IBM SoftwareIBM Security Products: Intelligence,Integration, ExpertiseA Comprehensive Framework for Any Environment from M...
2 IBM Security Products: Intelligence, Integration, ExpertiseContents2 A Hyper-Connected Business World3 Security Intellig...
3IBM SoftwareSecurity Intelligence for a New WorldIn the era of big data, big data should be used to help secure theenterp...
4 IBM Security Products: Intelligence, Integration, Expertiseintelligence, plus the real-time correlation and analytics ca...
5IBM SoftwareIBM has the consultants and expertise to help any companymove toward optimized, integrated security controls ...
6 IBM Security Products: Intelligence, Integration, Expertise●  ●QRadar QFlow and VFlow Collectors: Integrated networktraf...
7IBM Software●  ●IBM InfoSphere Guardium Vulnerability Assessment:Automated detection of database vulnerabilities with pri...
8 IBM Security Products: Intelligence, Integration, Expertise●  ●Balancing security and performance withoutdisrupting busi...
9IBM SoftwareLeverage the mainframe as the enterprise security hub to helpprotect mission-critical production systems and ...
10 IBM Security Products: Intelligence, Integration, ExpertiseSolutions for Today’s ChallengesThe IBM Security Framework o...
11IBM Softwarepreviously possible. Data is the new currency of business.IBM can help protect this valuable asset and stren...
WGB03004-USEN-00	 © Copyright IBM Corporation 2012	 IBM CorporationSoftware GroupRoute 100Somers, NY 10589	 Produced in th...
Upcoming SlideShare
Loading in …5

IBM Security Products: Intelligence, Integration, Expertise


Published on

A Comprehensive Framework for Any Environment from Mobile to Cloud to Social to Unknown Futures

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

IBM Security Products: Intelligence, Integration, Expertise

  1. 1. IBM SoftwareIBM Security Products: Intelligence,Integration, ExpertiseA Comprehensive Framework for Any Environment from Mobile to Cloudto Social to Unknown Futures
  2. 2. 2 IBM Security Products: Intelligence, Integration, ExpertiseContents2 A Hyper-Connected Business World3 Security Intelligence for a New World3 A Unique, Comprehensive Approach5 Product Portfolio10 Solutions for Today’s Challenges12 Conclusion12 For More InformationLabeled “The Year of the Security Breach” by the IBM X-FORCE research and development team, 2011 was marked by a high volume of severe and variedsecurity attacks.Attack Type2011 Sampling of Security Incidents by Attack Type, Time and Impactconjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial lossesSQL InjectionURL TamperingSpear Phishing3rd Party SoftwareDDoSSecureIDTrojan SoftwareUnknownGamingDefenseEntertainmentBankingCentralGovernmentEntertainmentNationalPoliceCentralGovernmentEntertainmentCentralGovernmentCentralGovernmentCentralGovernmentCentralGovernmentEntertainmentCentralGovernmentEntertainmentDefenseDefenseIT SecurityIT SecurityIT SecurityConsultingBankingConsumerElectronicsMarketingServicesNationalPoliceStatePoliceGamingConsumerElectronicsStatePoliceNationalPoliceConsumerElectronicsCentralGovernmentCentralGovernmentCentralGovernmentCentralGovernmentGaming ConsultingDefenseFinancialMarketAgricultureTele-communicationsInternetServicesConsumerElectronicsHeavyIndustryInsuranceInternetServicesApparelGamingCentralGovernmentGamingGamingGamingGamingGaming GamingGovernmentConsultingOnline ServicesOnlineServicesSize of circle estimates relative impact ofbreach in terms of cost to businessJan Feb March April May June July Aug Sep Oct Nov DecA Hyper-Connected Business WorldIn today’s era of big data, a fundamentally different approachis needed to secure the enterprise. The explosion of digital busi-ness information that is accessed from and stored on virtualizedcloud and social platforms, instrumentation, and mobiledevices that are part consumer part business, have created anoverwhelmingly complex IT environment—with possible attackpoints nearly limitless.The most sophisticated adversaries are now perpetratingAdvanced Persistent Threats, using focus and persistence to gainaccess to sensitive business information. These attacks utilizecutting-edge methodologies, can last indefinitely and arespecifically targeted. The increased diversity of today’s threatshas eroded the effectiveness of traditional IT defenses such asfirewalls and antivirus—even bypassing these controls com-pletely in many cases. A new approach is required, one thatbalances protection with detection, and advanced technologywith mature processes.
