The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Tivoli Security Information and Event Manager

Posted by Xavier Ashe on January 29, 2008

This product offering is the next evolution of what I've been doing at IBM.  Finally, a public announcement!!

IBM Tivoli Security Information and Event Manager V1.0 helps IT security organizations obtain valuable security insights that your organization can act on, by:

    * Facilitating compliance by using centralized dashboard and reporting capabilities.
    * Helping to protect intellectual property and privacy by auditing the behavior of all users — privileged and nonprivileged.
    * Managing security operations effectively and efficiently with centralized security event correlation, prioritization, investigation, and response.

IBM Tivoli Security Information and Event Manager V1.0 offers:

    * Integration and exchange of events between IBM Tivoli Security Operations Manager and IBM Tivoli Compliance Insight Manager correlation engines.
    * New endpoint pricing for both security incident and audit log collection.

Security information and event management (SIEM) is a primary concern of CIOs and CSOs in many enterprises and organizations. There is a need to centralize security-relevant events and analyze the consolidated data to obtain valuable security and compliance insights.

IBM offers two complementary perspectives on SIEM:

    * A real-time, network event-oriented management dashboard that facilitates attack recognition and security incident management.
    * An information analysis dashboard to monitor how well an organization adheres to its security and governance policies.

IBM Tivoli® Security Information and Event Manager V1.0 is comprised of two products that work closely together to help realize the full promise of enterprise SIEM: IBM Tivoli Security Operations Manager V4.1 and IBM Tivoli Compliance Insight Manager V8.5. Now you can centralize log collection and event correlation across the enterprise, and can leverage an advanced compliance dashboard and regulatory compliant reports to link security events and user behavior to corporate policies.

Tivoli Security Information and Event Manager V1.0 delivers a foundation from which to address your SIEM requirements — now and into the future. As a result, IT organizations can lower their exposure to security breaches; control the costs of collecting, analyzing, and reporting on compliance related events; and manage the complexity of heterogeneous technologies and infrastructures. IBM Tivoli Security Information and Event Manager offers end-to-end capabilities including:

    * Security compliance dashboard.
    * Security operations dashboard for security incident management.
    * Real-time log aggregation, correlation, and analysis of security incidents.
    * IT operations integration.
          o Recognize, investigate, and respond to security incidents automatically.
          o Streamline incident tracking, handling, and resolution.
    * Mainframe, operating system, application, and database audit analysis.
    * Privileged user monitoring and auditing (PUMA).
    * Log management reporting.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: