2. www.AKTIO.com
Solución de Seguridad en dispositivos
IBM Endpoint Manager
Enrique G. Dutra
Enterprise Security MVP – MCT - IBM Sales Spec.
Auditor Lider ISO/IEC 27001:2005
Punto Net Soluciones SRL
edutra@puntonetsoluciones.com.ar
Tw: @egdutra @linenetsecurity
5. www.AKTIO.com
Problemáticas actuales
- Plataformas no están totalmente actualizadas
- Solo se actualizan algunas soluciones.
- No todas las soluciones están actualizadas y
presentan vulnerabilidades.
- Verificación de cumplimientos manuales.
- Poco conocimiento del estado de la plataforma.
- No hay revisión consolidada de las consolas de
las diferentes plataformas de seguridad.
6. www.AKTIO.com
Problemáticas actuales
- Falta de verificación de compliances.
- Ausencia de seguimiento de uso de
aplicaciones en los dispositivos.(Ej:
licenciamiento)
- Fuga de información.
- El despliegue de software no es homogéneo.
9. www.AKTIO.com
IBM Endpoint Manager
• Software empresarial para gestionar dispositivos
• Escalable hasta 250.000 dispositivos
• 1 única consola
• 1 solo agente
• 1 o varios retransmisores
• Reportes Web
10. www.AKTIO.com
Smartphones & Tablets
Mobile
Devices
Mobile
Apps
PC’s, Macs, POS, ATMs
On and off-network
Servers
Physical and Virtual
Patch
Management
Lifecycle
Management
Core
Protection
Security &
Compliance
Power
Management
SW Use
Analysis
Mobile
Management
Server
Automation
SaaS, On-premise, or MSP
Fastest time to compliance
Comprehensive Security
Lowest TCO
Unificación de la administración
12. www.AKTIO.com
• Automates and manages continuous security configuration policy
compliance.
• Easily and quickly assess endpoint security posture.
• Automatically patch and remediate non-compliant systems.
• Deploy, Update, and health check 3rd-party Antivirus solutions
• Identify, manage, and report on policy exceptions and deviations.
• Policy based quarantine of non-compliant systems
Library of 8,000+ compliance settings, including support for USGCB, DISA STIG, and CIS
Automatically and continuously enforce policy at the endpoint
• Asset Discovery
• Compliance Analytics
• Patch Management
• Security Configuration Management
• Vulnerability Management
• Multi-Vendor Endpoint Protection Management
IBM Endpoint Manager – Segurity & Compliance
13. www.AKTIO.com
Asset Discovery
Anti-Virus / Anti-
Malware
Firewall Protection
File & Web Reputation
Data Loss Prevention
Asset discovery and reporting across heterogeneous
operating systems
Provides anti-malware protection to Mac and Microsoft
Windows endpoints.
Provides security for both fixed network-connected
endpoints and roaming Internet-connected endpoints.
The web reputation feature automatically determines the
safety of millions of dynamically rated websites.
Delivers integrated DLP capabilities using the same
single console and single agent.
Provides near real-time protection from malware & other malicious threats through
capabilities such as file & web reputation, personal firewall and behavior monitoring.
BeneficiosServicios
IBM Endpoint Manager – Core Protection
14. www.AKTIO.com
For organizations of various business verticals such as healthcare,
finance, manufacturing, retail, services, education and public sector
and of various size from SMB to Fortune 500
IBM Endpoint Manger is:
Easy to use with simplified patching process,
Easy to scale from 10 to 250,000 devices and
Responsive with automation to detect and remediate vulnerabilities
Extensible to 90+ OS and Windows apps
Who need to:
Assess the state of IT assets (E.g. Inventory),
Deploy OS patches and application updates,
Manage IT compliance and policy enforcement
THE end-to-end software
patch management solution
Coordinate and patch all
systems with one tool
Provides VISIBILITY, AUTOMATION and CONTINUOUS COMPLIANCE across 90+ Operating Systems
IBM Endpoint Manager – Patch Management
15. www.AKTIO.com
Services
• Asset Discovery
• Patch Management
• Inventory Management
• Software Distribution
• OS Deployment
• Remote Desktop Control
Benefits
• Role based software deployment and user
self-provisioning
• Hardware independent OS imaging and
driver management
• Dramatically reduced patch cycles and
increased first-pass success rates
• Closed loop validation in real time
• Multi-platform support from a single
console (Unix, Linux, Windows, Mac OS X)
Dramatically
reduced patch
cycles and
increased first-
pass success rates
Multi-platform
support (Unix,
Linux, Windows,
Mac OS X)
Discover, Control, and Automate with a single integrated solution
IBM provides a comprehensive set of content out of the box, ready to deploy.
The IEM Platform is flexible and powerful when it comes to custom content and ad-hoc policy creation.
Patch Management
• Easily and quietly deploy patches
across Windows, Mac OS X, Linux, Unix
• Enable advanced policies that
automatically reapply patches if they are
removed
IBM
Provided
Content
Custom
Content
Software Distribution
• Cross-platform management of
software packages
• Web based self-service portal,
provides as-needed enablement to
end users
OS Deployment
• Solves bare metal and migration
scenarios
• Easily combine with patch activities
to create “true-up” baselines post-
install
Asset Discovery SW & HW Inventory Remote Control
Community Ecosystem
• Take advantage of a growing library of custom
Fixlets created by the user community
Ad-Hoc Tasks
• Respond quickly to new challenges by making simple
modifications to any of the 100,000+ Fixlets IBM provides
IBM Endpoint Manager – Lifecycle Management
16. www.AKTIO.com
Granular power tracking to allow breakdown of weekly
power consumption and idle time
Historical web reports to reflect the weekly power tracking
data
Power profile wizard to allow creation of 'multiple power
profile policy‘
Client side dashboard to show the projected impact of
applying a single power profile offer
BES Server Plug-in Service enhanced to use encrypted
passwords
Benefits
IBM Endpoint Manager – Power Management
17. www.AKTIO.com
• For Windows Servers and PCs
• Unix/Linux Servers
• Software Asset Discovery
• Software Use Metering
• Software Use Reporting
• Software identification catalogue,
which contains over 105,000
signatures out of the box and
updates are released regularly
• Easily customize the software
identification catalogue to include
tracking of home-grown and
proprietary applications
Software publishers
8000+
Software products
40,000+
Services
• Centralized visibility &
reporting of all sw assets
• Assess software
inventory to help
identify what is deployed
in readiness for software
audits
• Meters software usage
to identify unused
software
• Reports software usage
and deployments to help
measure compliance
Benefits
IBM Endpoint Manager – Software use Analysis