Security management solutions White paper. IBM Tivoli and Consul: Facilitating security audit and compliance for heterogeneous environments.



Similar documents
IBM Tivoli Compliance Insight Manager

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.

Security management solutions White paper. Extend business reach with a robust security infrastructure.

Provide access control with innovative solutions from IBM.

Consolidating security across platforms with IBM System z

Service management White paper. Manage access control effectively across the enterprise with IBM solutions.

Preemptive security solutions for healthcare

Strengthen security with intelligent identity and access management

Boosting enterprise security with integrated log management

Tivoli Security Information and Event Manager V1.0

Addressing IT governance, risk and compliance (GRC) to meet regulatory requirements and reduce operational risk in financial services organizations

Compliance Management, made easy

IBM Tivoli Netcool network management solutions for enterprise

Select the right security information and event management solution

Log Management How to Develop the Right Strategy for Business and Compliance. Log Management

Software asset management White paper. Improving IT service delivery through an integrated approach to software asset management.

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

IBM Tivoli Asset Management for IT

IBM Software Top tips for securing big data environments

Strategies for assessing cloud security

8 Steps to Holistic Database Security

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems

Self-Service SOX Auditing With S3 Control

IBM QRadar Security Intelligence April 2013

How To Buy Nitro Security

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence

Consolidated security management for mainframe clouds

The Impact of HIPAA and HITECH

IBM Tivoli Netcool Configuration Manager

Implement a unified approach to service quality management.

Protection & Compliance are you capturing what s going on? Alistair Holmes. Senior Systems Consultant

Select the right configuration management database to establish a platform for effective service management.

White Paper. Ensuring Network Compliance with NetMRI. An Opportunity to Optimize the Network. Netcordia

Security solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.

Reducing the cost and complexity of endpoint management

An Oracle White Paper January Oracle Database Firewall

Enterprise Security Solutions

Enforcive / Enterprise Security

Implement security solutions that help protect your IT systems and facilitate your On Demand Business initiatives.

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

IBM Tivoli Endpoint Manager for Security and Compliance

IBM Security Intelligence Strategy

Empowering intelligent utility networks with visibility and control

IBM Security Privileged Identity Manager helps prevent insider threats

IBM Security QRadar Risk Manager

FIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES

IBM Security QRadar Risk Manager

Security management White paper. Develop effective user management to demonstrate compliance efforts and achieve business value.

Driving workload automation across the enterprise

Real-Time Security for Active Directory

Scalability in Log Management

whitepaper The Benefits of Integrating File Integrity Monitoring with SIEM

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

APPLICATION COMPLIANCE AUDIT & ENFORCEMENT

Use product solutions from IBM Tivoli software to align with the best practices of the Information Technology Infrastructure Library (ITIL).

WHITEPAPER. Addressing Them with Adaptive Network Security. Executive Summary... An Evolving Network Environment Adaptive Network Security...

IBM asset management solutions White paper. Using IBM Maximo Asset Management to manage all assets for hospitals and healthcare organizations.

Safeguarding the cloud with IBM Dynamic Cloud Security

How To Secure A Database From A Leaky, Unsecured, And Unpatched Server

SolarWinds Security Information Management in the Payment Card Industry: Using SolarWinds Log & Event Manager (LEM) to Meet PCI Requirements

How To Use Ibm Tivoli Monitoring Software

How To Manage Security On A Networked Computer System

IBM PowerSC. Security and compliance solution designed to protect virtualized datacenters. Highlights. IBM Systems and Technology Data Sheet

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

IBM Maximo Asset Management for IT

Three significant risks of FTP use and how to overcome them

IBM Tivoli Netcool network management solutions for SMB

AlienVault for Regulatory Compliance

THE FIRST UNIFIED DATABASE SECURITY SOLUTION. Product Overview Security. Auditing. Caching. Masking.