  3. 3. 3IBM SoftwareSecurity Intelligence for a New WorldIn the era of big data, big data should be used to help secure theenterprise. Only those companies that have deployed solutionsto monitor, correlate and analyze the massive amounts of real-time events being generated from a comprehensive, integratedsecurity infrastructure as well as from a well-researched externalthreat feed have the capability to cost-effectively maintain anextremely strong security posture. IBM calls this SecurityIntelligence. In addition to helping detect and remediatebreaches that might otherwise have been missed, organizationsemploying this approach can also:●  ●Shift from a reactive state to a proactive approach that betteraligns with business objectives●  ●Enable their business to deploy innovation initiatives far fasterthan otherwise possible●  ●Automate their compliance activities●  ●Reduce staff requirements for security operationsA Unique, Comprehensive ApproachWith leading products and services across segments and anoverarching strategy based on three main tenets—Intelligence,Integration and Expertise—IBM is helping its customers worktoward true Security Intelligence.IntelligenceHuman intelligence requires knowledge, information and theability to analyze this information to reach conclusions. In therealm of enterprise security, this translates to needing visibilityinto relevant networks and infrastructures and external threatMoving from a reactive and manual approach to a proactive and automatedapproach gives the organization an optimized security posture based inSecurity Intelligence.SecurityIntelligenceReactive ProactiveManualAutomatedOptimizedProficientBasicThe integration of Security Intelligence, X-FORCE research and core protection assets helps close the coverage gaps left by point product approaches.Integrated Intelligence. Integrated Research. Integrated Protection.Security IntelligencePeopleApplicationsAdvanced ResearchInfrastructureDataSecurity IntelligencePeopleApplicationsAdvanced ResearchInfrastructureDataSecurity IntelligencePeopleApplicationsAdvanced ResearchInfrastructureData3rd PartyEcosystem
  4. 4. 4 IBM Security Products: Intelligence, Integration, Expertiseintelligence, plus the real-time correlation and analytics capabili-ties to flag and remediate suspicious activities. IBM Securityoffers these capabilities:●  ●Internal visibility: IBM Security Intelligence solutionsanalyze information from IBM and non-IBM products andservices in real-time. They provide comprehensive analysisand insight across all four areas of security risk: people, data,applications and infrastructure.●  ●External threat visibility: The IBM® X-FORCE® threatintelligence feed provides intelligence from one of the world’slargest repositories of threat and vulnerability insights and isbased on the real-time monitoring of 13 billion security eventsper day. This insight can flag behavior that may be associatedwith Advanced Persistent Threats and a wide range ofadversaries.●  ●Pinpoint analysis in an age of big data: IBM SecurityIntelligence solutions can drill down to individual dataelements to analyze and query diverse activity. They provideinsight on network access at the periphery, external cloudservices and mobile devices, database activity at the core of abusiness, and everywhere in between.IntegrationThe integration of the comprehensive IBM portfolio of SecurityIntelligence, X-FORCE research and core protection assetshelps reduce attackable loopholes that are inherent inpatched-together point-product security platforms. It can alsoease deployment, collapse data silos for easier compliancereporting and improved Security Intelligence, reduce complexity,and lower the cost of maintaining a strong security posture.Other cost-saving and security-improving capabilities include:●  ●External and internal contextual information for breachdetection, prediction and remediation●  ●Automated device and software updates for researchedvulnerabilities●  ●Linking of authentication and authorization with suspiciousdatabase activity●  ●Automated compliance and risk assessment activitiesExpertiseWith more than 5,500 researchers, developers and subject-matter experts engaged in security initiatives, IBM operatesone