SlideShare a Scribd company logo

IBM PowerSC: Security and compliance solution designed to protect private clouds

V
Virginia Fernandez

Highlights -Simplify security management and compliance measurement -Quickly view security compliance of an entire datacenter through a new user interface. - Reduce administration costs of meeting compliance regulations - Improve the audit capabilities for virtualized systems - Reduce time and skills required for preparation of security audits. - Improve detection of security exposures in virtualized environments

Technology
1 of 4
Download to read offline
IBM Systems Data Sheet IBM PowerSC Security and compliance solution designed to protect private clouds Highlights ●● ● ● Simplify security management and compliance measurement ●● ● ● Quickly view security compliance of an entire datacenter through a new user interface ●● ● ● Reduce administration costs of meeting compliance regulations ●● ● ● Improve the audit capabilities for virtualized systems ●● ● ● Reduce time and skills required for preparation of security audits ●● ● ● Improve detection of security exposures in virtualized environments Security and compliance are vital to many businesses, especially now that they must adhere to regulatory requirements designed to safeguard per- sonal data and company information from security attacks. Ensuring that IT systems are compliant with common industry security standards and maintaining system security can be a challenging, labor-intensive activity especially with today’s virtualized IT infrastructures. IBM® Power Security and Compliance (PowerSC™) provides a security and compli- ance solution optimized for virtualized environments on Power Systems™ servers, running PowerVM®. Automate systems settings for optimal security and compliance Ensuring system compliance with third-party security standards is often a labor intensive and time consuming process. Compliance standards are typically long, complex documents that are difficult to translate into the appropriate AIX® or Linux operating system settings. And, because standards often encompass many different areas of operating system and virtualization software, they may have required using several different administrative interfaces to configure a system appropriately. With web-based administration interface and preconfigured compliance profiles, PowerSC is designed to simplify the administrative effort associ- ated with complying with some of the most common external standards for security and compliance.
2 Data Sheet IBM Systems PowerSC security and compliance automation provides profiles for the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act Privacy and Security Rules (HIPAA), the North American Electric Reliability Corporation (NERC) standards and US Department of Defense Security Technical Implementation Guide for UNIX (DoD STIG) standards, as well as supporting the implementation of best practices specified by the Control Objectives for Information and related Technology (COBIT) standard. Public companies that are subject to the U.S. Sarbanes-Oxley Act of 2002 often adopt the COBIT best prac- tices. PowerSC also provides a security automation profile to automate configuration of optimal security for database servers. Those profiles can be now be monitored and applied via the web-based user interface in the latest release. The simplified user experience: ●● ● allows role based access to viewing overall health and status of your environment, ●● ● provides the ability to create custom profiles based on the provided profiles, ●● ● and provides the ability to view and take action based on like endpoints placed into custom groups. PowerSC security and compliance automation significantly sim- plifies systems configuration settings management, allowing security administrators the time to focus on the other aspects of standards compliance. Improve visibility and hardening of the virtual infrastructure PowerSC provides a range of capabilities to ensure a root of trust for Virtual Machines, including “Trusted Boot,” a virtual implementation of the Trusted Platform Module (TPM) from the Trusted Computing Group. The PowerSC Trusted Boot feature provides virtual TPM functionality for AIX virtual machines running with the PowerVM hypervisor on Power Systems. The TPM functionality measures the system boot process in each virtual machine, and with cooperation from the AIX Trusted Execution technology, provides security, trust and assurance of the boot image on disk, the entire operating system and the application layers. Each virtual machine has its own separate virtual TPM that holds its unique measurement data used to validate the root of trust. This functionality is available on all IBM Power Systems built with POWER8® technology or on systems running eFW7.4 firmware or higher. A trust monitor, OpenPTS, is also provided with PowerSC that enables administrators to monitor and attest to the trust of their AIX virtual machines. The monitor makes clear the trust and security level of Power Systems running PowerVM virtualization. Comply with site security policies for virtual machines Maintaining virtual machines across multiple systems presents different administrative challenges to traditional physical sys- tems deployment. For example, a virtual machine may be sus- pended or powered off or even moved to other servers during a patch application process. Moving a virtual machine, for example, may open a window of vulnerability by potentially having a different patch level than is required on a target physical system. Trusted Network Connect (TNC) and Patch Management in PowerSC can detect AIX virtual machines that do not meet the corporate patch policies that have been established for a virtual- ized data center. Alerts are triggered if a noncompliant virtual machine is detected. TNC and Patch Management analyzes
