Criminal Justice Information Security Compliance
WHITE PAPER OCTOBER 2014 CA Technologies Solutions for Criminal Justice Information Security Compliance William Harrod Advisor, Public Sector Cyber-Security Strategy 2 WHITE PAPER: SOLUTIONS FOR CRIMINAL
More informationexpanding web single sign-on to cloud and mobile environments agility made possible
expanding web single sign-on to cloud and mobile environments agility made possible the world of online business is rapidly evolving In years past, customers once tiptoed cautiously into the realm of online
More informationCan I customize my identity management deployment without extensive coding and services?
SOLUTION BRIEF CONNECTOR XPRESS AND POLICY XPRESS UTILITIES IN CA IDENTITY MANAGER Can I customize my identity management deployment without extensive coding and services? SOLUTION BRIEF CA DATABASE MANAGEMENT
More informationare you managing your virtual and physical servers as part of your underlying infrastructure?
SOLUTION BRIEF CA Infrastructure Management are you managing your virtual and physical servers as part of your underlying infrastructure? agility made possible is the basis of a comprehensive solution
More informationBest Practices: Modeling Virtual Environments in SPECTRUM
WHITE PAPER: MODELING VIRTUAL ENVIRONMENTS IN SPECTRUM Best Practices: Modeling Virtual Environments in SPECTRUM JANUARY 2009 Roger Nason CA SPECTRUM SUPPORT Table of Contents Executive Summary 1 SECTION
More informationSallie Mae slashes change management costs and complexity with CA SCM
CUSTOMER SUCCESS STORY Sallie Mae slashes change management costs and complexity with CA SCM CUSTOMER PROFILE Industry: Financial services Company: Sallie Mae Customers: 23 million Student loan portfolio:
More informationCA Spectrum and CA Embedded Entitlements Manager
CA Spectrum and CA Embedded Entitlements Manager Integration Guide CA Spectrum Release 9.4 - CA Embedded Entitlements Manager This Documentation, which includes embedded help systems and electronically
More informationAddressing the United States CIO Office s Cybersecurity Sprint Directives
RFP Response Addressing the United States CIO Office s Cybersecurity Sprint Directives How BeyondTrust Helps Government Agencies Address Privileged Account Management and Improve Security July 2015 Addressing
More informationHow To Manage A Privileged Account Management
Four Best Practices for Passing Privileged Account Audits October 2014 1 Table of Contents... 4 1. Discover All Privileged Accounts in Your Environment... 4 2. Remove Privileged Access / Implement Least
More informationCA arcserve r16.5 Hybrid data protection
CA arcserve r16.5 Hybrid data protection Whether you re protecting the data center, remote offices or desktop resources, you need a solution that helps you meet today s demanding service-level agreements
More informationCA arcserve Unified Data Protection virtualization solution Brief
CA arcserve Unified Data Protection virtualization solution Brief Server and desktop virtualization have become very pervasive in most organizations, and not just in the enterprise. Everybody agrees that
More informationWhite paper December 2008. Addressing single sign-on inside, outside, and between organizations
White paper December 2008 Addressing single sign-on inside, outside, and between organizations Page 2 Contents 2 Overview 4 IBM Tivoli Unified Single Sign-On: Comprehensively addressing SSO 5 IBM Tivoli
More informationAccess Control In Virtual Environments
In Virtual Environments A FoxT White Paper Rapid growth in the use of virtualization tools means system administrators are now able to isolate processes in exclusive run-time environments. While helping
More informationAuthentication Strategy: Balancing Security and Convenience
Authentication Strategy: Balancing Security and Convenience Today s Identity and Access Security Strategies Are Being Driven by Two Critical Imperatives: Enable business growth by: Quickly deploying new
More informationOvercoming Security Challenges to Virtualize Internet-facing Applications
Intel IT IT Best Practices Cloud Security and Secure ization November 2011 Overcoming Security Challenges to ize Internet-facing Applications Executive Overview To enable virtualization of Internet-facing