of the world’s broadest enterprise security research anddevelopment and delivery organization. This comprises the award-winning IBM X-FORCE research and development team withone of the largest vulnerability databases in the industry, ninesecurity operations centers, ten IBM Security Research centers,15 Security Solutions Development Labs and the Institute forAdvanced Security with chapters in the United States, Europeand Asia Pacific. IBM currently monitors more than 13 billionsecurity events per day for its clients in more than 130 countries.IBM operates one of the world’s broadest security research and development and delivery operations.Security Operations CentersCosta Mesa, USAtlanta, USAtlanta, USRaleigh, USHaifa, IL Pune, INBangalore, INBangalore, INNew Delhi, INPerth, AUBrisbane, AUSingapore, SGTaipei, TWTokyo, JPTokyo, JPGold Coast, AUIAS, Asia PacificBrussels, BEAtlanta, USHortolândia, BRAustin, USAlamden, USBoulder, USOttawa, CAWaltham, US Fredericton, CA Belfast, N IRZurich, CHDelft, NLHerzliya, ILIAS, EuropeToronto, CATJ Watson, USDetroit, USIAS, AmericasSecurity Research CentersSecurity Solution Development CentersInstitute for Advanced Security Branches
  5. 5. 5IBM SoftwareIBM has the consultants and expertise to help any companymove toward optimized, integrated security controls withSecurity Intelligence.Product PortfolioThe IBM Security Framework is designed to help ensure thatthe correct people have access to the correct assets at the correcttimes, that critical data is protected in transit and at rest, thatemerging threats are identified to support breach identificationand remediation, and that protection is provided across allIT resources. This integrated approach to enterprise securityincludes appliances, software products and managed services andis delivered by technical and risk consulting and implementationservices. At the very core, however, resides the IBM productportfolio.Help prevent, detect and remediate security breaches andcompliance risks.Challenge and Solutions HighlightsIBM Security Intelligence products assist with:●  ●Detecting threats: Arm yourself with comprehensive andaccurate Security Intelligence.●  ●Addressing compliance: Automate data collection andreporting for audits and risk assessment.●  ●Detecting inside threats and fraud: Identify and understandsuspicious user activity in context.●  ●Predicting risks to your business: Proactively identify andprioritize security vulnerabilities and gaps.●  ●Consolidating data silos: Collect, correlate and report ondata in one integrated solution.ProductsA family of integrated security intelligence products based onnext-generation security information and event management(SIEM) and log management includes:●  ●QRadar® SIEM: Security information and event manage-ment encompassing log management, threat managementand compliance management; sophisticated event and networkflow correlation; and integrated behavioral analysis andnetwork anomaly detection●  ●QRadar Log Manager: Turnkey log management supportinghundreds of data sources out of the box, offering pre-packagedreports and dashboards and easy customization●  ●QRadar Risk Manager: Security configuration monitoringand auditing; predictive threat modeling and simulation; andadvanced threat visualization and impact analysis●  ●QRadar Network Anomaly Detection: Anomaly detectionof network traffic and real-time correlation of security andnetwork data, built to enhance IBM Security SiteProtector™SystemThe IBM Security Framework provides a methodical and efficient approach tofulfilling security needs and meeting security challenges across the enterprise.IBM Security FrameworkProfessionalServicesCloudandManagedServicesSoftware and AppliancesGovernance, Risk and ComplianceSecurity Intelligenceand AnalyticsAdvanced Securityand Threat ResearchInfrastructureApplicationsDataPeopleSecurity Intelligenceand Analytics360 DegreeView