3 Data Sheet IBM Systems data from both the Service Update Manager Assistant (SUMA) and the Network Installation Manager (NIM) to check each virtual machine during network activation. TNC and Patch Management also monitor the IBM Electronic Customer Care system and provide alerts for new security patches or updates that affect AIX systems. Alerts can also be configured simply to send SMS messages to mobile devices. In the latest release TNC and Patch Management also moni- tors the open-source software provided as a part of the base AIX for packages that have been downloaded from the AIX toolbox or other web download sites for AIX Open Source Packages. Harden audit trails in virtual environments Trusted Logging in PowerSC centralizes the AIX system logs across all virtual machines on a server, enabling the logs to be kept on a single instance of the PowerVM Virtual I/O Server (VIOS). This secure VIOS virtual machine protects the entire log data received from each AIX virtual machine. No adminis- trator of any AIX virtual machine can remove or alter the system logs held on the secure VIOS Server. With the introduction of centralized logging and administration provided by Trusted Logging, backup, archive and audit of system logs is significantly simplified for the security administrator. Feature Benefits Security and compliance automation AIX, Linux ●● Reduces administration costs for complying with industry security standards Real-time compliance monitoring AIX ●● Continuous monitoring and alerting if changes occur that cause AIX systems to be non-compliant to security policies. Compliance reports AIX, Linux ●● Reduces time and cost to provide security and compliance reports to auditors Preconfigured profiles for PCI, DOD STIG, HIPAA, NERC, COBIT security standards and database servers AIX all profiles, Linux PCI & HIPAA ●● Saves time, cost and risk associated with deploying industry security standards Web-based User Interface AIX ●● ●● Provides datacenter wide awareness of a datacenter’s security compliance Improves adherence to industry security standards Trusted Boot AIX ●● Reduces risk of compromised security by guaranteeing that an AIX operating system image has not been inadvertently or maliciously altered Trusted monitoring AIX ●● Ensures high levels of trust by displaying the status of all AIX systems participating in a trusted system configuration Trusted logging AIX ●● ●● Prevents tampering or covering security issues by storing AIX virtual machine system logs securely on a central PowerVM Virtual I/O Server Reduces backup and archive time via storing audit logs in a central location Trusted network connect and patch management AIX ●● ●● Ensures that site patch levels policies are adhered to in virtual workloads Provides notification of noncompliance when back-level systems are activated Trusted firewall Any VM Type, AIX, Linux, IBM i ●● Improves performance and reduces network resource consumption by providing firewall services locally with the virtualization layer Trusted Surveyor Any VM Type AIX, Linux, IBM i ●● Provides visibility to ensure segregation of virtual networks to maintain security compliance
Control and enforce compliance for virtual networks The Trusted Firewall feature in PowerSC provides a virtual firewall that allows network filtering and control within the local server virtualization. The virtual firewall improves perfor- mance and reduces resource consumption of network resources by allowing direct and secure local VM to VM network traffic. The Trusted Firewall has the ability to monitor traffic and provide advice as to which traffic should be added to the fire- wall. This advisor can generate the appropriate commands to add the VM network segments to the Trusted Firewall. Monitor compliance to network segregation policies PowerSC Trusted Surveyor provides the capability to monitor network configuration drift and to report on network compli- ance adherence to defined policies. This provides an indepen- dent audit and governance of virtualized network infrastructure which ensures consistent and controlled configuration change. The information that Trusted Surveyor provides lowers administration costs by automating the network compliance monitoring. The Trusted Surveyor compliance monitoring solution works for all Power VM types which include AIX, IBM i and Linux. Trusted Surveyor is sold separately. All other PowerSC functionality is offered in the PowerSC Standard Edition. For more information To learn more about IBM PowerSC, please contact your IBM marketing representative or IBM Business Partner, or visit the following website: ibm.com/systems/power/software/security/index.html­ ­ ­ ­ ­ © Copyright IBM Corporation 2016 IBM Systems Route 100 Somers, NY 10589 Produced in the United States of America October 2016 IBM, the IBM logo, ibm.com, AIX, Power Systems, PowerVM, PowerSC, and POWER8 are trademarks of International Business Machines Corporation in the United States, other countries or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml Other company, product or service names may be trademarks or service marks of others. This document is current as of the initial date of publication and may be changed by IBM at any time. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided. ­ ­ Please Recycle POD03063-USEN-08­ ­

