Solución de Seguridad en dispositivos IBM Endpoint Manager Enrique G. Dutra Enterprise Security MVP MCT - IBM Sales Spec. Auditor Lider ISO/IEC 27001:2005 Punto Net Soluciones SRL edutra@puntonetsoluciones.com.ar Tw: @egdutra @linenetsecurity
AGENDA Problemáticas actuales. IBM Endpoint Manager. Análisis de funcionalidades.
Problemáticas actuales
Problemáticas actuales - Plataformas no están totalmente actualizadas - Solo se actualizan algunas soluciones. - No todas las soluciones están actualizadas y presentan vulnerabilidades. - Verificación de cumplimientos manuales. - Poco conocimiento del estado de la plataforma. - No hay revisión consolidada de las consolas de las diferentes plataformas de seguridad.
Problemáticas actuales - Falta de verificación de compliances. - Ausencia de seguimiento de uso de aplicaciones en los dispositivos.(ej: licenciamiento) - Fuga de información. - El despliegue de software no es homogéneo.
Quieren compartir algunas problemáticas con nosotros? Nos alcanza?
IBM Endpoint Manager 9.2.0
IBM Endpoint Manager Software empresarial para gestionar dispositivos Escalable hasta 250.000 dispositivos 1 única consola 1 solo agente 1 o varios retransmisores Reportes Web
Unificación de la administración Smartphones & Tablets Mobile Devices Mobile Apps PC s, Macs, POS, ATMs On and off-network SaaS, On-premise, or MSP Fastest time to compliance Comprehensive Security Lowest TCO Servers Physical and Virtual Patch Management Lifecycle Management Power Management Core Protection Security & Compliance SW Use Analysis Server Automation Mobile Management
IBM es el líder en administración de dispositivos Security Information & Event Management Enterprise Mobility Management Suites Client Management Tools
IBM Endpoint Manager Segurity & Compliance Automates and manages continuous security configuration policy compliance. Easily and quickly assess endpoint security posture. Automatically patch and remediate non-compliant systems. Deploy, Update, and health check 3 rd -party Antivirus solutions Identify, manage, and report on policy exceptions and deviations. Policy based quarantine of non-compliant systems Asset Discovery Compliance Analytics Patch Management Security Configuration Management Vulnerability Management Multi-Vendor Endpoint Protection Management Library of 8,000+ compliance settings, including support for USGCB, DISA STIG, and CIS Automatically and continuously enforce policy at the endpoint
IBM Endpoint Manager Core Protection Provides near real-time protection from malware & other malicious threats through capabilities such as file & web reputation, personal firewall and behavior monitoring. Servicios Asset Discovery Anti-Virus / Anti- Malware Firewall Protection File & Web Reputation Data Loss Prevention Beneficios Asset discovery and reporting across heterogeneous operating systems Provides anti-malware protection to Mac and Microsoft Windows endpoints. Provides security for both fixed network-connected endpoints and roaming Internet-connected endpoints. The web reputation feature automatically determines the safety of millions of dynamically rated websites. Delivers integrated DLP capabilities using the same single console and single agent.
IBM Endpoint Manager Patch Management For organizations of various business verticals such as healthcare, finance, manufacturing, retail, services, education and public sector and of various size from SMB to Fortune 500 Who need to: Assess the state of IT assets (E.g. Inventory), Deploy OS patches and application updates, Manage IT compliance and policy enforcement IBM Endpoint Manger is: Easy to use with simplified patching process, Easy to scale from 10 to 250,000 devices and Responsive with automation to detect and remediate vulnerabilities Extensible to 90+ OS and Windows apps THE end-to-end software patch management solution Coordinate and patch all systems with one tool Provides VISIBILITY, AUTOMATION and CONTINUOUS COMPLIANCE across 90+ Operating Systems
IBM Endpoint Manager Lifecycle Management Services Asset Discovery Patch Management Inventory Management Software Distribution OS Deployment Remote Desktop Control Benefits Role based software deployment and user self-provisioning Hardware independent OS imaging and driver management Dramatically reduced patch cycles and increased first-pass success rates Closed loop validation in real time Multi-platform support from a single console (Unix, Linux, Windows, Mac OS X) Dramatically reduced patch cycles and increased firstpass success rates Multi-platform support (Unix, Linux, Windows, Mac OS X) Discover, Control, and Automate with a single integrated solution IBM Provided Content Patch Management Easily and quietly deploy patches across Windows, Mac OS X, Linux, Unix Enable advanced policies that automatically reapply patches if they are removed Software Distribution Cross-platform management of software packages Web based self-service portal, provides as-needed enablement to end users OS Deployment Solves bare metal and migration scenarios Easily combine with patch activities to create true-up baselines postinstall Asset Discovery SW & HW Inventory Remote Control Custom Content Community Ecosystem Take advantage of a growing library of custom Fixlets created by the user community Ad-Hoc Tasks Respond quickly to new challenges by making simple modifications to any of the 100,000+ Fixlets IBM provides IBM provides a comprehensive set of content out of the box, ready to deploy. The IEM Platform is flexible and powerful when it comes to custom content and ad-hoc policy creation.
IBM Endpoint Manager Power Management Benefits Granular power tracking to allow breakdown of weekly power consumption and idle time Historical web reports to reflect the weekly power tracking data Power profile wizard to allow creation of 'multiple power profile policy Client side dashboard to show the projected impact of applying a single power profile offer BES Server Plug-in Service enhanced to use encrypted passwords
IBM Endpoint Manager Software use Analysis Services For Windows Servers and PCs Unix/Linux Servers Software Asset Discovery Software Use Metering Software Use Reporting Software identification catalogue, which contains over 105,000 signatures out of the box and updates are released regularly Easily customize the software identification catalogue to include tracking of home-grown and proprietary applications 8000+ Software publishers 40,000+ Software products Benefits Centralized visibility & reporting of all sw assets Assess software inventory to help identify what is deployed in readiness for software audits Meters software usage to identify unused software Reports software usage and deployments to help measure compliance
DEMO
Resumiendo IBM Endpoint Manager Lifecycle Management TADd / ILMT convergence Datacenters Security & Compliance Software Distribution Patch Management Basic HW & SW Inventory OS Deployment Remote Control Available as Starter Kit Software Use Analysis Software Inventory Software Usage Reporting Software Catalog Correlation OS & App Patching Basic HW & SW Inventory Software Distribution OS Deployment Remote Control OS Patching Application Patching Offline Patching Patch Management Patch Management Security Config Mgmnt Vulnerability Assessment Compliance Analytics 3 rd Party Endpoint Protection Mgmnt Server Automation (add-on) TPM evolution Advanced Server Management & Task Automation Physical & Virtual Server Management Middleware Management Power Management Windows & Macs Carbon, cost reduction reports End-user Dashboard Security Config Mgmnt Vulnerability Assessment Compliance Analytics 3 rd Party Endpoint Protection Mgmnt Self-Quarantine Mobile Device Mgmt App Mgmt Compliance Mobile Devices Available as Starter Kit Self-Quarantine Anti-Malware Core Protection Firewall Data Loss Prevention & Device Control (Data Protection add-on)
Mantenerse actualizado IBM @IBMSecurity /secintelligence Punto Net Soluciones @Linenetsecurity @egdutra /PuntoNetSolucionesSRL /line.net.71 http://seguridadit.blogspot.com.ar/ http://www-03.ibm.com/software/products/en/appscan-standard
Muchas Gracias Muito Obrigado Thank You