  6. 6. 6 IBM Security Products: Intelligence, Integration, Expertise●  ●QRadar QFlow and VFlow Collectors: Integrated networktraffic collection and content capture, including Layer 7 appli-cation analysis, for both physical and virtual environmentsPeopleTrackPlanEnforceControl, monitor and authenticate user access to protected dataand applications.Challenges and Solutions HighlightsIBM Security identity and access management productsassist with:●  ●Managing users and their access rights: Efficiently enroll,manage and terminate user profiles and access rights through-out the lifecycle. Flag expired accounts and role conflicts.●  ●Streamlining/tracking user access to protected resources:Integrate lifecycle access rights with single sign-on andpassword management, and with access auditing and reports.Support strong authentication of devices for extra security.●  ●Safeguarding access in cloud, mobile and software-as-a-service environments: Provide a common identity service foruser provisioning, role-based access and federated identity.Centralize security management for user entitlements andpolicies.ProductsIntegrated solutions that govern users’ access activities andprivileges throughout their lifecycle include:●  ●IBM Security Identity Manager: Automated and policy-based user identity management software that helps manageuser accounts, access rights, permissions and passwords fromtheir creation to termination across the IT environment●  ●IBM Federated Identity Manager: User-centric, federatedsingle sign-on for sharing information between trustedbusiness partners and helping simplify application integrationacross distributed portal and mainframe environments●  ●IBM Security Access Manager for Web: A hub for authen-tication and authorization of web and other applications,centralizing access management●  ●IBM Security Access Manager for Enterprise SingleSign-On: Integrated authentication, access workflow automa-tion, user switching and audit reporting to help simplify,strengthen and track access●  ●IBM Security Identity and Access Assurance: Automatedmanagement of user accounts, access permissions andpasswords with convenient single sign-on to enterprise, weband cloud-based applications and resourcesDataMonitorEncryptAssessRedactHelp protect critical data assets across key control points withoutimpacting productivity.Challenges and Solutions HighlightsIBM data security products assist with:●  ●Preventing data breaches: Monitor transactions withoutrequiring changes to databases or applications. Create realistictest sets while masking sensitive data value. Encrypt regulateddata to help prevent loss—particularly via theft of backups andmedia. Redact standalone or embedded unstructured sensitivedata in forms and documents.●  ●Maintaining the integrity of sensitive data: Compare alltransactions to policy and block violations in real time.●  ●Reducing the cost of compliance: Automate and centralizecontrols to streamline compliance validation.ProductsIBM InfoSphere® Guardium® offerings designed to help assurethe privacy and integrity of trusted information in your datacenter include:●  ●IBM InfoSphere Guardium Database ActivityMonitoring: A simple, robust solution that helps preventleakage of sensitive data from databases and files, maintainingthe integrity of information in the data center and automatingcompliance controls across heterogeneous environments
  7. 7. 7IBM Software●  ●IBM InfoSphere Guardium Vulnerability Assessment:Automated detection of database vulnerabilities with priori-tized remedial actions across heterogeneous infrastructures●  ●IBM InfoSphere Guardium Data Redaction: Protectiondesigned to guard against unintentional disclosure for sensitivedata in documents and forms by detecting and removing datafrom openly shared document versions●  ●IBM InfoSphere Guardium Data Encryption: Enterprisedata encryption without sacrificing application performance orcreating key management complexity●  ●IBM InfoSphere Optim™ Data Masking: Capabilities tode-identify confidential information to help protect privacyand support compliance initiatives●  ●IBM Tivoli® Key Lifecycle Manager: Encryption keylifecycle management with centralized and strengthened pro-cesses that leverage the industry-standard Key ManagementInteroperability Protocol●  ●IBM InfoSphere Discovery: A tool for identifying and docu-menting what data you have, where it is located and how it islinked across systems by intelligently capturing relationshipsand determining applied transformations and business rules●  ●Controlling access