Recommended

beroNet_PP_V2_EN
beroNet_PP_V2_ENberoNet_PP_V2_EN
beroNet_PP_V2_ENCarlos Monreal Martínez
 
Nom seguridadhigiene induccion
Nom seguridadhigiene induccionNom seguridadhigiene induccion
Nom seguridadhigiene induccionPaulina Ramirez Corral
 
Cooperative Language Learning
Cooperative Language LearningCooperative Language Learning
Cooperative Language LearningBeeJay Baje
 
Matriz FODA
Matriz FODAMatriz FODA
Matriz FODAEmi Barrientos
 
Transformation jsontoxmlesb
Transformation jsontoxmlesbTransformation jsontoxmlesb
Transformation jsontoxmlesbGermano Barba
 
NCA2_NCA Certificate
NCA2_NCA CertificateNCA2_NCA Certificate
NCA2_NCA CertificateGraeme Anderson
 
Promotion Process
Promotion ProcessPromotion Process
Promotion ProcessDeborah Obasogie
 
Cuadro comparativo sobre medios de comunicación y la e.
Cuadro comparativo sobre medios de comunicación y la e.Cuadro comparativo sobre medios de comunicación y la e.
Cuadro comparativo sobre medios de comunicación y la e.Gerlin Maria Vargas Gonzalez
 

Recommended

beroNet_PP_V2_EN
beroNet_PP_V2_ENberoNet_PP_V2_EN
beroNet_PP_V2_ENCarlos Monreal Martínez
 
Nom seguridadhigiene induccion
Nom seguridadhigiene induccionNom seguridadhigiene induccion
Nom seguridadhigiene induccionPaulina Ramirez Corral
 
Cooperative Language Learning
Cooperative Language LearningCooperative Language Learning
Cooperative Language LearningBeeJay Baje
 
Matriz FODA
Matriz FODAMatriz FODA
Matriz FODAEmi Barrientos
 
Transformation jsontoxmlesb
Transformation jsontoxmlesbTransformation jsontoxmlesb
Transformation jsontoxmlesbGermano Barba
 
NCA2_NCA Certificate
NCA2_NCA CertificateNCA2_NCA Certificate
NCA2_NCA CertificateGraeme Anderson
 
Promotion Process
Promotion ProcessPromotion Process
Promotion ProcessDeborah Obasogie
 
Cuadro comparativo sobre medios de comunicación y la e.
Cuadro comparativo sobre medios de comunicación y la e.Cuadro comparativo sobre medios de comunicación y la e.
Cuadro comparativo sobre medios de comunicación y la e.Gerlin Maria Vargas Gonzalez
 
=Ven a conocer la plataforma cloud de IBM!
=Ven a conocer la plataforma cloud de IBM! =Ven a conocer la plataforma cloud de IBM!
=Ven a conocer la plataforma cloud de IBM! Virginia Fernandez
 
Cloud Hibrido, Llave de la evolucion empresarial
Cloud Hibrido, Llave de la evolucion empresarialCloud Hibrido, Llave de la evolucion empresarial
Cloud Hibrido, Llave de la evolucion empresarialVirginia Fernandez
 
