IBM InfoSphere Guardium Tech Talk: Guardium Implementation for DB2 on z
|
|
- Nicholas Weaver
- 5 years ago
- Views:
Transcription
1 Ernie Mancill Executive IT Specialist Roy Panting Guardium Technical Specialist 16 May 2013 IBM InfoSphere Guardium Tech Talk: Guardium Implementation for DB2 on z Information Management 1
2 Logistics This tech talk is being recorded. If you object, please hang up and leave the webcast now. We ll post a copy of slides and link to recording on the Guardium community tech talk wiki page: You can listen to the tech talk using audiocast and ask questions in the chat to the Q and A group. We ll try to answer questions in the chat or address them at speaker s discretion. If we cannot answer your question, please do include your so we can get back to you. When speaker pauses for questions: We ll go through existing questions in the chat Raise your hand in the SmartCloud meeting room if you want to ask a question verbally and we ll call your name You will need *6 to unmute phone line if you are dialed in 2 2
3 Reminder: Upcoming Guardium Tech Talks Title: Integrating QRadar and Guardium Speakers: Luis Casco-Arias and Stephen Keim with Ty Weis Date &Time: Wed, June 5, :30 AM EDT Register here: Title: Planning a deployment Speakers: Boaz Barkai and Yosef Rozenblit Date &Time: Thursday, Jun 20, :30 AM EDT Register here: Link to more information about these tech talks can be found on the InfoSpere Guardium developerworks community: Special event: Webcast: Best Practices for Securing and Protecting MongoDB Data, hosted by 10gen, The MongoDB Company Register at 3 3
4 Polling Question At what stage is your InfoSphere Guardium implementation for DB2 for z/os? 1. We don't have this product yet; we are just learning 2. We have Version 8.2 and are planning our deployment / upgrade to Version 9 3. We are planning a new deployment with Version 9 4. We have Version 9 deployed 5. None of the above 4 4
5 Ernie Mancill Executive IT Specialist Roy Panting Guardium Technical Specialist 16 May 2013 IBM InfoSphere Guardium Tech Talk: Guardium Implementation for DB2 on z/os Information Management 5
6 Agenda How InfoSphere Guardium on System z provides value Planning an implementation Implementing Guardium on System z into a non-production system Rolling out Guardium on System z into production Getting started with monitoring Wrap up 6 6
7 Our clients say Inconsistent data North American Multi-Line Insurer: Our new CEO became the most ardent supporter of Data Governance when he discovered that reports from different parts of the organization had inconsistent data. We have no control over the quality of data United States Government Agency: Our team is responsible for the trustworthiness of data to the field analysts but we have no control over the quality of data that flows into our Financials from SAP R/3 to BW. We need a policy and process to ensure we are protecting our data Healthcare Insurer: My team is responsible for sending data externally to many of our business partners and other entities. The number of these requests has grown significantly over the years and they are becoming increasingly involved and complicated. We need a policy and process to handle these requests to ensure we comply with all privacy/security regulations. We also need appropriate executive-level review and approval to ensure that each request for sharing our data externally is the right thing for us to do from a business perspective. We keep everything forever A large chemical manufacturer fails to destroy content and records in accordance with their corporate retention policy and are now burdened with the high cost of managing storage and ediscovery with no visibility into what to destroy and when. During ediscovery, we spent over $12 million dollars reviewing documents that were already past their retention dates and should have been disposed of and this was on just 4 cases at any point in time we have over 100 cases pending. We need a systematic way to manage this growth. We need a systematic way to manage this growth. CFO Survey: Current state & future direction, IBM Business Consulting Services. The top challenge for 43% of CFOs is improving governance, controls, and risk management. 7 7
8 Information Governance creates order out of information chaos Information Governance is the exercise of decision rights to optimize, secure and leverage data as an enterprise asset. Orchestrate people, process and technology toward a common goal Promotes collaboration Derive maximum value from information Leverage data as an enterprise asset to drive opportunities Safeguards information Ensure highest quality Manage it throughout lifecycle Governing the creation, management and usage of enterprise data is not an option any longer. It is: Expected by your customers Demanded by the executives Enforced by regulators/auditors 8 SUMMARY Information Governance allows organizations to create order of this information chaos. It provides the means by which organizations can manage this explosion of information. Its about enabling people to do their jobs more effectively by providing them with the decision rights to optimize, secure and leverage enterprise data as an asset that can drive business opportunities. Information governance doesn t have to be difficult or mysterious. At its most basic, it involves organizing people, processes and technology to optimize, protect and leverage information both structured and unstructured as an enterprise asset that must be protected, meet quality standards and managed throughout its lifecycle. Even if you feel removed from aspects of governance, you can still learn the vocabulary and rules. It s easy, effective and it can help solve a lot of information-related problems that may have eluded resolution for years. The management of data through governance is no longer optional. Organizations have to do this to be competitive. Your customers expect you to know your data, the executives demand accuracy and expediency and the regulators/auditors will enforce it. Data custodians are being pushed from all sides to meet these demands. 8
9 Threats to database and legacy data Privileged User access to data from outside of the DBMS Access to DB2 Linear VSAM datasets Privileged User access to DBMS Data via SQL/DL1 Abuse of privilege without business Need to Know External Threats SQL Injection (Hacking) Movement of data outside of the DBMS Unloads Clones Test Data Replication 9 9