to application data: Manage andenforce fine-grained entitlement and message security policymanagement.ProductsA full portfolio of solutions designed to protect your applicationsincludes:●  ●IBM Security AppScan® Standard: Automated web applica-tion security testing for IT security, auditors and penetrationtesters●  ●IBM Security AppScan Enterprise: Enterprise-class applica-tion security testing and risk management with governance,collaboration and Security Intelligence●  ●IBM Security AppScan Source: Static application securitytesting to identify vulnerabilities in web and mobile applica-tions during the development lifecycle●  ●IBM Security Policy Manager: Capabilities for authoringapplication entitlements and fine-grained access controlpolicies for distributed policy decisions based on identity,transaction and service/resource context●  ●IBM WebSphere® DataPower® XML Security Gateway:An appliance-based solution providing real-time web servicessecurity and XML threat protectionInfrastructure:NetworkPre-emptiveFastExtensibleHelp keep applications secure, protected from malicious orfraudulent use, and hardened against attacks.Challenges and Solutions HighlightsIBM application security products assist with:●  ●Finding and remediating mobile and web vulnerabilities:Utilize static, dynamic, runtime and client-side analysis andcorrelate the results.●  ●Building applications that are secure by design: Integratesecurity testing early and throughout the design process.Enable security and development teams to communicateeffectively.ApplicationsProtectTestControlHelp provide security for the network core.Challenges and Solutions HighlightsIBM network protection products assist with:●  ●Keeping pace with emerging threats: Provide NetworkIntrusion Prevention with evolving threat protection poweredby IBM X-FORCE, with its track record of addressing zero-day vulnerabilities.
  8. 8. 8 IBM Security Products: Intelligence, Integration, Expertise●  ●Balancing security and performance withoutdisrupting business-critical applications andinfrastructures: Get up to 20+ Gbps of inspectedthroughput with Network Intrusion Prevention to addressthe most demanding service quality requirements—withoutcompromising breadth and depth of security.●  ●Reducing infrastructure cost and complexity: Consolidatepoint solutions and reduce complexity through integrationwith other security solutions.●  ●Protecting non-network assets quickly when new threatsemerge: Help protect data, client, web and enterprise applica-tions with the extensible engine within IBM Security NetworkIntrusion Prevention System.ProductsIBM offerings for network infrastructure security include:●  ●IBM Security Network Protection: Provides core threatprotection combined with high levels of visibility and controlrelated to network use to help reduce risk and conservebandwidth●  ●IBM Security Network Intrusion Prevention System: Thecore of any Network Intrusion Prevention strategy, providingappliance-based protection against a wide range of attacks thattarget the network infrastructure●  ●IBM Security SiteProtector System: Centralized manage-ment for IBM Security Network Intrusion Preventionsolutions, providing a single management point of control,security policy, analysis, alerting and reportingHelp secure and manage distributed endpoints.Challenges and Solutions HighlightsIBM endpoint management and security products assist with:●  ●Maintaining continuous compliance for all endpoints,regardless of their location or connection: Deploy anintelligent agent to monitor and report on compliance statusand automatically take corrective action when needed.●  ●Achieving high patch compliance in a heterogeneousenvironment: Provide patching capabilities for MicrosoftWindows, UNIX, Linux and Mac environments, and formobile devices, from a single management console and asingle management server.●  ●Protecting endpoints with rapid response: Automaticallyidentify rogue or misconfigured endpoints and identify/remediate/quarantine endpoints experiencing an incident inminutes.●  ●Streamlining compliance and risk-management efforts:Achieve automated and robust audit and compliance reportingwith deep, proactive auditing of security configurations.