FREQUENTLY ASKED QUESTIONS

Similar documents
IBM Exam M IBM Security Sales Mastery Test v4 Version: 7.0 [ Total Questions: 62 ]

Securing the Cloud with IBM Security Systems. IBM Security Systems IBM Corporation IBM IBM Corporation Corporation

API Management: Powered by SOA Software Dedicated Cloud

SERVICE ORIENTED ARCHITECTURE

Ragy Magdy Regional Channel Manager MEA IBM Security Systems

Safeguarding the cloud with IBM Security solutions

Securing and protecting the organization s most sensitive data

Securing the Cloud through Comprehensive Identity Management Solution

ScienceLogic vs. Open Source IT Monitoring

Corepoint Community Exchange Features and Value - Overview

IBM QRadar as a Service

Safeguarding the cloud with IBM Dynamic Cloud Security

What is Security Intelligence?

Enterprise Security Solutions

C Examcollection.Premium.Exam.34q

LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE

IBM Security QRadar Vulnerability Manager Version User Guide

How To Achieve Pca Compliance With Redhat Enterprise Linux

Log management & SIEM: QRadar Security Intelligence Platform

ElegantJ BI. White Paper. The Enterprise Option Reporting Tools vs. Business Intelligence

LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE

Cisco Tidal Enterprise Scheduler

Introduction to IBM Worklight Mobile Platform

Provide access control with innovative solutions from IBM.

QRadar SIEM and FireEye MPS Integration

Nastel Technologies 48 South Service Road Melville, NY, USA Copyright 2014 Nastel Technologies, Inc.

Q1 Labs Corporate Overview

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

ProjExec Project Management for IBM Collaborative Platforms. Simple and effective project execution with collaboration for all project needs

Business Process Management Tampereen Teknillinen Yliopisto

QRadar SIEM and Zscaler Nanolog Streaming Service

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

CorreLog: Mature SIEM Solution on Day One Paul Gozaloff, CISSP. Presentation for SC Congress esymposium CorreLog, Inc. Tuesday, August 5, 2014

Current IBAT Endorsed Services

Vulnerability Management

IBM Business Process Manager

Boosting enterprise security with integrated log management

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

WebSphere Cast Iron Cloud integration

Centrify Cloud Connector Deployment Guide

Firewall Administration and Management

Clavister InSight TM. Protecting Values

Perspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

IBM InfoSphere Guardium Vulnerability Assessment

IBM API Management Overview IBM Corporation

Service-Oriented Architecture and Software Engineering

Cyber Security Symposium 2015 September 29,2015

Ecom Infotech. Page 1 of 6

IBM Cloud Computing Infrastructure Architect V1. Version: Demo. Page <<1/9>>

Continuous Network Monitoring

IBM Security QRadar Vulnerability Manager

Breaking down silos of protection: An integrated approach to managing application security

Navigate Your Way to NERC Compliance

Ultimus Adaptive BPM Suite V8

Alliance Key Manager Solution Brief

Realizing business flexibility through integrated SOA policy management.

Service management White paper. Manage access control effectively across the enterprise with IBM solutions.

G-Cloud Framework. Service Definition. Oracle Fusion Middleware Design and Implementation

Summit Platform. IT and Business Challenges. SUMMUS IT Management Solutions. IT Service Management (ITSM) Datasheet. Key Benefits

Video Communications Management Software:

BEA AquaLogic Integrator Agile integration for the Enterprise Build, Connect, Re-use

QRadar SIEM 6.3 Datasheet

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC

Desktop Activity Intelligence

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems

This presentation covers virtual application shared services supplied with IBM Workload Deployer version 3.1.

ORACLE FINANCIAL SERVICES ANALYTICAL APPLICATIONS INFRASTRUCTURE

ManageEngine (division of ZOHO Corporation) Infrastructure Management Solution (IMS)

IBM WebSphere application integration software: A faster way to respond to new business-driven opportunities.

APPLICATION COMPLIANCE AUDIT & ENFORCEMENT

Security of Cloud Computing for the Power Grid

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

Secure Cloud Computing

IBM Security IBM Corporation IBM Corporation

Total Protection for Compliance: Unified IT Policy Auditing

Connectivity and integration Executive brief. Optimize the potential of ERP systems through IBM SMART SOA integration strategies.

Endpoint Security for DeltaV Systems

IBM Security Intelligence Strategy

How to Choose the Right Security Information and Event Management (SIEM) Solution

Address IT costs and streamline operations with IBM service request and asset management solutions.

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Protecting Data in a Spooky world Data Masking Technologies DAMA RMC Oct. 29, 2014

The SIEM Evaluator s Guide

IBM Customer Experience Suite and Electronic Forms

Effective End-to-End Cloud Security

Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management

IBM 2010 校 园 蓝 色 加 油 站 之. 商 业 流 程 分 析 与 优 化 - Business Process Management and Optimization. Please input BU name. Hua Cheng chenghua@cn.ibm.

TRUVEN HEALTH UNIFY. Population Health Management Enterprise Solution

The Benefits of an Integrated Approach to Security in the Cloud

How To Buy Nitro Security

EARTHLINK BUSINESS. Simplify the Complex

Develop HIPAA-Compliant Mobile Apps with Verivo Akula

HEAT Service Management Platform. White Paper

IBM Security Operations Center Poland! Wrocław! Daniel Donhefner SOC Manager!

