Endpoint Security and Compliance Management Design Guide Using IBM Tivoli Endpoint Manager

Endpoint Security and Compliance Management Design Guide Using IBM Tivoli Endpoint Manager

Author: Axel Buecker

Publisher: IBM Redbooks

Published: 2012-08-22

Total Pages: 422

ISBN-13: 0738436984

DOWNLOAD EBOOK

Organizations today are more widely distributed than ever before, which can make systems management tasks, such as distributing software, patches, and security policies, extremely challenging. The IBM® Tivoli® Endpoint Manager platform is architected for today's highly diverse, distributed, and complex IT environments. It provides real-time visibility and control through a single infrastructure, single agent, and single console for systems lifecycle management, endpoint protection, and security configuration and vulnerability management. This platform enables organizations to securely manage their global IT infrastructures faster and more accurately, resulting in improved governance, control, visibility, and business agility. Plus, it gives organizations the ability to handle tomorrow's unforeseen challenges. In this IBM Redbooks® publication, we provide IT security professionals with a better understanding around the challenging topic of endpoint management in the IT security domain. We focus on IBM Tivoli Endpoint Manager for Security and Compliance and describe the product architecture and provide a hands-on design guide for deploying the solution. This book is a valuable resource for security professionals and architects who want to understand and implement a centralized endpoint management infrastructure and endpoint protection to better handle security and compliance challenges.


Endpoint Security and Compliance Management Design Guide Using IBM Tivoli Endpoint Manager

Endpoint Security and Compliance Management Design Guide Using IBM Tivoli Endpoint Manager

Author: Axel Buecker

Publisher:

Published: 2012

Total Pages: 422

ISBN-13:

DOWNLOAD EBOOK

Organizations today are more widely distributed than ever before, which can make systems management tasks, such as distributing software, patches, and security policies, extremely challenging. The IBM® Tivoli® Endpoint Manager platform is architected for today's highly diverse, distributed, and complex IT environments. It provides real-time visibility and control through a single infrastructure, single agent, and single console for systems lifecycle management, endpoint protection, and security configuration and vulnerability management. This platform enables organizations to securely manage their global IT infrastructures faster and more accurately, resulting in improved governance, control, visibility, and business agility. Plus, it gives organizations the ability to handle tomorrow's unforeseen challenges. In this IBM Redbooks® publication, we provide IT security professionals with a better understanding around the challenging topic of endpoint management in the IT security domain. We focus on IBM Tivoli Endpoint Manager for Security and Compliance and describe the product architecture and provide a hands-on design guide for deploying the solution. This book is a valuable resource for security professionals and architects who want to understand and implement a centralized endpoint management infrastructure and endpoint protection to better handle security and compliance challenges.


IT Security Compliance Management Design Guide with IBM Tivoli Security Information and Event Manager

IT Security Compliance Management Design Guide with IBM Tivoli Security Information and Event Manager

Author: Axel Buecker

Publisher: IBM Redbooks

Published: 2010-07-16

Total Pages: 464

ISBN-13: 0738434469

DOWNLOAD EBOOK

To comply with government and industry regulations, such as Sarbanes-Oxley, Gramm Leach Bliley (GLBA), and COBIT (which can be considered a best-practices framework), organizations must constantly detect, validate, and report unauthorized changes and out-of-compliance actions within the Information Technology (IT) infrastructure. Using the IBM® Tivoli Security Information and Event Manager solution organizations can improve the security of their information systems by capturing comprehensive log data, correlating this data through sophisticated log interpretation and normalization, and communicating results through a dashboard and full set of audit and compliance reporting. In this IBM Redbooks® publication, we discuss the business context of security audit and compliance software for organizations and describe the logical and physical components of IBM Tivoli Security Information and Event Manager. We also present a typical deployment within a business scenario. This book is a valuable resource for security officers, administrators, and architects who want to understand and implement a centralized security audit and compliance solution.