10 Level 1: - Encryption The first thought of providing data security is Level 2 Database Activity Monitoring Auditing is based on an aud Level 3: Audit access to VSAM linear datasets Sensitive informatio Level 4: Business Need to Know Security is everyone s concern. T data. Level 5: Protect the use of unloads and extracts for the purpose of: Test data management and generation Unloaded data for batch processes Extracts for external uses Replicated data Backup and Recovery assets 10
11 But System z is already secure.why do we need more? Separation of duties Privileged users need to know vs abuse or mistake Trace-based auditing controlled by privileged users SAF plays a vital role in protection of data on z/os, but is not tamper-resistant and actionable Achieving audit readiness is labor-intensive and introduces latency RACF lacks sufficient granularity for reporting DB2 Audit Trace significantly improved in V10, but still requires externalization to SMF and customer provided reporting infrastructure Real time event collection Batch processing of audit data from external sources prevents real time alerts 11 RACF and SAF exploitative security products provide control for resource access, but cannot determine access intent (Need to Know vs Privilege Abuse). Also RACF lacks granularity when generating audit reports. DB2 Audit Trace significantly improved in V10, but still requires externalization to SMF and customer provided reporting infrastructure. SMF based reporting can result in latency from event capture to subsequent reporting and actionable processing. Trace based auditing tends to be complex and controlled by privileged users (DBA or SYSPROGS Separation of Roles) SAF plays a vital role in protection of data on z/os, but audit event collection/reporting which is tamper resistant, real-time, and actionable is also needed. Guardium on z/os provides this information. 11
12 Capabilities for a layered defense in depth Network Infrastructure Mainframe Availability Performance Security IT DBA Application Network IT DBA App Admin Network Admin IT DBA App Network Security Compliance CISO Guardium VA 12 Vulnerability Assessment Guardium DAM Focused on the Infrastructure InfoSphere Guardium for DB2 on z/os, IMS and VSAM Guardium Encryption InfoSphere Guardium Encryption Tool Meta-Data (configuration) Dynamic Data (in motion) Static Data (at rest) It s all about the DATA Compliance DiscoveryClassification Discovery Privacy Security Integrity IBM InfoSphere Guardium for DB2 on z/os collects Collection of all DML (Inserts, Updates, Deletes, etc) Collection of all DDL (Create, Alter, Drop, etc) Collection of DB2 Commands, Utilities, Authorizations Low overhead application impact IBM InfoSphere Guardium for IMS on z/os provide visibility IMS Online regions IMS DLI/DBB batch jobs INSERT (ISRT), UPDATE (REPL), DELETE,(DLET) and GET Obtain concatenated key and segment data Links Get Hold and Replace for before/after reporting IBM InfoSphere Guardium for VSAM on z/os Dataset (VSAM Cluster) Level Events (Open, Close, Alter, etc) All VSAM types supported Record level collection (key information) for KSDS and RRDS IBM InfoSphere Encryption Tool for IMS and DB2 Databases Row/Segment level Encryption for IMS Databases and DB2 Tables Leverage latest in zenterprise encryption hardware and z/os encryption exploitation Ensures that recovery assets (Image Copy and Recovery Log) are also encrypted 12
13 InfoSphere Guardium value proposition Continuously monitor access to sensitive data in databases, data warehouses, Hadoop big data environments and file shares to: 1 Prevent data breaches Mitigate external and internal threats 2 Ensure the integrity of sensitive data Prevent unauthorized changes to data, data infrastructure, configuration files and logs 3 Reduce cost of compliance - Automate and centralize controls - Simplify audit review processes 13 Guardium s charter is in-depth handling of all aspects around the protection of critical data in databases, data warehouses, Hadoop big data environments and file shares. The value proposition (bullets below) has not changed in years; this has always been our mission and our goal. Our mission is to help customers: - First, Protect and prevent data breaches and fraud, from both internal and external sources - Second, It helps them control access to sensitive enterprise data (like in what is controlled through SAP, Peoplesoft, etc, and even some unstructure document data), thus assuring data governance - and Third, It streamlines the process for compliance around data protection. Guardium provides the tools to slash compliance cost, by automating and centralizing the controls you need to comply with a variety of mandates, such as SOX or PCI. Because of our extensive heterogeneous support, this can be accomplished across all popular databases and applications, ensuring you can deploy a single solution enterprise-wide. 13
14 InfoSphere Guardium value proposition (cont.) 4 Do it all in an efficient, scalable, and cost effective way Increase operational efficiency Automate & centralize internal controls Across heterogeneous & distributed environments Identify and help resolve performance issues & application errors Highly-scalable platform, proven in most demanding data center environments worldwide No degradation of infrastructure or business processes Non-invasive architecture No changes required to applications or databases 14 A forth value proposition is focused on being enterprise ready. What it means is the ability to scale Guardium in an efficient, and cost effective manner. Every release Guardium introduces significant improvement in scalability, integrations and automation-related features, with one goal in mind streamline the administration, configuration and usage of the solution in large environments. 14