Privileged User Monitoring for SOX Compliance

An Oracle White Paper January Oracle Database Firewall

Actionable Security Intelligence: Preparing for the Next Threat with a Proactive Strategy

IBM Endpoint Manager for Core Protection

McAfee Database Security. Dan Sarel, VP Database Security Products

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

Stay ahead of insiderthreats with predictive,intelligent security

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

How To Ensure Financial Compliance

IBM Tivoli Service Request Manager

Four keys to effectively monitor and control secure file transfer

IBM Service Management solutions White paper. Make ITIL actionable with Tivoli software.

Staying a step ahead of the hackers: the importance of identifying critical Web application vulnerabilities.

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Address IT costs and streamline operations with IBM service request and asset management solutions.

Detect & Investigate Threats. OVERVIEW

The Benefits of an Integrated Approach to Security in the Cloud

White paper December Addressing single sign-on inside, outside, and between organizations

Reduce your data storage footprint and tame the information explosion

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Transcription:

Security management solutions White paper IBM Tivoli and Consul: Facilitating security audit and March 2007

2 Contents 2 Overview 3 Identify today s challenges in security audit and compliance 3 Discover how Consul products enhance the IBM security management portfolio 5 Leverage extended Consul functionality through integration with other IBM products 6 Combine the benefits of Consul and IBM Tivoli solutions 8 Conclusion 8 For more information Overview Security and compliance challenges are greater than ever because of increased regulatory requirements and costs of compliance failures, increased complexity in technologies and IT environments, and a lack of predictability and visibility across infrastructures. To help address these challenges, IBM continues to expand its security management portfolio through development and acquisitions. One such acquisition is Consul risk management international, B.V., a recognized leader in policy-based security audit and compliance. Designed for both distributed and mainframe environments, Consul products provide capabilities that combine with the IBM Tivoli security management portfolio to help organizations: Assess the overall security and compliance status of business infrastructures: Capture comprehensive log data. Analyze data through sophisticated log interpretation and normalization. Communicate results to management and auditors through a drillable dashboard and full set of audit and compliance reports. Defend against potential security threats and business risks across the enterprise: Deliver comprehensive, end-to-end security management. Improve security information and event management, addressing both internal and external threats. Enhance preemptive security solutions. Access control for business systems and information to help maximize integrity and facilitate compliance: Enable a mainframe-based hub for enterprise security management. Combine security with compliance management. Develop and support policy-based access and identity management. Monitor internal and external behaviors, address violations and manage data: Monitor privileged users and their activities, including system administrators and database administrators (DBAs). Automate analysis of user behavior against security policies to identify noncompliant activity. Take action based on compliance violations.

Highlights Identify today s challenges in security audit and compliance In a recent IBM study, 64 percent of CIOs stated that the most significant challenges facing IT organizations include security, compliance and data protection.* These challenges are being fueled by: Increased requirements Numerous compliance initiatives already exist and requirements are only increasing in many industries. To manage risks and avoid penalties or lost business, businesses need improved monitoring and controls. Increased complexity Disparate technologies and infrastructures constantly fragment and hamper compliance efforts. Organizations also struggle to link compliance at the infrastructure and business levels. Increased costs Little-to-no predictability and visibility across complex infrastructures drive rapid cost inflation. Additionally, the failure to achieve compliance or prevent security breaches can impose enormous costs. IT organizations must manage security risks, address compliance requirements and support the core business As a result, IT organizations must now find a way to support three imperatives that sometimes overlap and sometimes compete: managing security risks, addressing burgeoning compliance requirements and supporting the core business. The need to serve these three imperatives simultaneously with limited resources has created arguably the most complex and challenging IT environment that CIOs have ever faced. Discover how Consul products enhance the IBM security management portfolio To address today s challenges in security audit and compliance, IBM provides a portfolio of flexible security management solutions that span assessment and discovery, defense, access management, monitoring and reporting analytics. The IBM security management portfolio is enhanced by ongoing IBM development and the acquisition of world-class technology solution providers.

