Using the IBM Security Framework and IBM Security Blueprint to Realize Business-Driven Security

Using the IBM Security Framework and IBM Security Blueprint to Realize Business-Driven Security PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738437891
Category : Computers
Languages : en
Pages : 240

Get Book Here

Book Description
Security is a major consideration in the way that business and information technology systems are designed, built, operated, and managed. The need to be able to integrate security into those systems and the discussions with business functions and operations exists more than ever. This IBM® Redbooks® publication explores concerns that characterize security requirements of, and threats to, business and information technology (IT) systems. This book identifies many business drivers that illustrate these concerns, including managing risk and cost, and compliance to business policies and external regulations. This book shows how these drivers can be translated into capabilities and security needs that can be represented in frameworks, such as the IBM Security Blueprint, to better enable enterprise security. To help organizations with their security challenges, IBM created a bridge to address the communication gap between the business and technical perspectives of security to enable simplification of thought and process. The IBM Security Framework can help you translate the business view, and the IBM Security Blueprint describes the technology landscape view. Together, they can help bring together the experiences that we gained from working with many clients to build a comprehensive view of security capabilities and needs. This book is intended to be a valuable resource for business leaders, security officers, and consultants who want to understand and implement enterprise security by considering a set of core security capabilities and services.

Using the IBM Security Framework and IBM Security Blueprint to Realize Business-Driven Security

Using the IBM Security Framework and IBM Security Blueprint to Realize Business-Driven Security PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738437891
Category : Computers
Languages : en
Pages : 240

Get Book Here

Book Description
Security is a major consideration in the way that business and information technology systems are designed, built, operated, and managed. The need to be able to integrate security into those systems and the discussions with business functions and operations exists more than ever. This IBM® Redbooks® publication explores concerns that characterize security requirements of, and threats to, business and information technology (IT) systems. This book identifies many business drivers that illustrate these concerns, including managing risk and cost, and compliance to business policies and external regulations. This book shows how these drivers can be translated into capabilities and security needs that can be represented in frameworks, such as the IBM Security Blueprint, to better enable enterprise security. To help organizations with their security challenges, IBM created a bridge to address the communication gap between the business and technical perspectives of security to enable simplification of thought and process. The IBM Security Framework can help you translate the business view, and the IBM Security Blueprint describes the technology landscape view. Together, they can help bring together the experiences that we gained from working with many clients to build a comprehensive view of security capabilities and needs. This book is intended to be a valuable resource for business leaders, security officers, and consultants who want to understand and implement enterprise security by considering a set of core security capabilities and services.

Enterprise Single Sign-On Design Guide Using IBM Security Access Manager for Enterprise Single Sign-On 8.2

Enterprise Single Sign-On Design Guide Using IBM Security Access Manager for Enterprise Single Sign-On 8.2 PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738437034
Category : Computers
Languages : en
Pages : 494

Get Book Here

Book Description
Everyone feels the pain of too many passwords to remember. Everyone can relate to the security exposure of weak passwords, chosen for convenience. And, everyone can relate to passwords placed in proximity to the workstation for a quick reminder. Unfortunately, that note can allow more than the intended user into the system and network. The average user today often has four or more passwords. And, security policies that focus on password complexity and password-change frequency can cause even more difficulty for users. This IBM® Redbooks® publication introduces IBM Security Access Manager for Enterprise Single Sign-On 8.2, which provides single sign-on to many applications, without a lengthy and complex implementation effort. Whether you are deploying strong authentication, implementing an enterprise-wide identity management initiative, or simply focusing on the sign-on challenges of a specific group of users, this solution can deliver the efficiencies and security that come with a well-crafted and comprehensive single sign-on solution. This book is a valuable resource for security officers, administrators, and architects who want to understand and implement an identity management solution in a medium-scale environment. This book is an update to the existing SG24-7350-01. IMPORTANT: Please note that in the latest version of SAM ESSO, the following two capabilities described in this SAM ESSO Redbooks publication have been removed: -Virtual appliance support -Mobile (iPad) support

Reduce Risk and Improve Security on IBM Mainframes: Volume 1 Architecture and Platform Security

Reduce Risk and Improve Security on IBM Mainframes: Volume 1 Architecture and Platform Security PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738440108
Category : Computers
Languages : en
Pages : 332

Get Book Here

Book Description
This IBM® Redbooks® publication documents the strength and value of the IBM security strategy with IBM System z® hardware and software. In an age of increasing security consciousness, IBM System z provides the capabilities to address the needs of today's business security challenges. This publication explores how System z hardware is designed to provide integrity, process isolation, and cryptographic capability to help address security requirements. This book highlights the features of IBM z/OS® and other operating systems, which offer various customizable security elements under the Security Server and Communication Server components. This book describes z/OS and other operating systems and additional software that leverage the building blocks of System z hardware to provide solutions to business security needs. This publication's intended audience is technical architects, planners, and managers who are interested in exploring how the security design and features of System z, the z/OS operating system, and associated software address current issues, such as data encryption, authentication, authorization, network security, auditing, ease of security administration, and monitoring.