15 IBM InfoSphere Guardium provides real-time data activity monitoring for security & compliance DB2 for z/os high level architecture Web-based UI Alerts and reports SQL requests InfoSphere Guardium S-TAP for DB2 on z/os Data Data DB2 Data InfoSphere Guardium Collector (Hardened repository) Continuous, policy-based, real-time monitoring of all data traffic activities, including actions by privileged users Database infrastructure scanning for missing patches, mis-configured privileges and other vulnerabilities Data protection compliance automation 15 Lets take a quick look at how Guardium achieves these benefits: An essential component to Privacy and Protection is how to maintain real-time insight into database access and activity, to protect enterprise data and comply with regulatory requirements. Guardium enables IBM clients to maintain trusted information infrastructures by continuously monitoring access and activity to protect high-value databases against threats from legitimate users and potential hackers. Additionally, Guardium also assesses the vulnerability of the database infrastructure itself to ensure their continued highest level of security. And last, we also and reduce operational costs by automating regulatory compliance tasks. It does this using a single integrated appliance, which can be configured as a Collector, a Central Policy Manager, or Vulnerability Assessment Server with the simple use of license keys. The key to monitoring non-intrusively is the STAP, which is a light-weight Software TAP (STAP) that taps all incoming traffic. Basically, Guardium is a gateway to all data flows. No DB, app, or network changes are necessary. All this traffic that meets the auditing policy is sent to the Collector, which runs policy against it and provides real-time alerting. The Central Policy Manager is the central point of control for all collectors. You may notice that all major DB infrastructures and some major applications are supported. This is where Guardium provides extra value-add. By in-depth understanding of all these protocol/schema differences. The appliances can be redundantly configured to provide a high available solution. The STAP takes only a small performance footprint which is much less than turning native auditing on, with the additional benefit of SOD, since the DBAdmin does not have control over the appliance and cannot affect its audit collection. Once setup, the Collector or Central Policy Manager can gather all the audit information in a normalized format (like an SIEM for DBs). The Vulnerability Assessment tool will scan the DB2 on z/os databases for needed patches or configuration hardening, based on periodically updated vulnerability templates. All this information (configuration, vulnerability, audit) can easily be packaged and reported for the major regulations. We have pre-packaged modules for each major regulation. And to the part that may interest you the most, Guardium can readily integrate with several Security and Systems Management solutions, providing a complementary in-depth view of the database security posture. ************************************************************************** Secures and protects high-value databases, identifies application-layer fraud Enables consistent enforcement of governance policies; demonstrates compliance Lowers compliance costs and effort compared to manual auditing, with no impact on existing business processes Guardium s portfolio complements IBM s offerings for: Extends Test Data Management solutions by monitoring sensitive data access in test environments Extends Data Growth solutions with ability to monitor both active and inactive (archived) data Extends Data Privacy and protection solutions enabling consistent governance and compliance with regulatory mandates such as PCI, HIPAA, DPP and more Extends capabilities to automatically locate all databases, in both production and test environments, for monitoring and protection 15
16 Guardium integrates with IT Infrastructure for seamless operations Directory Services (Active Directory, LDAP, TDS, etc) Authentication (RSA SecurID, Radius, Kerberos, LDAP) Data Classification and Leak Protection (Credit Card, Social Security, phone, custom, etc) SIEM (IBM QRadar, Arcsight, RSA Envision, etc) Send Alerts (CEF, CSV, Syslog, etc) SNMP Dashboards (Tivoli Netcool, HP Openview, etc) Send Events Change Ticketing Systems (Tivoli Request Mgr, Remedy, Peregrine, etc) Vulnerability Standards (CVE, STIG, CIS Benchmark) Long Term Storage (IBM TSM, IBM Nettezza, EMC Centera, FTP, SCP, etc) STAP Software Deployment (IBM Tivoli Provisioning Manager, RPM, Native Distributions) Security Management Platforms (IBM QRadar, McAfee epo ) Application Servers (IBM Websphere, IBM Cognos, Oracle EBS, SAP, Siebel, Peoplesoft, etc ) 16 Integration and reducing TCO is a major theme for us. We also ensure that there is seamless integration with how the customers run their IT operations. We have support for the diverse ecosystem where Guardium will deploy, including support for different authentication protocols, directories, SIEM solutions, Ticketing Systems, Event Dashboards, Application Servers, Software Distribution, Archival and Long term storage, etc. 16
17 Polling Question What is the primary reason you are considering a monitoring solution? 1. Meeting regulatory compliance including PCI DSS, SOX, HIPPA, etc. 2. Monitoring privileged user activity 3. Monitoring data stored in sensitive tables 4. We have not defined a primary reason yet 5. N/A 17 17
18 A sidebar discussion Performance and product evolution 2012 STAP 9 Revamped Architecture Performance (2 4%) (2009 STAP 8.1 Phase 1) FTP Based Exchange Performance (9 15%) (2011 STAP 8.1 Phase 2) Real-time streaming Performance (~5 7%) 18 (2006) AME -Local Repository on z/os -Performance (20+%) Note: Performance metrics are workload dependent, IBM IRWW workload used. Any performance data contained in this document were determined in various controlled laboratory environments and are for reference purposes only. Customers should not adapt these performance numbers to their own environments as system performance standards. The results that may be obtained in other operating environments may vary significantly. 18
19 IBM IOD /14/2013 The benefits of shared collection Utilizing Shared Collector technology, the Monitoring and Auditing products work together. Common processes are used to minimize overhead. Coordinated use of algorithms, memory, and gathered information reduces the impact on the statement being observed. This results in lower CPU consumption and better elapsed time. Shared Collector code is also more reliable and stability is improved P+A SQL Statement Execution Shared Collection P+A P A SQL Statement Execution Non-Shared Collection P A 19 Prensenter name here.ppt 19
20 Advantages of Query Common Collector Minimum resources / minimum overhead / maximum usability / maximum reliability and serviceability z/os Guardium Collector DB2 Query Monitor TCP/IP Stream WEB SERVER Query Collector Manager Audit Task Query Collector Manager Monitor Task S U P P O R T S E R V I C E S A D D R E S S Query Common Collector DB2A Subsystem OQCR TCP/IP Stream Query Collector Manager Capture Task S P A C E 20 20
21 Agenda How InfoSphere Guardium on System z provides value Planning an implementation Implementing Guardium on System z into a non-production system Rolling out Guardium on System z into production Getting started with monitoring Wrap up 21 21
