Cyber Resiliency Solution using IBM Spectrum Virtualize

Cyber Resiliency Solution using IBM Spectrum Virtualize PDF Author: IBM
Publisher: IBM Redbooks
ISBN: 0738459925
Category : Computers
Languages : en
Pages : 30

Get Book Here

Book Description
This document is intended to facilitate the solution for Safeguarded Copy for cyber resiliency and logical air gap solution for IBM FlashSystem and SAN Volume Controller. The document showcases the configuration and end-to-end architecture for configuring the logical air-gap solution for cyber resiliency by using the Safeguarded Copy feature in IBM FlashSystem and IBM SAN Volume Control storage. The information in this document is distributed on an "as is" basis without any warranty that is either expressed or implied. Support assistance for the use of this material is limited to situations where IBM FlashSystem or IBM SAN Volume Controller storage devices are supported and entitled and where the issues are specific to a blueprint implementation.

Cyber Resiliency Solution using IBM Spectrum Virtualize

Cyber Resiliency Solution using IBM Spectrum Virtualize PDF Author: IBM
Publisher: IBM Redbooks
ISBN: 0738459925
Category : Computers
Languages : en
Pages : 30

Get Book Here

Book Description
This document is intended to facilitate the solution for Safeguarded Copy for cyber resiliency and logical air gap solution for IBM FlashSystem and SAN Volume Controller. The document showcases the configuration and end-to-end architecture for configuring the logical air-gap solution for cyber resiliency by using the Safeguarded Copy feature in IBM FlashSystem and IBM SAN Volume Control storage. The information in this document is distributed on an "as is" basis without any warranty that is either expressed or implied. Support assistance for the use of this material is limited to situations where IBM FlashSystem or IBM SAN Volume Controller storage devices are supported and entitled and where the issues are specific to a blueprint implementation.

Cyber Resiliency Solution for IBM Spectrum Scale

Cyber Resiliency Solution for IBM Spectrum Scale PDF Author: IBM
Publisher: IBM Redbooks
ISBN: 0738457965
Category : Computers
Languages : en
Pages : 30

Get Book Here

Book Description
This document is intended to facilitate the deployment of the Cyber Resiliency solution for IBM® Spectrum Scale. This solution is designed to protect the data on IBM SpectrumTM Scale from external cyberattacks or insider attacks using its integration with IBM Spectrum ProtectTM and IBM Tape Storage. To complete the tasks that it describes, you must understand IBM Spectrum ScaleTM, IBM Spectrum Protect, and IBM Tape Storage architecture, concepts, and configuration. The information in this document is distributed on an as-is basis without any warranty that is either expressed or implied. Support assistance for the use of this material is limited to situations where IBM Spectrum Scale or IBM Spectrum Protect are supported and entitled, and where the issues are specific to a blueprint implementation.

Cyber Resiliency with IBM QRadar and IBM Spectrum Virtualize for Public Cloud on Azure with IBM Copy Services Manager for Safeguarded Copy

Cyber Resiliency with IBM QRadar and IBM Spectrum Virtualize for Public Cloud on Azure with IBM Copy Services Manager for Safeguarded Copy PDF Author: IBM
Publisher: IBM Redbooks
ISBN: 0738460621
Category : Computers
Languages : en
Pages : 58

Get Book Here

Book Description
The focus of this Blueprint publication is to highlight the early threat detection capabilities of IBM® QRadar® and to show how to proactively start a cyber-resilience workflow in response to a cyberattack or malicious user actions. The workflow uses IBM's Copy Services Manager as orchestration software to start IBM Spectrum Virtualize for Public Cloud (SV4PC) Safeguarded Copy functions. The IBM SV4PC Safeguarded Copy function creates an immutable copy of the data in an air-gapped form on the same IBM SV4PC on Azure for isolation and eventual quick recovery. This document describes the steps that are involved to enable and forward IBM SV4PC audit logs to IBM QRadar. It also describes how to create various rules to determine a threat, and configure and start a suitable response to the detected threat in IBM QRadar. This document also explains how to register a storage system and create a scheduled task by using IBM Copy Services Manager. Finally, this document also describes deploying IBM QRadar and SV4PC on Azure. A use case for protecting the MS SQL database (DB) volume that was created on IBM SV4PC is included. Upon threat detection on a database volume, Safeguarded Copy is started for IBM SV4PC volume. The Safeguarded Copy creates an immutable copy of the data. The same data volume can be recovered or restored by using IBM's Copy Services Manager.