IBM: The Value of Training
IBM: The Value of TrainingIBM: The Value of Training
IBM: The Value of TrainingVirginia Fernandez
 
Computing, cognition and the future of knowing,. by IBM
Computing, cognition and the future of knowing,. by IBMComputing, cognition and the future of knowing,. by IBM
Computing, cognition and the future of knowing,. by IBMVirginia Fernandez
 
Deliveling Intellingent Transport Systems - IBM
Deliveling Intellingent Transport Systems - IBMDeliveling Intellingent Transport Systems - IBM
Deliveling Intellingent Transport Systems - IBMVirginia Fernandez
 
10 ways that cognition is shaping the future of smart buildings
10 ways that cognition is shaping the future of smart buildings10 ways that cognition is shaping the future of smart buildings
10 ways that cognition is shaping the future of smart buildingsVirginia Fernandez
 
IBM Cognos Analytics - Aumente la inteligencia de toda su empresa
IBM Cognos Analytics - Aumente la inteligencia de toda su empresaIBM Cognos Analytics - Aumente la inteligencia de toda su empresa
IBM Cognos Analytics - Aumente la inteligencia de toda su empresaVirginia Fernandez
 
IBM Security Summit 2016 - 21 de Septiembre, Madrid.
IBM Security Summit 2016 - 21 de Septiembre, Madrid.IBM Security Summit 2016 - 21 de Septiembre, Madrid.
IBM Security Summit 2016 - 21 de Septiembre, Madrid.Virginia Fernandez
 
IBM Containers- Bluemix
IBM Containers- BluemixIBM Containers- Bluemix
IBM Containers- BluemixVirginia Fernandez
 
3 New ways to Improve and Understand your Customers Experience
3 New ways to Improve and Understand your Customers Experience3 New ways to Improve and Understand your Customers Experience
3 New ways to Improve and Understand your Customers ExperienceVirginia Fernandez
 
IBM Marketing Cloud mobile solutions
IBM Marketing Cloud mobile solutionsIBM Marketing Cloud mobile solutions
IBM Marketing Cloud mobile solutionsVirginia Fernandez
 
IBM DevOps Solution - Bluemix
IBM DevOps Solution - BluemixIBM DevOps Solution - Bluemix
IBM DevOps Solution - BluemixVirginia Fernandez
 
Ibm Cognitive Computing Insurance
Ibm Cognitive Computing InsuranceIbm Cognitive Computing Insurance
Ibm Cognitive Computing InsuranceVirginia Fernandez
 
IBM Watson-How it works
IBM Watson-How it worksIBM Watson-How it works
IBM Watson-How it worksVirginia Fernandez
 
IBM ExperienceOne for E -Commerce
IBM ExperienceOne for E -CommerceIBM ExperienceOne for E -Commerce
IBM ExperienceOne for E -CommerceVirginia Fernandez
 
IBM Cloud Innovation Day
IBM Cloud Innovation DayIBM Cloud Innovation Day
IBM Cloud Innovation DayVirginia Fernandez
 
What's New in Predictive Analytics IBM SPSS
What's New in Predictive Analytics IBM SPSSWhat's New in Predictive Analytics IBM SPSS
What's New in Predictive Analytics IBM SPSSVirginia Fernandez
 
What Watson Explorer is and How it works
What Watson Explorer is and How it worksWhat Watson Explorer is and How it works
What Watson Explorer is and How it worksVirginia Fernandez
 
IBM Customer Engagement Solution - Retail industry
IBM Customer Engagement Solution - Retail industryIBM Customer Engagement Solution - Retail industry
IBM Customer Engagement Solution - Retail industryVirginia Fernandez
 
How does IBM Bluemix work?
How does IBM Bluemix work?How does IBM Bluemix work?
How does IBM Bluemix work?Virginia Fernandez
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 

