Beruflich Dokumente
Kultur Dokumente
Agenda
Addressing banking industry imperatives through: Visibility Control Automation Challenges facing decision makers in the banking industry today Potential benefits from addressing these challenges IBM Security Solutions for banking Industry
Across many industries there is a need to implement bold strategies that provide visibility of how systems are operating, control of IT and fixed asset management and automation of both physical and cloud infrastructures in order to meet the demands of clients worldwide.
Business environments in every industry need to adapt and thrive in the face of change
All industries remain focused on controlling cost while increasing the utilization of everything
Visibility Real time access to business analytics tailored to meet the needs of your bank.
Control Efficient management of cost and optimization of banking processes and assets.
IBM can help you gather, synthesize, and improve information to help improve the way your bank operates turning mountains of data into real time decisions.
Operational IT Risk
Regulatory Audit
IT Transformation
SMART IS
Gaining complete compliance with regulations while reducing costs and processes
Banco Mercantil do Brasil, Brazil: The bank reduced the time and cost of managing user access across the entire account lifecycle - 80% reduction in provisioning time , 35% reduction in passwordrelated help desk calls, 7 to 1 reduction in number of managed passwords for each user
7
A US Financial bank, US: While complying with numerous regulatory requirements, the IBM solution the bank implemented also saved $60,000 per application by centralizing its security policy, in part by reducing the number of help-desk calls by 61%
2012 IBM Corporation
10
HP EDS
CA
Symantec
McAfee
EMC
Oracle (Sun)
Cisco
Verizon
People and Identity Data and Information Application and Process Network, Server and End Point Physical Infrastructure
IBM Tivoli Identity Manager (TIM) IBM Tivoli Access Manager for Enterprise Single Sign-On (TAM E-SSO) IBM Tivoli Federated Identity Manager (TFIM) IBM Tivoli Access Manager for ebusiness (TAMeb) IBM Tivoli Security Information and Event Manager (TSIEM)
IBM Security Network Intrusion Prevention (GX series) IBM Security Server Protection IBM Virtual Server Protection for VMware IBM Security SiteProtector System IBM Tivoli Endpoint Manager for Security and Compliance, built on BigFix technology IBM Security zSecure suite
Q1 Labs QRadar Solutions IBM Tivoli Security Information and Event Manager (TSIEM)
11
IBM Tivoli Identity and Access Assurance (TIAA) beat out Microsoft, Novell, CA and others to win SC Magazine's 2011 award for the Best Identity Management Application (article found here http://www.scmagazineus.com/best-identity-managementapplication/article/196008/)
In addition, SC Magazine named IBM Tivoli Access Manager for Enterprise Single Sign-On a finalist for the Best Multi-Factor award (LINK) and IBM Security Network IPS a finalist for the Best Web Application Firewall award (LINK).