22 Planning that first implementation Start with the basics Identify a non-production DB2 environment Determine how many DB2 systems to audit Identify the support people (systems programmer, security administrator, auditor) Obtain management approval Establish agreement on the implementation schedule Establish the Guardium details Determine what type of collector will be used (VM or hardware) Identify what features are needed (redundant collectors, ziip availability, integration with distributed Guardium systems, etc.) Identify the TCP/IP addresses Coordinate the Guardium training and professional services Size the environment for a collector, aggregator and central manager Determine what groups to be used to simplify the Guardium implementation Identify success criteria What needs to be audited (very important!)? What reports are required and desired? Is integration with another product, like a SIEM product, required? Is a performance test required? Are Vulnerability Assessments and Entitlement Reports required? 22 Although each implementation is unique, there are several best practices principals that can be applied to a Guardium implementation. The goal is to have solid communication with all involved parties and to develop a project plan that is acceptable to all participants. Start with the Basics The basics are similar to project implementations. Assigning the proper people with the proper skill sets is critical The implementation may take several weeks so having team members that can support the project from beginning to end is important. Establish the Guardium details Guardium is different from several other products because there are two components. One is the STAP which is installed on the mainframe and the other is the collector which is installed off the mainframe. Guardium professional services has experience with many implementations which will reduce the risk of the implementation. Identify the success criteria Having a solid success criteria provides the vision for the project. 22
23 Sample implementation timeline 1. Perform parallel activities 2 days Obtain S-TAP software and maintenance from Shop z Obtain collector software and maintenance from Passport Advantage Coordinate implementation activities 2. Install S-TAP and collector software 1 day 3. Begin collecting basic auditing 2 days 4. Refine auditing and create custom reports 8 days 5. Integrate InfoSphere Guardium with other products 5 days Total deployment of first implementation = 18 days (Your mileage may vary) 23 23
24 Guardium for DB2 on z/os architecture z/os Workstation InfoSphere Guardium S-TAP Collector Agent Audited DB2 Subsystem Define Audit Policy View Reports SQL data IFI data Filter Manager Filter Filter SQL Collector IFI Collector Data Data Data Policy push-down Persisted Policy Guardium Appliance 24 24
25 DB2 collection policy definition Identifies what activity is to be sent to the Guardium collector for auditing Uses groups to simplify administration Key component in performance. For example: Granular control over connection type Connection type provides efficient filtering 25 Defining a collection policy that filters based on connection type is a very efficient way to reduce SQL traffic being sent to the Guardium collector. For example. some organizations are not interested in auditing SQL traffic that comes from CICS. Traffic from CICS has already been authenticated and is often considered to be a trusted application. To exclude the CICS traffic, specify NOT CICS as a Connection Type group member. SQL is sent to DB2 from a variety of connection types. If specific connection types are not required for auditing, it is very easy to exclude these types from being audited. The connection type is one of the first filters applied to the input SQL being audited. If specific connection types can be excluded the benefit may be a significant reduction in MIPS processing, depending on quantity of SQL that can be filtered. Applying the proper filtering processes is key to improving Guardium STAP performance. 25
26 Agenda How InfoSphere Guardium on System z provides value Planning an implementation Implementing Guardium on System z into a non-production system Rolling out Guardium on System z into production Getting started with monitoring Wrap up 26 26
27 Conducting that first implementation Install the Guardium collector / aggregator / central manager Install the software and maintenance Configure the installation Power up the collector Install the Guardium STAP Install the STAP and maintenance on all DB2 systems to be audited Configure the installation and start STAP Validate auditing Create a simple audit collection policy Use reports to validate that DB2 activity is being stored in the repository Refine the auditing Filter unneeded audit data using policy Create custom reports, Vulnerability 27 Assessment, integration, etc. Determining what needs to be audited - some customers just need privileged users, some need to comply to regulatory regulations like PCI DSS where access to sensitive data is the most important requirement. 27
28 Conducting that first implementation Meet all functional requirements Develop detailed custom reports Modify the collection profile for efficiency, alerts, exceptions, etc. Develop an archive strategy Implement report workflow Conduct performance testing Build a repeatable performance test Run the test Review the results and make modifications until results are satisfactory Plan for ongoing maintenance Recommendation: Use same maintenance philosophy that you use for DB2 (eg LPAR or group level) Plan for the next stages Obtain approvals to migrate software to production Schedule migration to next stage Coordinate migration plan 28 Determining what needs to be audited - provide guidance here based on what you've seen from other customers. ie some customers just need privileged users, some need to comply to regulatory regulations like PCI DSS where access to sensitive data is the most important requirement. At a major bank in Brazil PCI is their requirement. The PCI accelerator helps to meet the requirements. 28
29 Agenda How InfoSphere Guardium on System z provides value Planning an implementation Implementing Guardium on System z into a non-production system Rolling out Guardium on System z into production Getting started with monitoring Wrap up 29 29