More Related Content

More from Virginia Fernandez

=Ven a conocer la plataforma cloud de IBM!
=Ven a conocer la plataforma cloud de IBM! =Ven a conocer la plataforma cloud de IBM!
=Ven a conocer la plataforma cloud de IBM! Virginia Fernandez
 
Cloud Hibrido, Llave de la evolucion empresarial
Cloud Hibrido, Llave de la evolucion empresarialCloud Hibrido, Llave de la evolucion empresarial
Cloud Hibrido, Llave de la evolucion empresarialVirginia Fernandez
 
Computing, cognition and the future of knowing,. by IBM
Computing, cognition and the future of knowing,. by IBMComputing, cognition and the future of knowing,. by IBM
Computing, cognition and the future of knowing,. by IBMVirginia Fernandez
 
Deliveling Intellingent Transport Systems - IBM
Deliveling Intellingent Transport Systems - IBMDeliveling Intellingent Transport Systems - IBM
Deliveling Intellingent Transport Systems - IBMVirginia Fernandez
 
10 ways that cognition is shaping the future of smart buildings
10 ways that cognition is shaping the future of smart buildings10 ways that cognition is shaping the future of smart buildings
10 ways that cognition is shaping the future of smart buildingsVirginia Fernandez
 
IBM Cognos Analytics - Aumente la inteligencia de toda su empresa
IBM Cognos Analytics - Aumente la inteligencia de toda su empresaIBM Cognos Analytics - Aumente la inteligencia de toda su empresa
IBM Cognos Analytics - Aumente la inteligencia de toda su empresaVirginia Fernandez
 
IBM Security Summit 2016 - 21 de Septiembre, Madrid.
IBM Security Summit 2016 - 21 de Septiembre, Madrid.IBM Security Summit 2016 - 21 de Septiembre, Madrid.
IBM Security Summit 2016 - 21 de Septiembre, Madrid.Virginia Fernandez
 
3 New ways to Improve and Understand your Customers Experience
3 New ways to Improve and Understand your Customers Experience3 New ways to Improve and Understand your Customers Experience
3 New ways to Improve and Understand your Customers ExperienceVirginia Fernandez
 
IBM Marketing Cloud mobile solutions
IBM Marketing Cloud mobile solutionsIBM Marketing Cloud mobile solutions
IBM Marketing Cloud mobile solutionsVirginia Fernandez
 
Ibm Cognitive Computing Insurance
Ibm Cognitive Computing InsuranceIbm Cognitive Computing Insurance
Ibm Cognitive Computing InsuranceVirginia Fernandez
 
IBM ExperienceOne for E -Commerce
IBM ExperienceOne for E -CommerceIBM ExperienceOne for E -Commerce
IBM ExperienceOne for E -CommerceVirginia Fernandez
 
What's New in Predictive Analytics IBM SPSS
What's New in Predictive Analytics IBM SPSSWhat's New in Predictive Analytics IBM SPSS
What's New in Predictive Analytics IBM SPSSVirginia Fernandez
 
What Watson Explorer is and How it works
What Watson Explorer is and How it worksWhat Watson Explorer is and How it works
What Watson Explorer is and How it worksVirginia Fernandez
 
IBM Customer Engagement Solution - Retail industry
IBM Customer Engagement Solution - Retail industryIBM Customer Engagement Solution - Retail industry
IBM Customer Engagement Solution - Retail industryVirginia Fernandez
 

More from Virginia Fernandez (20)

=Ven a conocer la plataforma cloud de IBM!
=Ven a conocer la plataforma cloud de IBM! =Ven a conocer la plataforma cloud de IBM!
=Ven a conocer la plataforma cloud de IBM!
 