More informationProduct overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities
PRODUCT SHEET: CA SiteMinder CA SiteMinder we can CA SiteMinder provides a centralized security management foundation that enables the secure use of the web to deliver applications and cloud services to
More informationNetop Remote Control Security Server
A d m i n i s t r a t i o n Netop Remote Control Security Server Product Whitepaper ABSTRACT Security is an important factor when choosing a remote support solution for any enterprise. Gone are the days
More informationnext generation architecture created to safeguard in virtual & physical environments to deliver comprehensive UNIFIED DATA PROTECTION SOLUTION BRIEF
next generation architecture created to safeguard in virtual & physical environments to deliver comprehensive UNIFIED DATA PROTECTION SOLUTION BRIEF CA arcserve UDP Fueled by data growth and technology
More informationHybrid Cloud Computing
Hybrid Cloud Computing Managing the reality of enterprise cloud computing Cloud computing promises a new world of IT agility, with quick deployment of applications to support business needs. Organizations
More informationRadix Technologies China establishes compelling cloud services using CA AppLogic
CUSTOMER SUCCESS STORY Radix Technologies China establishes compelling cloud services using CA AppLogic CUSTOMER PROFILE Industry: IT services Company: Radix Technologies China Employees: 25 BUSINESS Radix
More informationPrivilege Gone Wild: The State of Privileged Account Management in 2015
Privilege Gone Wild: The State of Privileged Account Management in 2015 March 2015 1 Table of Contents... 4 Survey Results... 5 1. Risk is Recognized, and Control is Viewed as a Cross-Functional Need...
More informationCA Workload Automation
PRODUCT SHEET: CA Workload Automation CA Workload Automation Improve the availability of critical IT workload processes and schedules enterprise-wide by leveraging real-time IT automation, embedded workflow,
More informationWHITE PAPER May 2012. How Can Identity and Access Management Help Me with PCI Compliance?
WHITE PAPER May 2012 How Can Identity and Access Management Help Me with PCI Compliance? Table of Contents Executive Summary 3 SECTION 1: Challenge 4 Protection of confidential cardholder information SECTION
More informationSymantec NetBackup 7.5 for VMware
V-Ray visibility into virtual machine protection Solution Overview: Data Protection Overview There is little question that server virtualization is the single biggest game-changing trend in IT today. Budget-strapped
More informationDevOps for the Cloud. Achieving agility throughout the application lifecycle. The business imperative of agility
DevOps for the Cloud Achieving agility throughout the application lifecycle We don t have to tell you that your company is under increasing pressure to respond more quickly to changing business conditions.
More informationReducing the cost and complexity of endpoint management
IBM Software Thought Leadership White Paper October 2014 Reducing the cost and complexity of endpoint management Discover how midsized organizations can improve endpoint security, patch compliance and
More informationCA Configuration Management Database (CMDB)
PRODUCT BRIEF: CA CMDB CA Configuration Management Database (CMDB) CA CONFIGURATION MANAGEMENT DATABASE (CMDB) HELPS YOU IDENTIFY AND UNDERSTAND THE DEPENDENCIES AND RELATIONSHIPS AMONG AND BETWEEN YOUR
More informationUnderstanding & Improving Hypervisor Security
The Essentials Series: Security Concerns & Solutions Understanding & Improving Hypervisor Security sponsored by by Greg Shields Understanding & Improving Hypervisor Security...1 What Is the Hypervisor?...1
More informationVirtualization Case Study
INDUSTRY Finance COMPANY PROFILE Major Financial Institution. BUSINESS SITUATION Internal security audits found that VMware ESX, Red Hat Linux, and Solaris systems lacked an efficient way to control access
More informationVirtual Machine Protection with Symantec NetBackup 7
Overview There s little question that server virtualization is the single biggest game-changing trend in IT today. Budget-strapped IT departments are racing to embrace the promise of virtualization for
More information