Network and resource availability is critical to business and service assurance. But enterprises, federal agencies, and service providers can lose millions of dollars per year as a result of worms and other types of malware that bring down corporate resources and customer-facing services. That is why information security is one of the top concerns of every CIO in any organization. To maximize resource and service availability and protect customer information, today’s information security teams must be able to:
– Quickly recognize and handle security incidents.
– Enforce security policies.
– Support audit and compliance initiatives.
The problem is that each of these activities involves security data that resides throughout the organization. Enterprises and service providers need to be able to access and quickly analyze this time disparate data quickly and efficiently. In today’s complex, multi vendor environments that means leveraging an automated, integrated solution. In response to these challenges, IBM Tivoli Security Operations Manager, a security information and event management (SIEM) platform is designed to improve the effectiveness, efficiency and visibility of security operations and information risk management.
This IBM Redbooks publication helps you design/create a solution using Tivoli Security Operations Manager to centralize and store security data from throughout the technology infrastructure so that you can:
– Automate log aggregation, correlation and analysis.
– Recognize, investigate and respond to incidents automatically.
– Streamline incident tracking and handling.
– Enable monitoring and enforcement of policy.
– Provide comprehensive reporting for compliance efforts.
This book is a valuable resource for security officers, administrators and architects who wish to understand and implement a Security Event and Information Management system.
Download the new IBM Redbook: Deployment Guide Series: IBM Tivoli Security Operations Manager 4.1