Cloud Hibrido, Llave de la evolucion empresarial
Cloud Hibrido, Llave de la evolucion empresarialCloud Hibrido, Llave de la evolucion empresarial
Cloud Hibrido, Llave de la evolucion empresarial
 
IBM: The Value of Training
IBM: The Value of TrainingIBM: The Value of Training
IBM: The Value of Training
 
Computing, cognition and the future of knowing,. by IBM
Computing, cognition and the future of knowing,. by IBMComputing, cognition and the future of knowing,. by IBM
Computing, cognition and the future of knowing,. by IBM
 
Deliveling Intellingent Transport Systems - IBM
Deliveling Intellingent Transport Systems - IBMDeliveling Intellingent Transport Systems - IBM
Deliveling Intellingent Transport Systems - IBM
 
10 ways that cognition is shaping the future of smart buildings
10 ways that cognition is shaping the future of smart buildings10 ways that cognition is shaping the future of smart buildings
10 ways that cognition is shaping the future of smart buildings
 
IBM Cognos Analytics - Aumente la inteligencia de toda su empresa
IBM Cognos Analytics - Aumente la inteligencia de toda su empresaIBM Cognos Analytics - Aumente la inteligencia de toda su empresa
IBM Cognos Analytics - Aumente la inteligencia de toda su empresa
 
IBM Security Summit 2016 - 21 de Septiembre, Madrid.
IBM Security Summit 2016 - 21 de Septiembre, Madrid.IBM Security Summit 2016 - 21 de Septiembre, Madrid.
IBM Security Summit 2016 - 21 de Septiembre, Madrid.
 
IBM Containers- Bluemix
IBM Containers- BluemixIBM Containers- Bluemix
IBM Containers- Bluemix
 
3 New ways to Improve and Understand your Customers Experience
3 New ways to Improve and Understand your Customers Experience3 New ways to Improve and Understand your Customers Experience
3 New ways to Improve and Understand your Customers Experience
 
IBM Marketing Cloud mobile solutions
IBM Marketing Cloud mobile solutionsIBM Marketing Cloud mobile solutions
IBM Marketing Cloud mobile solutions
 
IBM DevOps Solution - Bluemix
IBM DevOps Solution - BluemixIBM DevOps Solution - Bluemix
IBM DevOps Solution - Bluemix
 
Ibm Cognitive Computing Insurance
Ibm Cognitive Computing InsuranceIbm Cognitive Computing Insurance
Ibm Cognitive Computing Insurance
 
IBM Watson-How it works
IBM Watson-How it worksIBM Watson-How it works
IBM Watson-How it works
 
IBM ExperienceOne for E -Commerce
IBM ExperienceOne for E -CommerceIBM ExperienceOne for E -Commerce
IBM ExperienceOne for E -Commerce
 
IBM Cloud Innovation Day
IBM Cloud Innovation DayIBM Cloud Innovation Day
IBM Cloud Innovation Day
 
What's New in Predictive Analytics IBM SPSS
What's New in Predictive Analytics IBM SPSSWhat's New in Predictive Analytics IBM SPSS
What's New in Predictive Analytics IBM SPSS
 
What Watson Explorer is and How it works
What Watson Explorer is and How it worksWhat Watson Explorer is and How it works
What Watson Explorer is and How it works
 
IBM Customer Engagement Solution - Retail industry
IBM Customer Engagement Solution - Retail industryIBM Customer Engagement Solution - Retail industry
IBM Customer Engagement Solution - Retail industry
 
How does IBM Bluemix work?
How does IBM Bluemix work?How does IBM Bluemix work?
How does IBM Bluemix work?
 

Recently uploaded

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 

Recently uploaded (20)