Business Transformation for Application Providers

Emerging Technologies Shaping the Future of Data Warehouses & Business Intelligence

SOLUTION WHITE PAPER. Remedyforce Powerful Platform

Real-Time Database Protection and. Overview IBM Corporation

Transcription:

7650 W COURTNEY CAMPBELL CAUSEWAY, SUITE 950 TAMPA, FLORIDA 33607 ULTRAMATICS.COM 813.891-0300 FREQUENTLY ASKED QUESTIONS Questions: Business... 2 What does it take to deploy PCI-G from the standpoint of PS and effort?... 2 Functional... 2 Can PCI Guardian work with other Tokenization vendors, if so how?... 2 Can the solution integrate with LDAP for processing?... 2 Can PCI Guardian be used as Payment Gateway?... 2 How do banks access PCI-G?... 3 Can customer support agents drill down on the dashboards to get the Credit Card Info?... 3 Delivery... 3 How long does an implementation take?... 3 Deal-making... 4 What components comprise a software license for PCI-G?... 4 How much is a typical deal (software and services)?... 4 What is the typical IBM portion of the deal?... 4 Competition... 5 Doesn t PCI Guardian compete with other IBM Security Products?... 5

7650 W COURTNEY CAMPBELL CAUSEWAY, SUITE 950 TAMPA, FLORIDA 33607 ULTRAMATICS.COM 813.891-0300 BUSINESS What does it take to deploy PCI-G from the standpoint of PS and effort? While it differs depending on the customer requirements, a deployment will typically be between 3-6 months to get to production. There are packaged service offerings for PCI Guardian to help give focus to customers and the sales process. Please see the Services One Sheet supporting the offering. Factors that typically drive PS include some of the following: number of integrated applications, multi-data center approaches, required customizations vs. out-of-the-box functions, and additional security requirements. FUNCTIONAL Can PCI Guardian work with other Tokenization vendors, if so how? Yes it can. PCI Guardian has a robust stateless tokenization solution that provides all of the known capabilities that a customer may desire. This includes more than just tokenizing Credit Card information. A core tenant of the architecture is that of a Service Oriented Architecture (SOA). As such, PCI Guardian is fully flexible to use other tokenization and encryption solutions if they leverage restful or WSDL-based services. By example, it has been integrated with TokenEx. Lastly, because of the SOA nature of PCI Guardian, any external tokenization vendors can leverage PCI Guardian s error recovery capabilities as well. Can the solution integrate with LDAP for processing? Yes. Because PCI Guardian leverages DataPower, it can be configured for LDAP. Can PCI Guardian be used as Payment Gateway? PCI Guardian can call out to Payment Gateways through its secure workflow functions. For instance, the software integrates to Litle (now Vantiv) or other Payment Gateways leveraging standards-based, secure, and robust integration. By itself, PCI Guardian does not provide a

payment gateway. It seamlessly integrates to one including bring interactions into the unified auditing subsystem of the product. How do banks access PCI-G? Interactions to banks can be managed through PCI Guardian s secure workflows. This allows the software to manage who has access to what data and when. Because of its significant integration capabilities, there is a lot of flexibility in these interactions. Yet, a key principle is that all such interactions are fully managed and audited as a secure workflow capability (not ad hoc insecure PCI data retrieval). Can customer support agents drill down on the dashboards to get the Credit Card Info? Currently dashboard functions do not expose credit card numbers to the out-of-the-box dashboard on purpose: keeping sensitive data squarely in the PCI Zone. Though, such information can be shared using the secure workflow functions. As part of the deployment engagement, such requirements may be explored carefully so not to increase insecure data exposure and integrated with whatever digital surface required. Additionally, flexibility to display only portions of a credit card number (such as the last 4 digits) could be exposed instead of the entire number set. DELIVERY How long does an implementation take? A base implementation can be completed in 60-90 days in a convenient fixed-bid model. Page 3 of 5

DEAL-MAKING What components comprise a software license for PCI-G? 1. Gateway secure-zone protected set of integration services. This is the IBM XI52. This is a mandatory new license component for PCI-G. 2. Recovery secure-zone protected recovery service for transaction failures. This is the IBM XC10 technology or other compatible technologies. This is a mandatory new license component for PCI-G. 3. Tokenenization data tokenization capabilities as part of the secure-zone architecture. This is the Voltage Tokenization Server or other compatible technologies. This is a mandatory new license component for PCI-G. 4. Workflows secure workflows supporting security patterns. This is an Ultramatics component of PCI-G. This is a mandatory new license component for PCI-G. 5. PMC PCI-G Management Console for reports, dashboards, and admin functions. This is a mandatory new license component for PCI-G. 6. Messaging Messaging queuing services for secure-architected interactions amongst PCI-G components. This is a mandatory new or bring-your-own-license component for PCI-G. 7. Database Database persistence for the PMC. This is a mandatory new or bring-yourown-license component for PCI-G. How much is a typical deal (software and services)? The typical deal is $750-900K, including all software (IBM, Voltage, and Ultramatics) and services (Ultramatics). What is the typical IBM portion of the deal? IBM DataPower typically makes up $250-400K of the package. Keep in mind that this solution must run on dedicated DataPower appliances, so these are new sales. Page 4 of 5

COMPETITION Doesn t PCI Guardian compete with other IBM Security Products? PCI Guardian is complimentary to IBM s portfolio of security capabilities. PCI Guardian capabilities are tailored for transactional application messages and data privacy. The use cases feature an appliance-centric approach, an error handling subsystem, administration and webbased auditing capability, and more. These capabilities in whole are not found in the IBM portfolio. The value-added software of PCI Guardian brings it together. There are future roadmap possibilities that even further bring customer value. For instance, IBM Guardium s data masking capabilities may be an option for some use cases instead of tokenization. Additionally, PCI Guardian may be able to correlate real-time information together with the proactive network alerting together with QRadar s threat detection rules. Built on an SOA platform with clear interfaces to subsystem components for exception management and eventing, PCI Guardian can smoothly interoperate with additional technologies. These include additional IBM products, as required. For feedback on this document including updated field intelligence or new questions, please contact marketing@ultramatics.com. Page 5 of 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information