30 Rolling Guardium into production Building the production Guardium solution Size Guardium for the number of STAPs, collectors, aggregators, etc. Size the number of collectors based on estimated audit data volume and include failover contingency And plan for the unexpected! Integrate Guardium into your disaster recovery strategy Post production deployment Monitor the collector usage closely for the first few weeks Validate reports are meeting business requirements Adjust collector sizing as appropriate Adjust collection policy as appropriate Deploy the archive strategy 30 Deploying Guardium into production is the last step of deployment. The risk is significantly reduced if the system has been implemented in other nonproduction environments and thoroughly tested. Sizing the Guardium is a key factor for a production deployment. Most production mainframe DBMS systems are highly utilized. It is not uncommon for there to be several million SQL statements processed pre day for a DBMS that supports a critical business application. Sizing of Guardium focuses on the allocation of the collectors. The collectors are highly scalable. Each STAP that audits a DBMS needs to send its audit data to a collector. Depending on the audit policy, there could be a very large percentage of incoming DBMS traffic that is not needed to be audited. As a result, there may be multiple DBMS STAPs that send the audit traffic to a single collector. We recommend that the number of collectors for an initial implementation be conservative. The reason is there may be times when the amount of incoming traffic is variable. For example, there may be end of period processing or unusual events that significantly increase the activity to the DBMS. The conservative collector allocation will provide the ability to capture all audit data during spikes in processing. After a period of time the Guardium administrators can determine if the number of collectors need to be adjusted. 30
31 Agenda How InfoSphere Guardium on System z Provides Value Planning an implementation Implementing Guardium on System z into a non-production system Rolling out Guardium on System z into production Getting started with monitoring Wrap up 31 31
32 Getting started with database monitoring Produce the audit reports Identify the contents of the report See if there is a pre-built report that meets your requirements Use the Guardium GUI to build a custom report Monitor the system for "expected" results - make sure things are reasonable and expected Apply changes based on experience 32 32
33 Building the Guardium reports from the collected data Guardium has over 100 pre-built reports including accelerators for PCI, HIPAA, SOX Copy and modify existing reports or build your own using rich custom report builder Use runtime parameters for rapid subsetting of the data: Changing the date ranges Changing the DBMS subsystem names Changing the user(s) ID that submitted the requests Many more options Query builder for reports Entities and attributes 33 33
34 Sample DB2 for z/os Audit Report Can mask values to avoid sensitive data leakage Reports can be automated and run on a schedule Reports can be routed to reviewers and approvers SQL with bind values SQL with redacted values Network vs local traffic Sourceprogam JobID LOCAL TCP DRDA DB USER NAME RACF ID/SQL ID 34
35 Automating reviews and signoffs - Example Business Owner (PCI Role) Information Security (InfoSec Role) Guardium Admin (Admin Role) Reviewer can add comments, which are saved in audit trail. 35 One thing all auditors are going to want to see is a process that ensures all incidents are investigated and remediated. InfoSphere Guardium is unique in providing an integrated compliance workflow automation application that automates the process of ensuring all incidents are addressed; which reduces your operational costs while quickly providing the audit trail required for compliance. The compliance workflow tool gives you the flexibility to define unique custom processes for their different organizations or efforts, for example a different escalation or review steps for different parts of the organization to ensure checks and balances. In this example, we are using this workflow process to ensure review and approval of new database connections. It needs to be routed from the businessd owner, through information security and then to the Guardium Admin who can actually move the new connections to the approved connections group. The workflow process also provides enough granularity to handle individual line items in a report, like rerouting a subset of issues for escalation or outside review. These capabilities enable the cost benefits of automation to be realized; even in large, complex organizations where you have a variety of different processes, and a variety of incidents with differing remediation profiles this custom workflow can fit seamlessly into your organizational processes. 35
36 Agenda How Guardium on System z Provides Value Planning an implementation Implementing Guardium on System z into a non-production system Rolling out Guardium on System z into production Getting started with monitoring Wrap up 36 36
37 Keys to a successful implementation The more you plan the fewer surprises you will have Know the difference between monitoring and auditing Log only what the business needs Get the broader team involved as necessary (network, DBA, infosec) Take advantage of IBM Professional Services Quickly and efficiently deploy Guardium while minimizing disruption to ongoing projects Create deployment plans and architecture that can expand and scale Deploy basic monitoring and provide step by step guidance for advanced monitoring if required Educate your team at every step to accelerate self-sufficiency 37 Why services? Our highly skilled experts have broad InfoSphere Guardium architectural knowledge and deep technical skills to help you quickly and efficiently deploy Guardium We reduce project roadblocks to success by creating a deployment plan and architecture baseline to provide a technical foundation that can expand and scale We identify the steps for deploying basic monitoring then provide step by step guidance to tune the monitor and implement advance monitoring if required. We educate your team at each step to accelerate self-sufficiency through knowledge sharing We help you accelerate the adoption of Guardium while minimizing disruption to ongoing projects 37
38 Bottom line SAF (IBM RACF and CA products) plays a vital role in protection of resources on z/os, but you also need audit event collection/reporting which is tamper resistant, real-time, and actionable. InfoSphere Guardium on z/os provides Real-time, actionable activity monitoring and alerting Tamper resistant audit repository Clear separation of Roles and Responsibilities Granular insights into activity Automation, process consistency, and unique security insights Bottom line..you need both RACF and Guardium for a robust security environment on z/os 38 38