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 

IBM PowerSC: Security and compliance solution designed to protect private clouds

  • 1. IBM Systems Data Sheet IBM PowerSC Security and compliance solution designed to protect private clouds Highlights ●● ● ● Simplify security management and compliance measurement ●● ● ● Quickly view security compliance of an entire datacenter through a new user interface ●● ● ● Reduce administration costs of meeting compliance regulations ●● ● ● Improve the audit capabilities for virtualized systems ●● ● ● Reduce time and skills required for preparation of security audits ●● ● ● Improve detection of security exposures in virtualized environments Security and compliance are vital to many businesses, especially now that they must adhere to regulatory requirements designed to safeguard per- sonal data and company information from security attacks. Ensuring that IT systems are compliant with common industry security standards and maintaining system security can be a challenging, labor-intensive activity especially with today’s virtualized IT infrastructures. IBM® Power Security and Compliance (PowerSC™) provides a security and compli- ance solution optimized for virtualized environments on Power Systems™ servers, running PowerVM®. Automate systems settings for optimal security and compliance Ensuring system compliance with third-party security standards is often a labor intensive and time consuming process. Compliance standards are typically long, complex documents that are difficult to translate into the appropriate AIX® or Linux operating system settings. And, because standards often encompass many different areas of operating system and virtualization software, they may have required using several different administrative interfaces to configure a system appropriately. With web-based administration interface and preconfigured compliance profiles, PowerSC is designed to simplify the administrative effort associ- ated with complying with some of the most common external standards for security and compliance.
  • 2. 2 Data Sheet IBM Systems PowerSC security and compliance automation provides profiles for the Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act Privacy and Security Rules (HIPAA), the North American Electric Reliability Corporation (NERC) standards and US Department of Defense Security Technical Implementation Guide for UNIX (DoD STIG) standards, as well as supporting the implementation of best practices specified by the Control Objectives for Information and related Technology (COBIT) standard. Public companies that are subject to the U.S. Sarbanes-Oxley Act of 2002 often adopt the COBIT best prac- tices. PowerSC also provides a security automation profile to automate configuration of optimal security for database servers. Those profiles can be now be monitored and applied via the web-based user interface in the latest release. The simplified user experience: ●● ● allows role based access to viewing overall health and status of your environment, ●● ● provides the ability to create custom profiles based on the provided profiles, ●● ● and provides the ability to view and take action based on like endpoints placed into custom groups. PowerSC security and compliance automation significantly sim- plifies systems configuration settings management, allowing security administrators the time to focus on the other aspects of standards compliance. Improve visibility and hardening of the virtual infrastructure PowerSC provides a range of capabilities to ensure a root of trust for Virtual Machines, including “Trusted Boot,” a virtual implementation of the Trusted Platform Module (TPM) from the Trusted Computing Group. The PowerSC Trusted Boot feature provides virtual TPM functionality for AIX virtual machines running with the PowerVM hypervisor on Power Systems. The TPM functionality measures the system boot process in each virtual machine, and with cooperation from the AIX Trusted Execution technology, provides security, trust and assurance of the boot image on disk, the entire operating system and the application layers. Each virtual machine has its own separate virtual TPM that holds its unique measurement data used to validate the root of trust. This functionality is available on all IBM Power Systems built with POWER8® technology or on systems running eFW7.4 firmware or higher. A trust monitor, OpenPTS, is also provided with PowerSC that enables administrators to monitor and attest to the trust of their AIX virtual machines. The monitor makes clear the trust and security level of Power Systems running PowerVM virtualization. Comply with site security policies for virtual machines Maintaining virtual machines across multiple systems presents different administrative challenges to traditional physical sys- tems deployment. For example, a virtual machine may be sus- pended or powered off or even moved to other servers during a patch application process. Moving a virtual machine, for example, may open a window of vulnerability by potentially having a different patch level than is required on a target physical system. Trusted Network Connect (TNC) and Patch Management in PowerSC can detect AIX virtual machines that do not meet the corporate patch policies that have been established for a virtual- ized data center. Alerts are triggered if a noncompliant virtual machine is detected. TNC and Patch Management analyzes