Key Management Deployment Guide: Using the IBM Enterprise Key Management Foundation

Key Management Deployment Guide: Using the IBM Enterprise Key Management Foundation PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738439916
Category : Computers
Languages : en
Pages : 390

Get Book Here

Book Description
In an increasingly interconnected world, data breaches grab headlines. The security of sensitive information is vital, and new requirements and regulatory bodies such as the Payment Card Industry Data Security Standard (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA), and Sarbanes-Oxley (SOX) create challenges for enterprises that use encryption to protect their information. As encryption becomes more widely adopted, organizations also must contend with an ever-growing set of encryption keys. Effective management of these keys is essential to ensure both the availability and security of the encrypted information. Centralized management of keys and certificates is necessary to perform the complex tasks that are related to key and certificate generation, renewal, and backup and recovery. The IBM® Enterprise Key Management Foundation (EKMF) is a flexible and highly secure key management system for the enterprise. It provides centralized key management on IBM zEnterprise® and distributed platforms for streamlined, efficient, and secure key and certificate management operations. This IBM Redbooks® publication introduces key concepts around a centralized key management infrastructure and depicts the proper planning, implementation, and management of such a system using the IBM Enterprise Key Management Foundation solution.

Simplify Management of IT Security and Compliance with IBM PowerSC in Cloud and Virtualized Environments

Simplify Management of IT Security and Compliance with IBM PowerSC in Cloud and Virtualized Environments PDF Author: Dino Quintero
Publisher: IBM Redbooks
ISBN: 0738457973
Category : Computers
Languages : en
Pages : 342

Get Book Here

Book Description
This IBM® Redbooks® publication provides a security and compliance solution that is optimized for virtualized environments on IBM Power SystemsTM servers, running IBM PowerVM® and IBM AIX®. Security control and compliance are some of the key components that are needed to defend the virtualized data center and cloud infrastructure against ever evolving new threats. The IBM business-driven approach to enterprise security that is used with solutions, such as IBM PowerSCTM, makes IBM the premier security vendor in the market today. The book explores, tests, and documents scenarios using IBM PowerSC that leverage IBM Power Systems servers architecture and software solutions from IBM to help defend the virtualized data center and cloud infrastructure against ever evolving new threats. This publication helps IT and Security managers, architects, and consultants to strengthen their security and compliance posture in a virtualized environment running IBM PowerVM.

Network Intrusion Prevention Design Guide: Using IBM Security Network IPS

Network Intrusion Prevention Design Guide: Using IBM Security Network IPS PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738436216
Category : Computers
Languages : en
Pages : 278

Get Book Here

Book Description
Every organization today needs to manage the risk of exposing business-critical data, improve business continuity, and minimize the cost of managing IT security. Most all IT assets of an organization share a common network infrastructure. Therefore, the first line of defense is to establish proper network security. This security is a prerequisite for a logical set of technical countermeasures to protect from many different attack vectors that use the network to infiltrate the backbone of an organization. The IBM® Security Network Intrusion Prevention System (IPS) stops network-based threats before they can impact the business operations of an organization. Preemptive protection, which is protection that works ahead of a threat, is available by means of a combination of line-speed performance, security intelligence, and a modular protection engine that enables security convergence. By consolidating network security demands for data security and protection for web applications, the IBM Security Network IPS serves as the security platform that can reduce the costs and complexity of deploying and managing point solutions. This IBM Redbooks® publication provides IT architects and security specialists a better understanding of the challenging topic of blocking network threats. This book highlights security convergence of IBM Virtual Patch® technology, data security, and Web Application Protection. In addition, this book explores the technical foundation of the IBM Security Network IPS. It explains how to set up, configure, and maintain proper network perimeter protection within a real-world business scenario.