●  ●Securing virtualized endpoints: Get a single, centralizedsecurity view of physical and virtual server environments withautomatic protection for virtual machines as they come onlineor move.ProductsIBM offerings that help protect distributed endpoints include:●  ●IBM Endpoint Manager: Endpoint and security manage-ment combined into a single solution that enables visibilityinto and control of physical and virtual endpoints; rapidremediation, protection and reporting on endpoints in realtime; and automation of time-intensive tasks across complexnetworks to help control costs while helping reduce risk andsupport complianceInfrastructure:EndpointsAssessRemediateEnforceReport
  9. 9. 9IBM SoftwareLeverage the mainframe as the enterprise security hub to helpprotect mission-critical production systems and data.Challenges and Solutions HighlightsIBM mainframe security products assist with:●  ●Verifying compliance manually, with alerts only after aproblem occurs: Get real-time alerts on external threats,inappropriate data access or misconfiguration with automatedcompliance monitoring. Help prevent privileged-user abuseby blocking IBM Resource Access Control Facility (RACF®)commands in real time.●  ●Coping with the complexity of identifying and analyzingthreats in mainframe environments: Automatically analyzeand report on mainframe security events and detect exposures.Monitor intruders. Identify misconfigurations.●  ●Maintaining a highly skilled IT staff to provide manualmainframe security: Simplify administration with aWindows-based graphical user interface (GUI) forRACF administration.ProductsThe IBM Security zSecure™ Suite, designed to provideinfrastructure mainframe security, includes:●  ●IBM Security zSecure Admin: Efficient and effective RACFadministration using significantly fewer resources●  ●IBM Security Virtual Server Protection for VMware:Protection for every layer of the virtual infrastructure withdefense-in-depth, dynamic security with virtual machinerootkit detection, virtual infrastructure auditing and monitor-ing of network traffic through hypervisor integration●  ●IBM Security Host Protection: Protection designed toguard against both internal and external threats for networkassets including servers and desktopsInfrastructure:MainframeComplianceAdministrationAdvanced Security andThreat Research●  ●IBM Security zSecure Visual: Helping reduce the need forscarce, RACF-trained expertise through a Windows-basedGUI for RACF administration●  ●IBM Security zSecure CICS® Toolkit: Mainframe admin-istration from an IBM Customer Information Control System(CICS) environment, freeing up native-RACF resources●  ●IBM Security zSecure Audit: Automatic analysis of andreporting on security events and detection of securityexposures●  ●IBM Security zSecure Alert: Real-time mainframe threatmonitoring to monitor intruders and identify misconfigura-tions that could hamper compliance efforts●  ●IBM Security zSecure Command Verifier: Policy enforce-ment to support compliance with company and regulatorypolicies by preventing erroneous commands●  ●IBM Security zSecure Manager for RACF z/VM®:A user-friendly layer added to the mainframe that enablessuperior administration coupled with audit capabilities forz/VM RACF and Linux on IBM System z®The world-renowned IBM X-FORCE research and develop-ment team provides the foundation for the IBM preemptiveapproach to Internet security. This group of security expertsfocuses on researching and evaluating vulnerabilities and securityissues, developing assessments and countermeasure technologyfor IBM products (updated in real-time via the X-FORCEThreat Intelligence Feed) and educating the public aboutemerging Internet threats and trends.IBM X-FORCE research and development is instrumental inhelping protect IBM customers against threats. The X-FORCEvulnerability database contains more than 63,000 documentedvulnerabilities, with detailed analysis of every notable publicvulnerability disclosure since 1994. The IBM X-FORCE Trendand Risk Report, published bi-annually, is one of the oldest andmost comprehensive security research reports of its kind. It divesdeeply into security challenges, including threats, operationaland development practices, and emerging trends.
