Physical Security Information Management: A Technical Perspective



Similar documents
Implement a unified approach to service quality management.

BEA AquaLogic Integrator Agile integration for the Enterprise Build, Connect, Re-use

Published April Executive Summary

Retail Case Study COMPANY OVERVIEW CHALLENGES

IBM Information Management

How can Identity and Access Management help me to improve compliance and drive business performance?

CA Service Desk Manager

CA Workload Automation

Enterprise SOA Strategy, Planning and Operations with Agile Techniques, Virtualization and Cloud Computing

Optimally Manage the Data Center Using Systems Management Tools from Cisco and Microsoft

Extend the value of your service desk and integrate ITIL processes with IBM Tivoli Change and Configuration Management Database.

Analance Data Integration Technical Whitepaper

Address IT costs and streamline operations with IBM service desk and asset management.


Address IT costs and streamline operations with IBM service request and asset management solutions.

How To Build A Business Case For An Enterprise Resource Planning (Erp) Project

The Role of Cisco SONA in Enterprise Architecture Frameworks and Strategies

Understanding. Product Exploration

Product. Common Origination Platform TM Automated Loan Origination Processing and Intelligent Business-Rules Management in One Unique System

Simply Sophisticated. Information Security and Compliance

An Oracle White Paper June Integration Technologies for Primavera Solutions

The Purview Solution Integration With Splunk

HEAT Service Management Platform. White Paper

Organizational Intelligence, Scalability, and Agility

Supply Chain Management Build Connections

Increasing business values with efficient Software Configuration Management

IBM WebSphere application integration software: A faster way to respond to new business-driven opportunities.

Software development for the on demand enterprise. Building your business with the IBM Software Development Platform

HP Service Manager software

Analance Data Integration Technical Whitepaper

Simplified Management With Hitachi Command Suite. By Hitachi Data Systems

VISION BPM. Business Process Management.

NetApp OnCommand Management Software Storage and Service Efficiency

IBM Customer Experience Suite and Electronic Forms

Datacenter Management and Virtualization. Microsoft Corporation

The Recipe for Sarbanes-Oxley Compliance using Microsoft s SharePoint 2010 platform

IBM 2010 校 园 蓝 色 加 油 站 之. 商 业 流 程 分 析 与 优 化 - Business Process Management and Optimization. Please input BU name. Hua Cheng chenghua@cn.ibm.

VMware Virtualization and Cloud Management Solutions. A Modern Approach to IT Management

Increase Agility and Reduce Costs with a Logical Data Warehouse. February 2014

IBM Tivoli Netcool/Impact

Data Center Solutions

OpenText Output Transformation Server

Network device management solution

IBM Tivoli Service Request Manager

IBM Global Business Services Microsoft Dynamics AX solutions from IBM

Contents. Introduction... 1

Red Hat Network: Monitoring Module Overview

JOB DESCRIPTION APPLICATION LEAD

Today, the Cisco Enterprise B2B team has created automated and standardized processes in the following areas:

IBM Enterprise Content Management Product Strategy

Enhance visibility into and control over software projects IBM Rational change and release management software

SDN for Wi-Fi OpenFlow-enabling the wireless LAN can bring new levels of agility

WHITE PAPER. Written by: Michael Azoff. Published Mar, 2015, Ovum

JBoss enterprise soa platform

Security & Building Systems Solutions

EMC Integrated Infrastructure for VMware

QPR WorkFlow. Minimize Process Time, Maximize Process Outcome. QPR WorkFlow 1

How To Monitor Your Entire It Environment

SAP NetWeaver. SAP NetWeaver

CONDIS. IT Service Management and CMDB

Improving Java Migration Outcomes with Rapid Assessment

MANAGEMENT AND ORCHESTRATION WORKFLOW AUTOMATION FOR VBLOCK INFRASTRUCTURE PLATFORMS

Building and Deploying Enterprise M2M Applications with Axeda Platform

CA Process Automation for System z 3.1

How to Secure Your SharePoint Deployment

EMC s Enterprise Hadoop Solution. By Julie Lockner, Senior Analyst, and Terri McClure, Senior Analyst

Utilizing Experian next generation decision management software to bring customer management to the next level of client experience and value creation

