New Web based Training for TSOM 4.1

IBM Tivoli Security Operations Manager 4.1 – Fundamentals

Course description

In this 4-hour Web-based training course, you will use IBM Tivoli Security Operations Manager 4.1 to learn its fundamentals and operator tasks.

Objectives

After completing this course, you should be able to:

• Install and configure IBM Tivoli Security Operations Manager 4.1
• Configure and collect events from sensors

Course outline

1. Introduction
2. Installation
3. Administration
4. Investigating Events
5. Correlating Events

Who will benefit from this course

This course is intended for implementers and administrators who need to correlate security events.

Required skills/knowledge

• Intrusion detection: Understand the basic concepts of intrusion detection
• TCP/IP: Understand IP addresses, networks, and ports

Recommended courses

• Tivoli Implementation Foundation Skills: Database Administrator Essentials (Foundation Skills)
• Tivoli Implementation Foundation Skills: TCP/IP (Foundation Skills)

Click here for order information.

IBM software bundle targets retail theft, data breaches

IBM is targeting retail security with a package of software and services designed to prevent physical loss of merchandise, protect against electronic threats and comply with credit card industry regulations.

SecureStore, announced Wednesday, combines surveillance and RFID systems with software that protects online and in-store transactions, as well as software that protects databases and applications from network-based threats, IBM said. While SecureStore mainly consists of pre-released products from IBM divisions such as Internet Security Systems (ISS), Tivoli and Rational, Big Blue’s Val Rahmani says it is unique in that it brings together products from various parts of IBM to address one industry segment, and re-architects the products so they fit together and are optimized for retail.

Read the full article on Network World.

TSOM Redbook

Network and resource availability is critical to business and service assurance. But enterprises, federal agencies, and service providers can lose millions of dollars per year as a result of worms and other types of malware that bring down corporate resources and customer-facing services. That is why information security is one of the top concerns of every CIO in any organization. To maximize resource and service availability and protect customer information, today’s information security teams must be able to:

- Quickly recognize and handle security incidents.
- Enforce security policies.
- Support audit and compliance initiatives.

The problem is that each of these activities involves security data that resides throughout the organization. Enterprises and service providers need to be able to access and quickly analyze this time disparate data quickly and efficiently. In today’s complex, multi vendor environments that means leveraging an automated, integrated solution. In response to these challenges, IBM Tivoli Security Operations Manager, a security information and event management (SIEM) platform is designed to improve the effectiveness, efficiency and visibility of security operations and information risk management.

This IBM Redbooks publication helps you design/create a solution using Tivoli Security Operations Manager to centralize and store security data from throughout the technology infrastructure so that you can:

- Automate log aggregation, correlation and analysis.
- Recognize, investigate and respond to incidents automatically.
- Streamline incident tracking and handling.
- Enable monitoring and enforcement of policy.
- Provide comprehensive reporting for compliance efforts.

This book is a valuable resource for security officers, administrators and architects who wish to understand and implement a Security Event and Information Management system.

Download the new IBM Redbook: Deployment Guide Series: IBM Tivoli Security Operations Manager 4.1

TSOM + CloudShield + ISS + Blade = Awesome

IBM (NYSE: IBM) on Tuesday introduced a blade server that supports CloudShield Technologies’ software for real-time analysis of network traffic to prevent viruses and denial of service attacks.

“The IBM BladeCenter PN41 enables service providers to manage their network, security and telecommunications technology on a integrated platform,” Jim Pertzborn, VP of telecommunications industry solutions for IBM Systems Group, said in a statement. “This integration can help service providers meet their customers’ evolving requirements for data, voice and video services.”The new blade and software support are key components of IBM’s hardware, software and services framework for service providers. The package also includes IBM’s intrusion prevention technology and Tivoli Security Operations Manager.

Read the full article on InformationWeek.  I first heard about this project about 2 years ago when I was helping develop solutions for the Telecom group at IBM.  It’s taken a lot of work to get this packaged together and I am glad to see it finally hit the streets.  Other sites that have picked this up:

• IBM Press Release: IBM Introduces First Blade Server to Reduce Security Threats, Optimize Network Traffic
• Telephony Online: Cloudshield, IBM put DPI on Blade Center
• TelecomWeb: New IBM Blade First To Offer DPI
• ZDNet UK: IBM tackles security with a blade
• The Register: IBM pitches ‘network security’ blade server, Slimline P2P throttler
• The Inquirer UK: IBM introduces intelligent blade server, Counters security threats
• IT Jungle: IBM Partners with CloudShield for Network Security Blade Server
• eWeek: HP, IBM Unveil Blade Servers Optimized for Virtualization
• TechNewsWorld: IBM Hones New Blade Server to Repel DoS Attacks
• E-Commerce Times(TechNewsWorld) : IBM Hones New Blade Server to Repel DoS Attacks
• SmartBrief: IBM unveils security-enhanced blade server
• Picked up on over 130 sites, including CNN Money, Yahoo! Finance and Investors Business Daily