  • 3. 3 Data Sheet IBM Systems data from both the Service Update Manager Assistant (SUMA) and the Network Installation Manager (NIM) to check each virtual machine during network activation. TNC and Patch Management also monitor the IBM Electronic Customer Care system and provide alerts for new security patches or updates that affect AIX systems. Alerts can also be configured simply to send SMS messages to mobile devices. In the latest release TNC and Patch Management also moni- tors the open-source software provided as a part of the base AIX for packages that have been downloaded from the AIX toolbox or other web download sites for AIX Open Source Packages. Harden audit trails in virtual environments Trusted Logging in PowerSC centralizes the AIX system logs across all virtual machines on a server, enabling the logs to be kept on a single instance of the PowerVM Virtual I/O Server (VIOS). This secure VIOS virtual machine protects the entire log data received from each AIX virtual machine. No adminis- trator of any AIX virtual machine can remove or alter the system logs held on the secure VIOS Server. With the introduction of centralized logging and administration provided by Trusted Logging, backup, archive and audit of system logs is significantly simplified for the security administrator. Feature Benefits Security and compliance automation AIX, Linux ●● Reduces administration costs for complying with industry security standards Real-time compliance monitoring AIX ●● Continuous monitoring and alerting if changes occur that cause AIX systems to be non-compliant to security policies. Compliance reports AIX, Linux ●● Reduces time and cost to provide security and compliance reports to auditors Preconfigured profiles for PCI, DOD STIG, HIPAA, NERC, COBIT security standards and database servers AIX all profiles, Linux PCI & HIPAA ●● Saves time, cost and risk associated with deploying industry security standards Web-based User Interface AIX ●● ●● Provides datacenter wide awareness of a datacenter’s security compliance Improves adherence to industry security standards Trusted Boot AIX ●● Reduces risk of compromised security by guaranteeing that an AIX operating system image has not been inadvertently or maliciously altered Trusted monitoring AIX ●● Ensures high levels of trust by displaying the status of all AIX systems participating in a trusted system configuration Trusted logging AIX ●● ●● Prevents tampering or covering security issues by storing AIX virtual machine system logs securely on a central PowerVM Virtual I/O Server Reduces backup and archive time via storing audit logs in a central location Trusted network connect and patch management AIX ●● ●● Ensures that site patch levels policies are adhered to in virtual workloads Provides notification of noncompliance when back-level systems are activated Trusted firewall Any VM Type, AIX, Linux, IBM i ●● Improves performance and reduces network resource consumption by providing firewall services locally with the virtualization layer Trusted Surveyor Any VM Type AIX, Linux, IBM i ●● Provides visibility to ensure segregation of virtual networks to maintain security compliance
  • 4. Control and enforce compliance for virtual networks The Trusted Firewall feature in PowerSC provides a virtual firewall that allows network filtering and control within the local server virtualization. The virtual firewall improves perfor- mance and reduces resource consumption of network resources by allowing direct and secure local VM to VM network traffic. The Trusted Firewall has the ability to monitor traffic and provide advice as to which traffic should be added to the fire- wall. This advisor can generate the appropriate commands to add the VM network segments to the Trusted Firewall. Monitor compliance to network segregation policies PowerSC Trusted Surveyor provides the capability to monitor network configuration drift and to report on network compli- ance adherence to defined policies. This provides an indepen- dent audit and governance of virtualized network infrastructure which ensures consistent and controlled configuration change. The information that Trusted Surveyor provides lowers administration costs by automating the network compliance monitoring. The Trusted Surveyor compliance monitoring solution works for all Power VM types which include AIX, IBM i and Linux. Trusted Surveyor is sold separately. All other PowerSC functionality is offered in the PowerSC Standard Edition. For more information To learn more about IBM PowerSC, please contact your IBM marketing representative or IBM Business Partner, or visit the following website: ibm.com/systems/power/software/security/index.html­ ­ ­ ­ ­ © Copyright IBM Corporation 2016 IBM Systems Route 100 Somers, NY 10589 Produced in the United States of America October 2016 IBM, the IBM logo, ibm.com, AIX, Power Systems, PowerVM, PowerSC, and POWER8 are trademarks of International Business Machines Corporation in the United States, other countries or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml Other company, product or service names may be trademarks or service marks of others. This document is current as of the initial date of publication and may be changed by IBM at any time. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided. ­ ­ Please Recycle POD03063-USEN-08­ ­