IBM Smart Analytics Cloud

IBM Smart Analytics Cloud PDF Author: Lydia Parziale
Publisher: IBM Redbooks
ISBN: 0738434647
Category : Computers
Languages : en
Pages : 364

Get Book Here

Book Description
This IBM Redbooks® publication presents a Smart Analytics Cloud. The IBM Smart Analytics Cloud is an IBM offering to enable delivery of business intelligence and analytics at the customer location in a private cloud deployment. The offering leverages a combination of IBM hardware, software and services to offer customers a complete solution that is enabled at their site. In this publication, we provide the background and product information for decision-makers to proceed with a cloud solution. The content ranges from an introduction to cloud computing to details about our lab implementation. The core of the book discusses the business value, architecture, and functionality of a Smart Analytics Cloud. To provide deeper perspective, documentation is also provided about implementation of one specific Smart Analytics Cloud solution that we created in our lab environment. Additionally, we also describe the IBM Smart Analytics Cloud service offering that can help you create your own Smart Analytics cloud solution that is tailored to your business needs.

IBM Security Solutions Architecture for Network, Server and Endpoint

IBM Security Solutions Architecture for Network, Server and Endpoint PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738435430
Category : Computers
Languages : en
Pages : 510

Get Book Here

Book Description
Threats come from a variety of sources. Insider threats, as well as malicious hackers, are not only difficult to detect and prevent, but many times the authors of these threats are using resources without anybody being aware that those threats are there. Threats would not be harmful if there were no vulnerabilities that could be exploited. With IT environments becoming more complex every day, the challenges to keep an eye on all potential weaknesses are skyrocketing. Smart methods to detect threats and vulnerabilities, as well as highly efficient approaches to analysis, mitigation, and remediation, become necessary to counter a growing number of attacks against networks, servers, and endpoints in every organization. In this IBM® Redbooks® publication, we examine the aspects of the holistic Threat and Vulnerability Management component in the Network, Server and Endpoint domain of the IBM Security Framework. We explain the comprehensive solution approach, identify business drivers and issues, and derive corresponding functional and technical requirements, which enables us to choose and create matching security solutions. We discuss IBM Security Solutions for Network, Server and Endpoint to effectively counter threats and attacks using a range of protection technologies and service offerings. Using two customer scenarios, we apply the solution design approach and show how to address the customer requirements by identifying the corresponding IBM service and software products.

IT Security Policy Management Usage Patterns Using IBM Tivoli Security Policy Manager

IT Security Policy Management Usage Patterns Using IBM Tivoli Security Policy Manager PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738436143
Category : Computers
Languages : en
Pages : 314

Get Book Here

Book Description
In a growing number of organizations, policies are the key mechanism by which the capabilities and requirements of services are expressed and made available to other entities. The goals established and driven by the business need to be consistently implemented, managed and enforced by the service-oriented infrastructure; expressing these goals as policy and effectively managing this policy is fundamental to the success of any IT and application transformation. First, a flexible policy management framework must be in place to achieve alignment with business goals and consistent security implementation. Second, common re-usable security services are foundational building blocks for SOA environments, providing the ability to secure data and applications. Consistent IT Security Services that can be used by different components of an SOA run time are required. Point solutions are not scalable, and cannot capture and express enterprise-wide policy to ensure consistency and compliance. In this IBM® Redbooks® publication, we discuss an IBM Security policy management solution, which is composed of both policy management and enforcement using IT security services. We discuss how this standards-based unified policy management and enforcement solution can address authentication, identity propagation, and authorization requirements, and thereby help organizations demonstrate compliance, secure their services, and minimize the risk of data loss. This book is a valuable resource for security officers, consultants, and architects who want to understand and implement a centralized security policy management and entitlement solution.

Integrating IBM Security and SAP Solutions

Integrating IBM Security and SAP Solutions PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738436569
Category : Computers
Languages : en
Pages : 434

Get Book Here

Book Description
Many large and medium-sized organizations have made strategic investments in the SAP NetWeaver technology platform as their primary application platform. In fact, SAP software is used to manage many core business processes and data. As a result, it is critical for all organizations to manage the life cycle of user access to the SAP applications while adhering to security and risk compliance requirements. In this IBM® Redbooks® publication, we discuss the integration points into SAP solutions that are supported by the IBM Security access and identity management product capabilities. IBM Security software offers a range of identity management (IdM) adapters and access management components for SAP solutions that are available with IBM Tivoli® Identity Manager, IBM Tivoli Directory Integrator, IBM Tivoli Directory Server, IBM Access Manager for e-business, IBM Tivoli Access Manager for Enterprise Single Sign-On, and IBM Tivoli Federated Identity Manager. This book is a valuable resource for security officers, consultants, administrators, and architects who want to understand and implement an identity management solution for an SAP environment.