  10. 10. 10 IBM Security Products: Intelligence, Integration, ExpertiseSolutions for Today’s ChallengesThe IBM Security Framework of integrated products andservices, built to deliver Security Intelligence, can be used tohelp secure today’s and tomorrow’s enterprise platforms againstknown and unknown threats. Today, the biggest security trendsand challenges are: Mobile, Cloud, Big Data and AdvancedThreats.Mobile SecurityThe mobile device and tablet is rapidly becoming the primaryproductivity tool for business and its employees, providingflexible access to information anytime, anywhere. Unprotectedendpoint devices are like open doors into sensitive information.Organizations should guard the data on those devices—whetherthe data is at rest or in motion over unsecured networks andinfrastructure. IBM helps organizations embrace bothcompany- and employee-owned mobile devices in a security-richenvironment with capabilities including:●  ●Device Security and Management: Helping protect the dataand the device●  ●Secure Access: Helping guard enterprise resources, data andapplications●  ●Application Security: Helping ensure safety for the design,development, testing, delivery, use and management of mobileapplications●  ●Security Intelligence: Delivering enterprise visibility and anadaptive mobile security postureHighlighted Specific Offerings:●  ●IBM AppScan for mobile: Helps detect vulnerabilities inmobile web applications●  ●IBM Security Access Manager for Mobile: Authenticatesand authorizes users and their devices to access enterpriseresources●  ●IBM Endpoint Manager for Mobile Devices: Enforcesdevice security configuration and enterprise managementcontrolCloud SecurityOrganizations are looking for cloud security solutions that pro-vide visibility, control, isolation and automation across multiplecloud infrastructures. Security solutions from IBM help create acloud infrastructure that drives down costs and is just as dynamicas today’s business climate requires. IT departments can reduceand manage risks associated with cloud computing by:●  ●Managing identities and single sign-on access across multiplecloud services●  ●Monitoring access to shared databases●  ●Scanning cloud-deployed web applications for the latestvulnerabilities●  ●Helping defend cloud users and workloads from sophisticatednetwork attacks●  ●Monitoring cloud-based and traditional resources with asingle, unified approach●  ●Providing endpoint and patch management of virtualizedmachines for security compliance●  ●Increasing the visibility and auditing of cloud activity withinmulti-tenant environmentsHighlighted Specific Offerings:●  ●IBM Security Virtual Server Protection for VMware:Threat protection for every layer of the virtual infrastructure●  ●IBM Tivoli Federated Identity Manager: Authentication tomultiple cloud applications, inside and outside the enterprise,via a single identity●  ●IBM Endpoint Manager: Efficient security and compliancefor distributed cloud virtual platformsBig DataThe explosion of enterprise data is both a significant challengeto manage and a significant opportunity to leverage for securityinsight. IBM solutions extract insight from an immense volume,variety and velocity of data—in context and beyond what was
  11. 11. 11IBM Softwarepreviously possible. Data is the new currency of business.IBM can help protect this valuable asset and strengthenenterprise security by:●  ●Correlating large amounts of system-generated data (forexample, events, logs and network flows) from across silos,using integrated and intelligent security analytics to betterpredict and detect risks to the business●  ●Helping reduce operational risk from threats facing structured(databases) and unstructured (documents) data to help preventdata loss and unauthorized accessHighlighted Specific Offerings●  ●QRadar Security Intelligence Platform: Integrated,automated security intelligence and analytics for the entireenterprise●  ●IBM InfoSphere Guardium: Real-time database securityand monitoring, fine-grained database auditing, automatedcompliance reportingAdvanced ThreatsOrganizations face increasing complexity in defending them-selves from skilled and determined adversaries. These attackerscan target critical IT assets and public infrastructure using bothsophisticated and off-the-shelf techniques to gain access. Thechallenge: no one solution is enough. Organizations must gobeyond traditional patch-monitor-remediate processes andemploy both continuous monitoring and layers of defensecapable of working in concert with one another to identify,analyze and respond to targeted threats. IBM helps protectagainst advanced threats by:●  ●Helping identify and defend against known and unknownattacks by combining network security, worldwide threatintelligence and advanced security analyticsHighlighted