39 Resources Data Sheet:InfoSphere Guardium for z/os Replay of webcast: InfoSphere Guardium 9.0 Delivering Big Data Protection for System z and beyond ibm.com/software/os/systemz/webcast/18dec/ (register to access replay.) Short Youtube demo of InfoSphere Guardium monitoring on DB2 for z/os: InfoSphere Guardium S-TAP for DB2 on z/os User s Guide PDF ools.adhz.doc.ug/adhugb90.pdf InfoSphere Guardium S-TAP for VSAM on z/os User s Guide - PDF ools.auv.doc.ug/auvugh90.pdf 39 39
40 Information, training, and community InfoSphere Guardium YouTube Channel includes overviews and technical demos InfoSphere Guardium newsletter developerworks forum (very active) Guardium DAM User Group on Linked-In (very active) World of DB2 for z/os Security, compliance and audit subgroup Community on developerworks (includes content and links to a myriad of sources, articles, etc) Guardium Info Center (Installation, System Z S-TAPs and some how-tos, more to come) Technical training courses (classroom and self-paced) New! InfoSphere Guardium Virtual User Group. Open, technical discussions with other users. Send a note to bamealm@us.ibm.com if interested. 40 there are currently two Guardium certification tests. If you are looking into taking an IBM professional product certification exam, you may look into taking the certification ( 03.ibm.com/certify/tests/ovr463.shtml). Upon completion of the certification, you will become an IBM Certified Guardium Specialist ( The certification requires deep knowledge of the IBM InfoSphere Guardium product. It is recommended that the individual to have experiences in implementing the product to take the exam. You can view the detailed topics here: Details each topics are covered in the product manuals. You will also find the Guardium InforCenter a useful resource when you prepare for the exam: 40
41 Reminder: Upcoming Guardium Tech Talks Title: Integrating QRadar and Guardium Speakers: Luis Casco-Arias and Stephen Keim with Ty Weis Date &Time: Wed, June 5, :30 AM EDT Register here: Title: Planning a deployment Speakers: Boaz Barkai and Yosef Rozenblit Date &Time: Thursday, Jun 20, :30 AM EDT Register here: Link to more information about these tech talks can be found on the InfoSpere Guardium developerworks community: Special event: Webcast: Best Practices for Securing and Protecting MongoDB Data, hosted by 10gen, The MongoDB Company Register at
42 Dziękuję Gracias Spanish Traditional Chinese Polish Thai Merci French Russian Obrigado Brazilian Portuguese Danke German Arabic Tack Swedish Simplified Chinese Japanese Grazie Italian 42 Thank you very much for time today. 42
Click to edit Master subtitle style
IBM InfoSphere Guardium for DB2 on z/os Technical Deep Dive Part Two One of a series of InfoSphere Guardium Technical Talks Ernie Mancill Executive IT Specialist Click to edit Master subtitle style Logistics
More informationIBM InfoSphere Guardium Tech Talk: Take Control of your IBM InfoSphere Guardium Appliance
Daniel Perlov - WW Tech Support Lead for InfoSphere Guardium Abdiel Santos - Sr. L3 Engineer 11 April 2013 IBM InfoSphere Guardium Tech Talk: Take Control of your IBM InfoSphere Guardium Appliance Information
More informationIBM InfoSphere Guardium Tech Talk: Take Control of your IBM InfoSphere Guardium Appliance
Daniel Perlov - WW Tech Support Lead for InfoSphere Guardium Abdiel Santos - Sr. L3 Engineer 11 April 2013 IBM InfoSphere Guardium Tech Talk: Take Control of your IBM InfoSphere Guardium Appliance Information
More informationIBM InfoSphere Guardium Tech Talk:
Dan Goodes Guardium Technical Sales Engineer July 2013 : Database Discovery and Sensitive Data Finder Information Management Logistics This tech talk is being recorded. If you object, please hang up and
More informationData Security and Protection on IMS: Are you ready for the next Audit?
Data Security and Protection on IMS: Are you ready for the next Audit? Session 16716 Dennis Eichelberger - deichel@us.ibm.com Marilene Roder marilene@us.ibm.com Really? You know? You can do this online
More informationIBM Security Guardium v9.5 Features and Updates Tech Talk
IBM Security Guardium v9.5 Features and Updates Tech Talk Luis Casco-Arias Product Manager IBM Security Guardium Also with support from: Guy Galil, Lior Solomon and Oded Sofer 1 Logistics This tech talk
More informationOptim. Optim Solutions for Data Governance. R. Kudžma Information management technical sales
Optim Solutions for Data Governance R. Kudžma Information management technical sales kudzma@lt.ibm.com IBM Software Group 10/23/2009 2008 IBM Corporation What is Data Governance Data Governance is the
More informationIBM services and technology solutions for supporting GDPR program
IBM services and technology solutions for supporting GDPR program 1 IBM technology solutions as key enablers - Privacy GDPR Program Work-stream IBM software 2.1 Privacy Risk Assessment and Risk Treatment
More informationIBM InfoSphere Guardium Vulnerability Assessment
IBM InfoSphere Guardium Vulnerability Assessment Scan database infrastructures to detect vulnerabilities and suggest remedial actions Highlights Lowers total cost of ownership, improves security and suppor
More informationAuditing and Protecting your z/os environment
Auditing and Protecting your z/os environment Guardium for IMS with IMS Encryption Roy Panting Guardium for System z Technical Sales Engineer March 17, 2015 * IMS Technical Symposium 2015 Agenda Audit
More informationInfoSphere Guardium 9.1 TechTalk Reporting 101
InfoSphere Guardium 9.1 TechTalk Reporting 101 Click to add text Dario Kramer, Senior System Architect dariokramer@us.ibm.com 2013 IBM Corporation Acknowledgements and Disclaimers Availability. References
More informationRSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief
RSA Solution Brief The RSA Solution for VMware View: Managing Securing the the Lifecycle Virtual of Desktop Encryption Environment Keys with RSA Key Manager RSA Solution Brief 1 According to the Open Security
More informationIBM Exam 00M-662 Security Systems Sales Mastery Test v2 Version: 7.1 [ Total Questions: 72 ]
s@lm@n IBM Exam 00M-662 Security Systems Sales Mastery Test v2 Version: 7.1 [ Total Questions: 72 ] Question No : 1 What lists of key words tell you a prospect is looking to buy a SIEM or Log Manager Product?