Achieving Hybrid Cloud Cyber Resiliency with IBM Spectrum Virtualize for Public Cloud

Achieving Hybrid Cloud Cyber Resiliency with IBM Spectrum Virtualize for Public Cloud PDF Author: IBM
Publisher: IBM Redbooks
ISBN: 0738458449
Category : Computers
Languages : en
Pages : 30

Get Book Here

Book Description
This document is intended to facilitate the approach of achieving the Cyber Resiliency solution for IBM® Spectrum Virtualize for Public Cloud. This solution is designed to protect the data on IBM SpectrumTM Virtualize storage in a hybrid multicloud environment by deploying cloud backup to Amazon S3 using the function Transparent Cloud Tiering .

A Hybrid Cloud Cyber Security Solution using IBM Spectrum Virtualize for Public Cloud on Azure and IBM Spectrum Virtualize Safeguarded Copy

A Hybrid Cloud Cyber Security Solution using IBM Spectrum Virtualize for Public Cloud on Azure and IBM Spectrum Virtualize Safeguarded Copy PDF Author: IBM Storage
Publisher: IBM Redbooks
ISBN: 0738460346
Category : Computers
Languages : en
Pages : 48

Get Book Here

Book Description
The document describes the configuration and end-to-end architecture for configuring the logical air-gap solution for cyber resiliency using IBM® Spectrum Virtualize for Public Cloud (SV4PC) on Azure, IBM Spectrum® Virtualize Safeguarded Copy, and IBM FlashSystem®. This blueprint guide provides the following information: • A solutions architecture and related solution configuration workflows, with the following essential software and hardware components: – IBM FlashSystem – IBM Spectrum Virtualize for Public Cloud on Azure – IBM Copy Services Manager • Detailed technical configuration steps for building the cyber resiliency solutions This technical report does not provide performance analysis from a user perspective or replace any official IBM manuals or documents. This technical paper assumes that the reader is familiar with the following areas: • Basic kowledge of IBM FlashSystem • Azure Cloud fundamentals • Hybrid Cloud network connectivity • IBM Copy Services Manager

Cyber Resiliency with Splunk Enterprise and IBM FlashSystem Storage Safeguarded Copy with IBM Copy Services Manager

Cyber Resiliency with Splunk Enterprise and IBM FlashSystem Storage Safeguarded Copy with IBM Copy Services Manager PDF Author: Hemant Kantak
Publisher: IBM Redbooks
ISBN: 0738460974
Category : Computers
Languages : en
Pages : 42

Get Book Here

Book Description
The focus of this document is to highlight early threat detection by using Splunk Enterprise and proactively start a cyber resilience workflow in response to a cyberattack or malicious user action. The workflow uses IBM® Copy Services Manager (CSM) as orchestration software to invoke the IBM FlashSystem® storage Safeguarded Copy function, which creates an immutable copy of the data in an air-gapped form on the same IBM FlashSystem Storage for isolation and eventual quick recovery. This document explains the steps that are required to enable and forward IBM FlashSystem audit logs and set a Splunk forwarder configuration to forward local event logs to Splunk Enterprise. This document also describes how to create various alerts in Splunk Enterprise to determine a threat, and configure and invoke an appropriate response to the detected threat in Splunk Enterprise. This document explains the lab setup configuration steps that are involved in configuring various components like Splunk Enterprise, Splunk Enterprise config files for custom apps, IBM CSM, and IBM FlashSystem Storage. The last steps in the lab setup section demonstrate the automated Safeguarded Copy creation and validation steps. This document also describes brief steps for configuring various components and integrating them. This document demonstrates a use case for protecting a Microsoft SQL database (DB) volume that is created on IBM FlashSystem Storage. When a threat is detected on the Microsoft SQL DB volume, Safeguarded Copy starts on an IBM FlashSystem Storage volume. The Safeguarded Copy creates an immutable copy of the data, and the same data volume can be recovered or restored by using IBM CSM. This publication does not describe the installation procedures for Splunk Enterprise, Splunk Forwarder for IBM CSM, th Microsoft SQL server, or the IBM FlashSystem Storage setup. It is assumed that the reader of the book has a basic understanding of system, Windows, and DB administration; storage administration; and has access to the required software and documentation that is used in this document.

Enhanced Cyber Resilience Threat Detection with IBM FlashSystem Safeguarded Copy and IBM QRadar

Enhanced Cyber Resilience Threat Detection with IBM FlashSystem Safeguarded Copy and IBM QRadar PDF Author: IBM Storage
Publisher: IBM Redbooks
ISBN: 0738459879
Category : Computers
Languages : en
Pages : 58

Get Book Here

Book Description
The focus of this document is to demonstrate an early threat detection by using IBM® QRadar® and the Safeguarded Copy feature that is available as part of IBM FlashSystem® and IBM SAN Volume Controller. Such early detection protects and quickly recovers the data if a cyberattack occurs. This document describes integrating IBM FlashSystem audit logs with IBM QRadar, and the configuration steps for IBM FlashSystem and IBM QRadar. It also explains how to use the IBM QRadar's device support module (DSM) editor to normalize events and assign IBM QRadar identifier (QID) map to the events. Post IBM QRadar configuration, we review configuring Safeguarded Copy on the application volumes by using volume groups and applying Safeguarded backup polices on the volume group. Finally, we demonstrate the use of orchestration software IBM Copy Services Manager to start a recovery, restore operations for data restoration on online volumes, and start a backup of data volumes.