The IBM Solution Architecture for Energy and Utilities Framework

Selecting the Right Change Management Solution Key Factors to Consider When Evaluating Change Management Tools for Your Databases and Teams

Smart Data Center Solutions

API Architecture. for the Data Interoperability at OSU initiative

White Paper Achieving PCI Data Security Standard Compliance through Security Information Management. White Paper / PCI

Data Masking: A baseline data security measure

Maximize the Value of your Custom Business Applications with Microsoft Dynamics CRM

Business Operations. Module Db. Capita s Combined Offer for Business & Enforcement Operations delivers many overarching benefits for TfL:

WHITE PAPER MATTERSPHERE TECHNOLOGY AND FUNCTIONALITY REVIEW CONNECTING YOU WITH WHAT MATTERS

What is it? What does it do? Benefits

Network device management solution.

Customer Relationship Management

Enterprise content management solutions Better decisions, faster. Storing, finding and managing content in the digital enterprise.

Product. LoanLaunch TM Single-Platform Loan Origination Processing with a Holistic View of Borrower Transactions across All Products and Channels

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

Reasons Enterprises. Prefer Juniper Wireless

A Guide Through the BPM Maze

CMDB Essential to Service Management Strategy. All rights reserved 2007

Innovative Approach to Enterprise Modernization Getting it Right with Data

Predictive Straight- Through Processing

Can CA Information Governance help us protect and manage our information throughout its life cycle and reduce our risk exposure?

Vulnerability Management

E-Business Suite Oracle SOA Suite Integration Options

Infor10 Corporate Performance Management (PM10)

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Customer Relationship Management

Real-Time Security Intelligence for Greater Visibility and Information-Asset Protection

BIMS - Branch Intelligent Management System

Policy Management: The Avenda Approach To An Essential Network Service

Government's Adoption of SOA and SOA Examples

WHITE PAPER The Evolution of the Data Center and the Role of Virtualized Infrastructure and Unified 3D Management

Transcription:

P R O X I M E X C O R P O R A T I O N W H ITE PAPER Physical Security Information Management: A Technical Perspective By Ken Cheng 1

Physical Security Information Management: A Technical Perspective Physical security remains a top-level concern for organizations today. In both public and private sectors, the need to mitigate risk, ensure compliance and generate a quick return on investment is more important than ever before. While a past response to these business drivers has been to increase spending on physical security infrastructure, budget-conscious organizations must now change course and leverage all available intelligence to speed incident resolution while complying with new regulatory requirements and demonstrating a realistic ROI back to the organization. Even though the need for increased physical security has elevated to the C-level within organizations, physical security operations groups still find themselves tasked with creating a 21st century security environment from 20th century systems. At the current rate of technology change, even 4 year-old systems can seem antiquated and unable to deliver the information required by all business units. Until recently, security groups were forced to accept minimal integration between subsystems or rely on manual processes and intervention in order to manage and respond to security incidents. This approach is error-prone, time-consuming and requires a highlevel of familiarity with the security infrastructure which can be problematic during an immediate security threat. In response to the complex physical security needs and business drivers, the Physical Security Information Management technology category has emerged. The goal of PSIM solutions is to provide a comprehensive and holistic view of a physical security environment through the integration of numerous physical security subsystems and the correlation of data from these subsystems. With a true PSIM solution in place, organizations can turn silos of data from individual subsystems into actionable intelligence and elevate that information across the enterprise. The purpose of this white paper is to detail what PSIM entails from a technical perspective, discuss current and future architectural requirements for a complete PSIM solution, identify key areas for the implementation of a PSIM solution and describe the technical architecture employed by Proximex Surveillint. PSIM Concepts The first order of PSIM is to provide a means to integrate multiple physical security subsystems. This may apply to organizations without a command and control center or to ones that need to reduce the total number of centers. The subsystem data must be correlated in a manner that provides security operators with actionable information. Most importantly, the information that is presented must be easy to comprehend and use when responding to incidents. To easily retrieve information, the user interface must be flexible to incorporate a variety of subsystems and display the collection of various data in one centralized place. A complete PSIM solution normalizes the data produced by multiple security subsystems to permit a common analysis of different data points and moves from simple data collection to advanced correlation and reporting capabilities. 2