IBM Security Solutions Architecture for Network, Server and Endpoint

IBM Security Solutions Architecture for Network, Server and Endpoint

Author: Axel Buecker

Publisher: IBM Redbooks

Published: 2011-02-17

Total Pages: 510

ISBN-13: 0738435430

DOWNLOAD EBOOK

Threats come from a variety of sources. Insider threats, as well as malicious hackers, are not only difficult to detect and prevent, but many times the authors of these threats are using resources without anybody being aware that those threats are there. Threats would not be harmful if there were no vulnerabilities that could be exploited. With IT environments becoming more complex every day, the challenges to keep an eye on all potential weaknesses are skyrocketing. Smart methods to detect threats and vulnerabilities, as well as highly efficient approaches to analysis, mitigation, and remediation, become necessary to counter a growing number of attacks against networks, servers, and endpoints in every organization. In this IBM® Redbooks® publication, we examine the aspects of the holistic Threat and Vulnerability Management component in the Network, Server and Endpoint domain of the IBM Security Framework. We explain the comprehensive solution approach, identify business drivers and issues, and derive corresponding functional and technical requirements, which enables us to choose and create matching security solutions. We discuss IBM Security Solutions for Network, Server and Endpoint to effectively counter threats and attacks using a range of protection technologies and service offerings. Using two customer scenarios, we apply the solution design approach and show how to address the customer requirements by identifying the corresponding IBM service and software products.


Network Intrusion Prevention Design Guide: Using IBM Security Network IPS

Network Intrusion Prevention Design Guide: Using IBM Security Network IPS

Author: Axel Buecker

Publisher: IBM Redbooks

Published: 2011-12-16

Total Pages: 278

ISBN-13: 0738436216

DOWNLOAD EBOOK

Every organization today needs to manage the risk of exposing business-critical data, improve business continuity, and minimize the cost of managing IT security. Most all IT assets of an organization share a common network infrastructure. Therefore, the first line of defense is to establish proper network security. This security is a prerequisite for a logical set of technical countermeasures to protect from many different attack vectors that use the network to infiltrate the backbone of an organization. The IBM® Security Network Intrusion Prevention System (IPS) stops network-based threats before they can impact the business operations of an organization. Preemptive protection, which is protection that works ahead of a threat, is available by means of a combination of line-speed performance, security intelligence, and a modular protection engine that enables security convergence. By consolidating network security demands for data security and protection for web applications, the IBM Security Network IPS serves as the security platform that can reduce the costs and complexity of deploying and managing point solutions. This IBM Redbooks® publication provides IT architects and security specialists a better understanding of the challenging topic of blocking network threats. This book highlights security convergence of IBM Virtual Patch® technology, data security, and Web Application Protection. In addition, this book explores the technical foundation of the IBM Security Network IPS. It explains how to set up, configure, and maintain proper network perimeter protection within a real-world business scenario.


Identity Management Design Guide with IBM Tivoli Identity Manager

Identity Management Design Guide with IBM Tivoli Identity Manager

Author: Axel Buecker

Publisher: IBM Redbooks

Published: 2009-11-06

Total Pages: 704

ISBN-13: 0738433799

DOWNLOAD EBOOK

Identity management is the concept of providing a unifying interface to manage all aspects related to individuals and their interactions with the business. It is the process that enables business initiatives by efficiently managing the user life cycle (including identity/resource provisioning for people (users)), and by integrating it into the required business processes. Identity management encompasses all the data and processes related to the representation of an individual involved in electronic transactions. This IBM® Redbooks® publication provides an approach for designing an identity management solution with IBM Tivoli® Identity Manager Version 5.1. Starting from the high-level, organizational viewpoint, we show how to define user registration and maintenance processes using the self-registration and self-care interfaces as well as the delegated administration capabilities. Using the integrated workflow, we automate the submission/approval processes for identity management requests, and with the automated user provisioning, we take workflow output and automatically implement the administrative requests on the environment with no administrative intervention. This book is a valuable resource for security administrators and architects who wish to understand and implement a centralized identity management and security infrastructure.


Using the IBM Security Framework and IBM Security Blueprint to Realize Business-Driven Security

Using the IBM Security Framework and IBM Security Blueprint to Realize Business-Driven Security

Author: Axel Buecker

Publisher: IBM Redbooks

Published: 2014-02-06

Total Pages: 240

ISBN-13: 0738437891

DOWNLOAD EBOOK

Security is a major consideration in the way that business and information technology systems are designed, built, operated, and managed. The need to be able to integrate security into those systems and the discussions with business functions and operations exists more than ever. This IBM® Redbooks® publication explores concerns that characterize security requirements of, and threats to, business and information technology (IT) systems. This book identifies many business drivers that illustrate these concerns, including managing risk and cost, and compliance to business policies and external regulations. This book shows how these drivers can be translated into capabilities and security needs that can be represented in frameworks, such as the IBM Security Blueprint, to better enable enterprise security. To help organizations with their security challenges, IBM created a bridge to address the communication gap between the business and technical perspectives of security to enable simplification of thought and process. The IBM Security Framework can help you translate the business view, and the IBM Security Blueprint describes the technology landscape view. Together, they can help bring together the experiences that we gained from working with many clients to build a comprehensive view of security capabilities and needs. This book is intended to be a valuable resource for business leaders, security officers, and consultants who want to understand and implement enterprise security by considering a set of core security capabilities and services.