Specific Offering●  ●IBM Advanced Threat Protection Platform: IncludingIBM Security Network Intrusion Prevention System,IBM SiteProtector, QRadar Network Anomaly Detection andthe IBM X-FORCE IP Reputation Feed–– Accesses X-FORCE intelligence through QRadar to helpidentify threats associated with malicious IP addresses–– Helps protect against network-based threats masked incommon network traffic and helps prevent attackersfrom exploiting vulnerabilities at the network, host andapplication layersGartner rates IBM Security in the Leaders QuadrantMagic Quadrant for Enterprise Governance, Risk and CompliancePlatforms, by French Caldwell, Tom Scholtz, John Hagerty,July 13, 2011Magic Quadrant for User Administration/Provisioning, byEarl Perkins, Perry Carpenter, December 22, 2011Magic Quadrant for Static Application Security Testing,by Joseph Feiman, Neil MacDonald, December 12, 2010Magic Quadrant for Dynamic Application Security Testing,by Joseph Feiman, Neil MacDonald, December 17, 2011Magic Quadrant for Security Information & Event Management,by Mark Nicolett, Kelly Kavanagh, May 24, 2012
  12. 12. WGB03004-USEN-00 © Copyright IBM Corporation 2012 IBM CorporationSoftware GroupRoute 100Somers, NY 10589 Produced in the United States of AmericaSeptember 2012 IBM, the IBM logo,, Tivoli, WebSphere, AppScan, Guardium,InfoSphere, RACF, and X-FORCE are trademarks of International BusinessMachines Corp., registered in many jurisdictions worldwide. Other productand service names might be trademarks of IBM or other companies.A current list of IBM trademarks is available on the web at “Copyrightand trademark information” at Linux is a registered trademark of Linus Torvalds in the United States, othercountries, or both. Microsoft and Windows are trademarks of Microsoft Corporation in theUnited States, other countries, or both. UNIX is a registered trademark of The Open Group in the United Statesand other countries. This document is current as of the initial date of publication and may bechanged by IBM at any time. Not all offerings are available in every countryin which IBM operates. THE INFORMATION IN THIS DOCUMENT IS PROVIDED“AS IS” WITHOUT ANY WARRANTY, EXPRESS ORIMPLIED, INCLUDING WITHOUT ANY WARRANTIESOF MERCHANTABILITY, FITNESS FOR A PARTICULARPURPOSE AND ANY WARRANTY OR CONDITION OFNON-INFRINGEMENT. IBM products are warranted according to theterms and conditions of the agreements under which they are provided. IT system security involves protecting systems and information throughprevention, detection and response to improper access from within andoutside your enterprise. Improper access can result in information beingaltered, destroyed or misappropriated or can result in damage to or misuse ofyour systems, including to attack others. No IT system or product should beconsidered completely secure and no single product or security measure canbe completely effective in preventing improper access. IBM systems andproducts are designed to be part of a comprehensive security approach,which will necessarily involve additional operational procedures, and mayrequire other systems, products or services to be most effective. IBM doesnot warrant that systems and products are immune from the malicious orillegal conduct of any party.Please RecycleConclusionIn a world of big data, where information is the lifeblood ofbusiness and persistent attacks on enterprise data and IT assetshave eroded the effectiveness of traditional IT defenses, afundamentally new approach to security is needed. Such anapproach must be based on three main tenets—Intelligence,Integration and Expertise—delivering the infrastructure visibil-ity, cross-organizational linkages and optimized controlsnecessary not only to help protect business-critical data but tosupport compliance activities. The IBM Security Frameworkdelivers a unified approach to enterprise security that manageskey functions ranging from threat detection to user access,compliance cost reduction and configuration management—andmuch more—all with a foundation in world-renowned researchand development to help reduce the risk of today’s advancedthreats.For more informationTo learn more about IBM Security, please contact yourIBM representative or IBM Business Partner, or join the Institute for Advanced Security, please visit:www.instituteforadvancedsecurity.comAdditionally, IBM Global Financing can help you acquirethe software capabilities that your business needs in the mostcost-effective and strategic way possible. We’ll partner withcredit-qualified clients to customize a financing solution to suityour business and development goals, enable effective cashmanagement, and improve your total cost of ownership. Fundyour critical IT investment and propel your business forwardwith IBM Global Financing. For more information,