Cyber Resilience Solution Across Hybrid Cloud Using IBM Storage Solutions

Cyber Resilience Solution Across Hybrid Cloud Using IBM Storage Solutions PDF Author: IBM
Publisher: IBM Redbooks
ISBN: 0738459186
Category : Computers
Languages : en
Pages : 48

Get Book Here

Book Description
In today's data driven world, the information and data of an organization is considered as the most important asset to its business. It can serve as key asset for growth of an organization. As more data are collected by organizations, it is growing at a staggering pace. With this exponential data growth, there is an increase need to protect the data from the various cyberattacks in the form of malware and ransomware that is trying to steal precious data and information. These cyberattacks can have catastrophic impact on the organization and result in devastating financial losses and affect the organization's reputation for years. This document is intended to facilitate the deployment of the Hybrid Cloud Cyber Resilience solution for storage system data that it backed up in IBM Spectrum Protect Plus from external cyberattacks or insider attacks by using its integration with IBM Cloud Object Storage. You must understand IBM FlashSystem, IBM Spectrum Protect Plus, and IBM Cloud Object Storage architecture concepts and its configuration across hybrid cloud. The information in this document is distributed on an as-is basis without any warranty that is either expressed or implied. Support assistance for the use of this material is limited to situations where IBM FlashSystem, IBM Spectrum Protect Plus or IBM Cloud Object Storage are supported and entitled, and where the issues are specific to a solution technical paper implementation.

Securing Data on Threat Detection by Using IBM Spectrum Scale and IBM QRadar: An Enhanced Cyber Resiliency Solution

Securing Data on Threat Detection by Using IBM Spectrum Scale and IBM QRadar: An Enhanced Cyber Resiliency Solution PDF Author: Boudhayan Chakrabarty
Publisher: IBM Redbooks
ISBN: 073846001X
Category : Computers
Languages : en
Pages : 68

Get Book Here

Book Description
Having appropriate storage for hosting business-critical data and advanced Security Information and Event Management (SIEM) software for deep inspection, detection, and prioritization of threats has become a necessity for any business. This IBM® Redpaper publication explains how the storage features of IBM Spectrum® Scale, when combined with the log analysis, deep inspection, and detection of threats that are provided by IBM QRadar®, help reduce the impact of incidents on business data. Such integration provides an excellent platform for hosting unstructured business data that is subject to regulatory compliance requirements. This paper describes how IBM Spectrum Scale File Audit Logging can be integrated with IBM QRadar. Using IBM QRadar, an administrator can monitor, inspect, detect, and derive insights for identifying potential threats to the data that is stored on IBM Spectrum Scale. When the threats are identified, you can quickly act on them to mitigate or reduce the impact of incidents. We further demonstrate how the threat detection by IBM QRadar can proactively trigger data snapshots or cyber resiliency workflow in IBM Spectrum Scale to protect the data during threat. This third edition has added the section "Ransomware threat detection", where we describe a ransomware attack scenario within an environment to leverage IBM Spectrum Scale File Audit logs integration with IBM QRadar. This paper is intended for chief technology officers, solution engineers, security architects, and systems administrators. This paper assumes a basic understanding of IBM Spectrum Scale and IBM QRadar and their administration.

Offloading storage volumes from Safeguarded Copy to AWS S3 Object Storage with IBM FlashSystem Transparent Cloud Tiering

Offloading storage volumes from Safeguarded Copy to AWS S3 Object Storage with IBM FlashSystem Transparent Cloud Tiering PDF Author: Shashank Shingornikaris
Publisher: IBM Redbooks
ISBN: 073846094X
Category : Computers
Languages : en
Pages : 30

Get Book Here

Book Description
The focus of this IBM® Blueprint is to showcase a method to store volumes that are created by using Safeguarded Copy off-premise to Amazon S3 object storage that uses the IBM FlashSystem Transparent cloud tiering (TCT) feature. TCT enables volume data to be copied and transferred to object storage. The TCT feature supports creating connections to cloud service providers to store copies of volume data in private or public clouds. This feature is useful for organizations of all sizes when planning for disaster recovery operations or storing a copy of data as extra backup. TCT provides seamless integration between the storage system and public or private clouds for Safeguarded Copy volumes and non-Safeguarded Copy volumes.