The next step is to correlate the data which is more than just combining data points. Proper correlation requires a deep understanding of the physical security environment so data can be displayed in context. For example, access control system (ACS) alert data should be combined with video and any other sensor information in the proximity of the ACS alert so all aspects of the threat can be analyzed together. Finally, information must be clearly read, easy to view and simple to analyze in a meaningful manner. Integrating multiple data points from multiple places highlights the importance of information presentation. The user interface of a PSIM solution must present all relevant details in a single view without the need for specialized knowledge of the environment because the greater the need for specialized knowledge the greater the potential for human error and problems. Common Architectural Requirements for a PSIM Solution For PSIM to meet the major challenges of risk, compliance and return on investment (ROI), it must include certain tenets such as the ability to integrate multiple disparate physical security subsystems, collect and normalize data from these subsystems into a centralized database, and then correlate (connect) this data in a way that is easily interpreted by operators. In addition, workflow must be applied against the collected data in order to automate security procedures. Security subsystems may be integrated in various ways. The most unrefined integration approach uses simple data retrieval from subsystems by creating custom interfaces to the subsystems or using standard interfaces provided by the subsystem vendor. Custom interfaces work well for simple data retrieval but can be problematic when vendors update their products. Advanced two-way communication (e.g. pushing state changes back to a subsystem) requires detailed understanding of each subsystem. This can be difficult for developers unless they are directly involved in the original product design. The ideal integration approach is to leverage the standard interfaces provided by the subsystem vendor for the orderly retrieval of data combined with a clear mechanism for sending data back into the subsystem. This two-way interface approach should be a requirement when selecting a PSIM solution for your organization. Using a standard mechanism to create and manage interfaces is essential because it lets organizations avoid a rip and replace mentality by adding new security products and systems to an existing environment without major disruptions. Even though industry standards are in their infancy for interfaces or integration, organizations should consider using mainstream technology components that are commonly found in IT organizations, such as SOAP, XML and web services. The next step is to address the data itself. An obvious choice is to place the data into a standard database. But before doing so, the data must be normalized in order for it to be viewed across all subsystems. Collecting and normalizing data into a database is required before applying workflow and automation. Workflow helps organizations ensure that personnel are following procedures and complying with security policies while automation removes the need for constant manual intervention, thus leading to fewer errors and, more importantly, faster response time. While total automation isn t yet possible today, partial automation helps the organization by allowing operators to focus on threats that require a human s attention. To move organizations toward automation, information should be presented to users in a way that requires minimal interpretation. Ideally, operators should be able to quickly view the user interface and glean relevant information without visiting multiple screens or sifting through multiple layers. The interface should be simple and highly graphical without demanding specialized training or knowledge of the security environment. A basic implementation would display various sensors from different types of subsystems with sensor alerts overlaid onto facility or campus maps. It should also include the ability to drill down into particular alerts or points of interest. 3