12
Reduce Costs
Cost
Self-service password reset Automated user provisioning Manage Complexity Consistent security policy Quickly integrate new users & apps Address Compliance
Applications
Complexity
Databases
Operating Systems
Know the people behind the accounts and why they have the access they do Fix non-compliant accounts
Automate user privileges lifecycle across entire IT infrastructure Match your workflow processes
Compliance
13
TAM E-SSO provides: Enterprise single sign-on Two-factor authentication Automation to get users to productive point in their apps Multi-user machines (e.g. kiosks) fast user switching Identity management via TAM E-SSO or TIM Audit/reporting via TAM E-SSO or TSIEM with no change to the target applications
14
15
Web SSO and More with IBM Tivoli Access Mgr. for e-business (TAMeb)
#1 requirement addressed by TAMeb
Web single Sign-on Strong authentication Compliance -- know and show whos accessing what
16
Federated Targets
Multi-Domain SOA
Extranet
Portals, e.g. WP
Mainframe
17
18
19
20
21
Transparent, in-line network appliances (and virtual appliance versions) block attacks while allowing legitimate traffic to flow unhindered Preemptive intrusion prevention Track user/admin behavior File integrity monitoring Host level controls for compliance
Server Protection
IBM Security Server Protection & Server Sensor
VMsafe (Security) API integration Virtual Infrastructure Protection Intrusion Prevention & firewall IBM Security Virtual Server Protection for VMware Rootkit detection/prevention IBM Security Network IPS Virtual Appliance Inter-VM traffic analysis And more Command and control Event analysis Reporting
Security Management
Managed Security Services IBM Security SiteProtector
21
22
Customer Value Delivered by Tivoli Endpoint Manager for Security and Compliance, built on BigFix technology
PATCH MANAGEMENT Automated, effective, rapid patch deployment Single agent addresses Microsoft, UNIX, Linux, Mac and 3rdparty application patches (Adobe, Mozilla, Java, ) Automated or manual network bandwidth throttling based on network traffic . . . CPU impact <2% Real-time reporting know which patch went where SECURITY CONFIGURATION & POLICY COMPLIANCE Asset discovery know what is owned (and not owned), so you can be protected Security configuration mgmt. continuous assessment of endpoint security compliance . . . addresses audit concerns Host-based vulnerability assessment 99.9% accuracy Automated, out-of-the-box checklists for assessing security policy compliance General (PCI, SOX, ) and U.S. Government class (NIST 800-53, FDCC, DISA-STIGS, CyberScope/FISMA)
23
TEM-SC Asset discovery Continuous endpoint monitoring Patch management, incl. 3rd party applications Security configuration management Single agent for security, SW distribution, power, Cross-AV-vendor management Performance: Manage up to 250K endpoints w/1 svr. Endpoint OSs supported
24
Microsoft SCCM
Symantec Altiris
LANDesk
Windows
Partners for others
Client: Win, Mac, Linux, no UNIX Server: Win, Linux, UNIX, VMware
25
Replaced existing McAfee/EPO system on 4,300 endpoints in 2 weeks with no issues. A/V signature compliance went from 60% to 95%+ since the migration to CPM. Older systems ran like new once TEM-CP was installed. No centrally managed AV solution for Macs No cross-platform AV solution Need to manage/report on machines outside the internal network No additional hardware Centralized AV management for Macs Web reputation in Mac environment Easy installation; only had to package uninstall of existing AV solution
26
SIEM Risk Management Log Management Network behavior analytics Security event management User behavior analytics Compliance reporting
27
Automate the policy monitoring and evaluation process for configuration changes in the infrastructure
28
29
SIEM
Integrated log, threat, risk & compliance mgmt. Sophisticated event analytics Asset profiling and flow analytics Offense management and workflow
Risk Management
Predictive threat modeling & simulation Scalable configuration monitoring and audit Advanced threat visualization and impact analysis
Network analytics Behavior and anomaly detection Fully integrated with SIEM
30
31
Tivoli Security Information and Event Manager provides a single, integrated product that delivers insider threat, audit and compliance
Highlights
Single, integrated product Log Management Reporting Unique ability to monitor user behavior Enterprise compliance dashboard Compliance management modules and regulation-specific reports Broadest, most complete log and audit trail capture capability W7 log normalization translates your logs into business terms Easy ability to compare behavior to regulatory and company policies
32
TSIEM: Tivolis Enterprise security audit management and reporting system Guardium
DB2 (Host/Distributed) DB2/z Sybase Oracle Database Teradata SQL Server
33
M E I TS
ive h c Ar
SiteProtector
Applications (Rational AppScan) Virtualized Resources (VSP) Network (Network IPS) Hosts (Host IPS)
Others
Mainframe Data and Applications NW Ops Ctr. devices System Ops Ctr. devices
Tivoli Identity Manager TAMeb Tivoli Federated ID Mgr. Tivoli Security Policy Mgr. Tivoli Security Operations Manager
34
35
36
37