One such acquisition is Consul risk management, B.V., a recognized leader in policy-based security audit and compliance. Designed for both distributed and mainframe environments, Consul products include: Consul InSight Suite that captures comprehensive log data and then interprets the data through sophisticated, patent-pending W7 analysis, privileged user monitoring and out-of-the-box compliance support modules. Consul InSight Suite helps greatly accelerate policy and compliance initiatives. Consul zsecure Suite of integrated mainframe tools that enable mainframe administration managers, security officers and auditors to facilitate compliance with regulations, prepare for and pass security audits, improve operational efficiency and reduce chances of downtime. Organizations that already understand the strengths of the IBM security management portfolio can leverage the addition of Consul products to deploy solutions for both distributed and mainframe environments, including the following: An enhanced security and compliance dashboard that enables information protection efforts, accelerates audit and compliance activities, establishes access accountability and helps reduce the cost of security operations. Comprehensive, end-to-end security management with identity and access management, security incident and threat management, powerful visibility into insider threats, in-depth user activity monitoring and comprehensive auditing capabilities. A mainframe-based hub for enterprise security management with capabilities to administer, audit, alert and monitor IBM z/os RACF for security and compliance; administer and manage mainframe users and security; and connect the mainframe to centralized compliance and administration efforts.

Highlights IBM customers can extend their existing investments with Consul products that enhance support for mainframe investments By leveraging Consul capabilities to enhance support for mainframe investments, IBM helps customers extend the value of their existing investments and minimize disruptions when they adopt new security management technologies. They can take a phased approach to enhancements and continually verify that the solutions they deploy will align with their strategic initiatives. Additionally, Consul best practices combine with those that IBM has developed for both distributed and mainframe environments to help customers address standards, laws and compliance initiatives, including the Sarbanes-Oxley Act (SOX), the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), Basel II and ISO17799. Leverage extended Consul functionality through integration with other IBM products Organizations that already use Consul products can also enjoy substantial benefits from future integration of Consul products with other IBM security management offerings. The following examples show the extended benefits planned through the future integration of Consul InSight, Consul zsecure and the IBM Tivoli security management portfolio. Security information and event management (SIEM): An SIEM solution integrates security information management (SIM) with security event management (SEM). To support this objective, all events and alerts from Consul InSight can be forwarded in real time to the IBM Tivoli Security Operations Manager console. At the same time, events and alerts generated by IBM security management tools can be populated within Consul InSight for normalization and compliance reporting. This integration harmonizes the collection infrastructure among the product lines, thereby supporting an effective, comprehensive SIEM solution.

Change and configuration management: One of the biggest contributors to IT outages is unregulated or unauthorized change. IBM offers a number of change management products including IBM Tivoli Change Process Manager. Leveraging deeper integration with Consul InSight, IBM customers will be better able to meet requirements regarding verification and enforcement. Deeper integration supports the ability to definitively answer policy and enforcement questions. Storage management: Businesses today must often maintain huge stores of sensitive, private and financially critical documents for many years. As part of this process, they must prove by means of audit trails and other means that documents have not been misused, altered or otherwise compromised. The integration of Consul InSight with IBM storage solutions provides: Monitoring and enforcement of data management and retention processes. Secure, manageable, long-term storage of audit trails. Identity management: IBM Tivoli Identity Manager, IBM Tivoli Access Manager software and Consul InSight can be fully integrated to deliver improved identity management. For example, Consul InSight compliance and forensic reports can draw on Tivoli Identity Manager user profile information. Additionally, Consul InSight can use Tivoli Access Manager policies as the basis for policy monitoring. Organizations can also integrate IBM Tivoli Provisioning Manager with Consul InSight to update workstation and server configurations or correct them when noncompliance occurs. Combine the benefits of Consul and IBM Tivoli solutions The integration of Consul and IBM Tivoli security management solutions blends strengths to create a broad portfolio of security and compliance management solutions for distributed and mainframe environments. The tables on page 7 provide more detail about the benefits of the IBM Tivoli security management portfolio now that Consul products have been added.