Deployment Guide for InfoSphere Guardium

Deployment Guide for InfoSphere Guardium

Author: Whei-Jen Chen

Publisher: IBM Redbooks

Published: 2015-04-14

Total Pages: 472

ISBN-13: 0738439355

DOWNLOAD EBOOK

IBM® InfoSphere® Guardium® provides the simplest, most robust solution for data security and data privacy by assuring the integrity of trusted information in your data center. InfoSphere Guardium helps you reduce support costs by automating the entire compliance auditing process across heterogeneous environments. InfoSphere Guardium offers a flexible and scalable solution to support varying customer architecture requirements. This IBM Redbooks® publication provides a guide for deploying the Guardium solutions. This book also provides a roadmap process for implementing an InfoSphere Guardium solution that is based on years of experience and best practices that were collected from various Guardium experts. We describe planning, installation, configuration, monitoring, and administrating an InfoSphere Guardium environment. We also describe use cases and how InfoSphere Guardium integrates with other IBM products. The guidance can help you successfully deploy and manage an IBM InfoSphere Guardium system. This book is intended for the system administrators and support staff who are responsible for deploying or supporting an InfoSphere Guardium environment.


IT Service Management Best Practices Using IBM SmartCloud Control Desk

IT Service Management Best Practices Using IBM SmartCloud Control Desk

Author: Axel Buecker

Publisher: IBM Redbooks

Published: 2013-12-12

Total Pages: 802

ISBN-13: 0738438677

DOWNLOAD EBOOK

SmartCloud Control Desk is a comprehensive IT Asset and Service Management solution that helps reduce cost and minimize service disruptions. It does so through automated service request handling, efficient change management, and optimized asset lifecycle management across IT and enterprise domains. SmartCloud Control Desk helps to reduce total cost of ownership by using one unified solution to license, install, and manage multiple ITIL processes under one price point. It can also help reduce business risk by using advanced impact analysis and defining automated change procedures that ensure integrity of existing infrastructure while supporting business agility. SmartCloud Control Desk improves efficiency and quality of service by unifying asset, change, and problem management. It lowers cost and mitigates license compliance risk by performing end to end software asset management. It also delivers an adaptive, role-based simplified UI that can be more intuitive for novice users, which reduces training costs, while allowing access from anywhere at anytime through mobile device support that includes BlackBerry, iOS, and Android. In addition, SmartCloud Control Desk supports both a profit center business model for internal IT organizations, and an external Service Provider model. It allows organizations to manage customers and customer agreements and bills for managed assets, usage, and work activities while improving utilization rates and reducing unnecessary purchases by managing the IT asset lifecycle. You can deploy SmartCloud Control Desk in a variety of ways; traditional on-premise, SaaS, VM image. This approach can make it more affordable to meet your current business needs, and seamlessly move between delivery models while keeping the same functionality. This IBM® Redbooks® publication covers IBM SmartCloud® Control Desk product configuration, customization, and implementation best practices.


Understanding SOA Security Design and Implementation

Understanding SOA Security Design and Implementation

Author: Axel Buecker

Publisher: IBM Redbooks

Published: 2008-05-29

Total Pages: 502

ISBN-13: 0738486655

DOWNLOAD EBOOK

Securing access to information is important to any business. Security becomes even more critical for implementations structured according to Service-Oriented Architecture (SOA) principles, due to loose coupling of services and applications, and their possible operations across trust boundaries. To enable a business so that its processes and applications are flexible, you must start by expecting changes – both to process and application logic, as well as to the policies associated with them. Merely securing the perimeter is not sufficient for a flexible on demand business. In this IBM Redbooks publication, security is factored into the SOA life cycle reflecting the fact that security is a business requirement, and not just a technology attribute. We discuss an SOA security model that captures the essence of security services and securing services. These approaches to SOA security are discussed in the context of some scenarios, and observed patterns. We also discuss a reference model to address the requirements, patterns of deployment, and usage, and an approach to an integrated security management for SOA. This book is a valuable resource to senior security officers, architects, and security administrators.