These workflow and automation capabilities found in PSIM solutions are advanced mechanisms that are used to process collected subsystem data. There are many ways to add these capabilities, ranging from customized engines driven by script interfaces to simple point-and-click graphical interfaces. Whichever implementation is used, organization should evaluate these capabilities with an eye towards ease of use, ease of customization, and ongoing management and maintenance requirements. Because these capabilities are the foundation of a PSIM solution, organization should be comfortable in supporting and maintaining these functions. Implementing a PSIM Solution Implementing a PSIM solution requires a set of activities that will significantly impact the organization, including: Understand business drivers and how the solution should support them. Organizations need to align their security policies and response to the business drivers of risk, compliance and ROI so the PSIM solution generates value to the business. Examine and refine consolidated security operations policies and procedures. PSIM solutions are not autonomous; they will only be as valuable as the policies and procedures they automate. Identify required process and procedure changes to streamline operations and serve business needs. These changes can be implemented through workflow and automation. Establish performance baseline. Without a baseline for comparison, it s difficult to determine the success of a PSIM solution when addressing an organization s security requirements. Measure performance often. Regular ongoing performance measurement helps drive improvement and, ultimately, business value. Iterate processes. These steps are not a one-time endeavor but, rather, a continuous process. The feedback from consistent evaluation reduces the potential discrepancy between business needs and implementing security policy. Each step is equally important and should be completed in order. Skipping one or more steps may cause insufficient attention to organizational needs, less efficient physical security management of policies and procedures and, potentially, higher security operations cost. Surveillint Architecture As the premier PSIM solution, the award-winning Surveillint provides all of the benefits of a complete PSIM solution. Surveillint is built on a modern, scalable architecture based on standardized technology components. The underlying technologies found in Surveillint will be familiar to nearly every IT organization. Built on Microsoft.NET framework. Proximex developed Surveillint on the industry standard Microsoft.NET platform to provide rapid development of highly scalable, secure and manageable web services-based applications. Utilizes a Service Oriented Architecture (SOA). SOA is the key that provides easy integration between Surveillint and existing technology infrastructures. It is described as an architectural style whose goal is to achieve loose coupling among interacting software agents. 1 An SOA architecture offers significant benefits including flexibility, agility, better scalability, higher availability and superior maintainability. Employs a modular application design. Surveillint s modern modular design separates application components into discrete modules that can be easily modified with minimal impact. This modular approach allows new modules to be added at any time. Surveillint s physical security subsystems modules also use this approach allowing for quick development and deployment. 1. www.xml.com 4

Uses a centralized Microsoft SQL Server database. Surveillint stores all collected data into a standard Microsoft SQL Server 2008 R2 database. The commonly-deployed database platform simplifies database administration and gives customers the ability to develop custom reports. It leverages advanced features of the SQL server, including clustering and replication. Leverages common communications protocols and messaging formats. Communication between Surveillint components is through the global standard TCP/IP protocol and uses standard port definitions such as HTTP or HTTPS. This means firewalls and other networking equipment will require minimal, if any, configuration modifications. Extensible Markup Language (XML) is the industry standard used for the message format. Using XML for data interchange reduces the integration complexity of Surveillint with third-party products that are also based on SOA and XML. Makes use of workflow engine based on Commercial off the Shelf (COTS) technology. Surveillint uses the advanced workflow engine embedded in Microsoft.NET Framework v3.0. Originally built for Microsoft BizTalk Server, this engine was designed for enterprise use with its highly scalable and extremely flexible architecture. Leveraging these powerful technologies, Proximex built Surveillint, the first enterprise-class PSIM solution. The application of modern design principles across Surveillint ensures that future technologies can augment existing capabilities in minimal time. Incorporating standardized components verify that Surveillint is easy to deploy, easy to configure and easy to manage. Summary The market for PSIM solutions is growing rapidly with organizations that need to mitigate risk, ensure compliance and demonstrate an ROI back to the organization. With such significant projected market growth, many vendors are beginning to offer products with wildly different capabilities. Organizations that are considering a PSIM solution should examine the core functionality and architecture of each solution to confirm they will meet current and future needs. Surveillint offers the most comprehensive, robust and enterprise-class solution today to help your organizations meet its business needs. Information in this article is current as of August 2011, the publication date. No part of this document may be reproduced in whole or in part without the prior written permission of Proximex Corporation. License information available at www.proximex.com or by calling 1-408-215-9000. Ken Prayoon Cheng is co-founder and chief technology officer for Proximex. Microsoft, SQL Server and BizTalk are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. 5

About Proximex Proximex is the leader in event and information management for both physical and logical security markets. The company develops innovative solutions that leverage existing and new systems and technologies that are integrated into a centralized command and control center. Proximex solutions ensure that incident information is no longer trapped within disparate systems, but brought together in context with security policies and operations for analysis and resolution. CSOs and security teams select Proximex solutions for their ability to help mitigate risk, ensure compliance, and offer a quick return on investment with low total cost of ownership. IT organizations approve of their scalable architecture and high availability. Proximex provides companies with the solutions to support the bigger security picture, that is, the transformation of both physical and logical security into a unified holistic model. Headquarters 300 Santana Row, Suite 200 San Jose, CA 95128 Phone: +1 (408) 215.9000 Fax: +1 (408) 338.0806 EMEA 2nd Floor 145-157 St. John Street London, England EC14PY Phone: +44 (0) 845.226.4535 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information