More informationAccelerate the path to PCI DSS data compliance using InfoSphere Guardium
Use prebuilt reports, policies, and groups to simplify configuration Kathryn Zeidenstein (krzeide@us.ibm.com) Evangelist IBM 18 April 2013 Shengyan Sun (sunssy@cn.ibm.com) QA Engineer IBM This article
More informationArchitecting the Right SOA Infrastructure
Infrastructure Architecture: Architecting the Right SOA Infrastructure Robert Insley Principal SOA Global Technology Services 2007 IBM Corporation SOA Architect Summit Roadmap What is the impact of SOA
More informationIBM Software Bridging the data security gap
IBM Software Bridging the data gap Unified data protection for four key data environments 2 Bridging Comprehensive the data data protection gap for physical, virtual and cloud infrastructures 1 2 3 4 5
More informationMcAfee Database Security
McAfee Database Security Sagena Security Day 6 September 2012 September 20, 2012 Franz Hüll Senior Security Consultant Agenda Overview database security DB security from McAfee (Sentrigo) VMD McAfee Vulnerability
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More informationIBM Security Guardium Data Activity Monitor
IBM Guardium Data Activity Monitor Continuously monitor data access and protect sensitive data across the enterprise Highlights Uncover risks to sensitive data through data discovery, classification and
More information<Insert Picture Here> Managing Oracle Exadata Database Machine with Oracle Enterprise Manager 11g
Managing Oracle Exadata Database Machine with Oracle Enterprise Manager 11g Exadata Overview Oracle Exadata Database Machine Extreme ROI Platform Fast Predictable Performance Monitor
More informationSecurely maintaining sensitive financial and
How the Guardium Platform Helped Dell IT Simplify Enterprise security By Phil Neray Addison Lawrence David McMaster Venugopal Nonavinakere Safeguarding data is critical for many organizations, but auditing
More informationIBM InfoSphere Guardium Tech Talk: Roadmap to a successful V9 upgrade
Vlad Langman - L3 Engineering Manager Abdiel Santos - Sr. L3 Engineer 14 Mar 2013 IBM InfoSphere Guardium Tech Talk: Roadmap to a successful V9 upgrade Information Management Logistics This tech talk is
More informationDB2 S-TAP, IMS S-TAP, VSAM S-TAP
IBM InfoSphere Guardium Version 8.2 IBM InfoSphere Guardium 8.2 offers the most complete database protection solution for reducing risk, simplifying compliance and lowering audit cost. Version 8.2 contains
More informationWelcome to IBM Security Guardium Analyzer!
Welcome to IBM Security Guardium Analyzer! To help you get started with IBM Security Guardium Analyzer, please refer to these frequently asked questions: What is IBM Security Guardium Analyzer? Guardium
More informationOracle Audit Vault. Trust-but-Verify for Enterprise Databases. Tammy Bednar Sr. Principal Product Manager Oracle Database Security
Oracle Audit Vault Trust-but-Verify for Enterprise Databases Tammy Bednar Sr. Principal Product Manager Oracle Database Security Agenda Business Drivers Audit Vault Overview Audit
More informationPROFESSIONAL SERVICES (Solution Brief)
(Solution Brief) The most effective way for organizations to reduce the cost of maintaining enterprise security and improve security postures is to automate and optimize information security. Vanguard
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationIBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT
IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT NOTICE Clients are responsible for ensuring their own compliance with various laws and regulations, including the
More informationSecuring Your Most Sensitive Data
Software-Defined Access Securing Your Most Sensitive Data Company Overview Digital Growth Means Digital Threats Digital technologies offer organizations unprecedented opportunities to innovate their way
More informationINTELLIGENCE DRIVEN GRC FOR SECURITY
INTELLIGENCE DRIVEN GRC FOR SECURITY OVERVIEW Organizations today strive to keep their business and technology infrastructure organized, controllable, and understandable, not only to have the ability to
More informationReinvent Your 2013 Security Management Strategy
Reinvent Your 2013 Security Management Strategy Laurent Boutet 18 septembre 2013 Phone:+33 6 25 34 12 01 Email:laurent.boutet@skyboxsecurity.com www.skyboxsecurity.com What are Your Key Objectives for
More informationChoosing the level that works for you!