7 Security compliance dashboard and reporting Log management Security information and event management (SIEM) Privileged user monitoring and audit (PUMA) Database auditing Mainframe audit Mainframe administration Requirements Quickly gain an overview of the security compliance posture. Compare user activities and security events to regulatory requirements and acceptable use frameworks. Automate rapid, reliable log file collection and management across a variety of applications, operating systems, databases and security devices for compliance. Efficiently correlate, analyze and respond to security events for intruders from perimeter and network devices in a real-time security operations dashboard. Monitor privileged users and their activities in regards to key corporate systems and data. This monitoring should help ensure that confidentiality, integrity and systems compliance are properly maintained. Help protect core data sets and databases (such as IBM DB2 Universal Database, Oracle, Sybase or Microsoft SQL) from abuse by users and DBAs. This helps organizations address compliance requirements, close audit findings and minimize the risks of improper data access. Monitor mainframe events and incidents, help reduce security vulnerabilities, enforce policy compliance and generate audit reports. Help reduce the cost and complexity of RACF administration while enabling decentralization and compliance reporting. Benefits with IBM and Consul A security compliance dashboard along with specific modules that customers can use to address their compliance activities related to SOX, HIPAA, GLBA, Basel II and ISO17799. Ubiquitous, secure and native log collection across heterogeneous platforms, with query capability and reporting to address log collection and storage. A real-time SIEM dashboard and reporting engine, with support for leading network and security devices as well as support for hundreds of predefined correlation rules, enabling effective incident management. Privileged-user monitoring that uses Consul InSight W7 methodology and PUMA reports to enable security personnel to help protect corporate systems from rogue or accidental breaches and outages. Database auditing across leading enterprise database platforms, using Consul InSight W7 methodology to ensure DBAs and users do not access data outside of application controls and the change management process. A mainframe compliance and auditing solution, including the analysis and reporting of mainframe events and automatic detection of exposures through extensive status auditing. A mainframe administration suite that enables efficient and effective RACF administration by using less resources, providing richer functionality and facilitating compliance. Future integration is planned to address: Change management audit Storage auditing Identity and access management Requirements Monitoring of all changes in comparison with change management policy, for compliance purposes. Audit leverages reporting for compliance and operational management. Monitoring of access to and use of stored data for confidentiality and privacy, while verifying secure storage of security audit trail information for regulations and investigations. Closed-loop identity management to answer who can, who should and who does touch data. A broad range identity and access management requirements ranges from provisioning and sign-on through to audit and compliance. Enhanced benefits with IBM and Consul Integration with IBM Tivoli Change and Configuration Management Database (CCMDB) and status audit. Event source for storage logs and additional reports around information management. A solution with: Tivoli Identity Manager and Tivoli Access Manager software event sources. Integration of Tivoli Identity Manager identity store and Tivoli Access Manager software policy definition. Remediation from Consul InSight to Tivoli. Integration with status audit. Disclaimer: All statements regarding IBM s future direction and intent are subject to change or withdrawal without notice and represent goals and objectives only.

Conclusion The integration of Consul with IBM Tivoli blends strengths to create a powerful, comprehensive portfolio of security and compliance management solutions. Based on this integration, both Consul and IBM customers can enhance the effectiveness of their security and compliance management practices, helping to: Address growing requirements. Manage increased complexity The combined solution integrates mainframe and distributed environments into one view of security and compliance across the total infrastructure. Contain rising costs The combined solution provides visibility to threats across heterogeneous infrastructures to help reduce costs and enable better risk management. For more information To learn more about the IBM Tivoli security management portfolio, including Consul products, contact your IBM representative or IBM Business Partner, or visit ibm.com/tivoli Copyright IBM Corporation 2007 IBM Corporation Software Group Route 100 Somers, NY 10589 U.S.A. Produced in the United States of America 3-07 All Rights Reserved DB2 Universal Database, IBM, the IBM logo, RACF, Tivoli and z/os are trademarks of International Business Machines Corporation in the United States, other countries or both. Microsoft is a trademark of Microsoft Corporation in the United States, other countries or both. Other company, product and service names may be trademarks or service marks of others. Disclaimer: The customer is responsible for ensuring compliance with legal requirements. It is the customer s sole responsibility to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer s business and any actions the reader may have to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law or regulation. *IBM Service Management market needs study. March, 2006. TIW10313-USEN-00

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information