The Encryption Pyramid: Choosing the level that works for you! Eysha S. Powers eysha@us.ibm.com IBM, Enterprise Cryptography Extensive use of encryption is one of the most impactful ways to help reduce
More informationDB2 for z/os Tools Overview & Strategy
Information Management for System z DB2 for z/os Tools Overview & Strategy Haakon Roberts DE, DB2 for z/os & Tools Development haakon@us.ibm.com 1 Disclaimer Information regarding potential future products
More informationTrust in the Cloud. Mike Foley RSA Virtualization Evangelist 2009/2010/ VMware Inc. All rights reserved
Trust in the Cloud Mike Foley RSA Virtualization Evangelist 2009/2010/2011 1 2010 VMware Inc. All rights reserved Agenda How do you solve for Trust = Visibility + Control? What s needed to build a Trusted
More informationMicrosoft SharePoint Server 2013 Plan, Configure & Manage
Microsoft SharePoint Server 2013 Plan, Configure & Manage Course 20331-20332B 5 Days Instructor-led, Hands on Course Information This five day instructor-led course omits the overlap and redundancy that
More informationArchitektura bezpieczeństwa dla otwartych zintegrowanych systemów administracji publicznej
Architektura bezpieczeństwa dla otwartych zintegrowanych systemów administracji publicznej Robert Michalski, Security Tiger Team, Central & Eastern Europe robert.michalski@pl.ibm.com Agenda 1 2 3 Threats
More informationFabrizio Patriarca. Come creare valore dalla GDPR
Fabrizio Patriarca Come creare valore dalla GDPR Disclaimer Notice: Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data
More informationRisk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23
Risk: Security s New Compliance Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23 Agenda Market Dynamics Organizational Challenges Risk: Security s New Compliance
More informationWITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:
SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,
More informationIBM IMS Tools Keynote
IBM IMS TECHNICAL SYMPOSIUM 2016 IBM IMS Tools Keynote Janet LeBlanc IMS Tools Offering Manager 2016 IBM Corporation Agenda Our journey where we have been A couple of products you should see this week:
More informationALERT LOGIC LOG MANAGER & LOG REVIEW
SOLUTION OVERVIEW: ALERT LOGIC LOG MANAGER & LOG REVIEW CLOUD-POWERED LOG MANAGEMENT AS A SERVICE Simplify Security and Compliance Across All Your IT Assets. Log management is an essential infrastructure
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationOracle Database Vault
An Oracle White Paper July 2009 Oracle Database Vault Introduction... 3 Oracle Database Vault... 3 Oracle Database Vault and Regulations... 4 Oracle Database Vault Realms... 5 Oracle Database Vault Command
More informationOracle Buys Automated Applications Controls Leader LogicalApps
Oracle Buys Automated Applications Controls Leader LogicalApps To strengthen Oracle s Governance, Risk and Compliance Suite with Real-time Policy Enforcement October 26, 2007 Disclaimer The following is
More informationMcAfee Total Protection for Data Loss Prevention
McAfee Total Protection for Data Loss Prevention Protect data leaks. Stay ahead of threats. Manage with ease. Key Advantages As regulations and corporate standards place increasing demands on IT to ensure
More informationThe Common Controls Framework BY ADOBE
The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.
More informationVirtustream Cloud and Managed Services Solutions for US State & Local Governments and Education
Data Sheet Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education Available through NASPO ValuePoint Cloud Services VIRTUSTREAM CLOUD AND MANAGED SERVICES SOLUTIONS
More informationSOLUTION BRIEF FPO. Imperva Simplifies and Automates PCI DSS Compliance
SOLUTION BRIEF FPO Imperva Simplifies and Automates PCI DSS Compliance Imperva Simplifies and Automates PCI DSS Compliance SecureSphere drastically reduces both the risk and the scope of a sensitive data
More informationMcAfee epolicy Orchestrator
McAfee epolicy Orchestrator Centrally get, visualize, share, and act on security insights Security management requires cumbersome juggling between tools and data. This puts the adversary at an advantage
More informationCSN38: Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO
CSN38: Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO 2009 by Lieberman Software Corporation. Rev 20090921a Identity Management Definitions
More informationA Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud
A Checklist for Compliance in the Cloud 1 A Checklist for Compliance in the Cloud A Checklist for Compliance in the Cloud 1 With the industrialization of hacking and the enormous impact of security breaches,
More informationPROTECT AND AUDIT SENSITIVE DATA
PROTECT AND AUDIT SENSITIVE DATA Teleran Data and Compliance KEY FEATURES Monitors user, application, query and data usage activity Enforces data access policies in real-time Alerts staff in real-time
More informationSOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion
More informationSYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security
SYMANTEC: SECURITY ADVISORY SERVICES Symantec Security Advisory Services The World Leader in Information Security Knowledge, as the saying goes, is power. At Symantec we couldn t agree more. And when it
More informationIBM Tivoli Directory Server
Build a powerful, security-rich data foundation for enterprise identity management IBM Tivoli Directory Server Highlights Support hundreds of millions of entries by leveraging advanced reliability and
More informationHow Security Policy Orchestration Extends to Hybrid Cloud Platforms
How Security Policy Orchestration Extends to Hybrid Cloud Platforms Reducing complexity also improves visibility when managing multi vendor, multi technology heterogeneous IT environments www.tufin.com
More informationTransforming IT: From Silos To Services
Transforming IT: From Silos To Services Chuck Hollis Global Marketing CTO EMC Corporation http://chucksblog.emc.com @chuckhollis IT is being transformed. Our world is changing fast New Technologies New
More informationDiscover Best of Show März 2016, Düsseldorf
Discover Best of Show 2016 2. - 3. März 2016, Düsseldorf Transformation Area: Database Application Optimisation & Archiving mit Structured Data Manager Matthias Binder, Technical Consultant Hewlett Packard
More informationRSA Solution Brief. The RSA Solution for Cloud Security and Compliance
The RSA Solution for Cloud Security and Compliance The RSA Solution for Cloud Security and Compliance enables enduser organizations and service providers to orchestrate and visualize the security of their
More informationAutomating the Top 20 CIS Critical Security Controls
20 Automating the Top 20 CIS Critical Security Controls SUMMARY It s not easy being today s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises
More informationForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.
Real-time Visibility Network Access Control Endpoint Compliance Mobile Security ForeScout CounterACT Continuous Monitoring and Mitigation Rapid Threat Response Benefits Rethink IT Security Security Do
More informationNew York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief
Publication Date: March 10, 2017 Requirements for Financial Services Companies (23NYCRR 500) Solution Brief EventTracker 8815 Centre Park Drive, Columbia MD 21045 About EventTracker EventTracker s advanced
More informationTotal Protection for Compliance: Unified IT Policy Auditing
Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.
More informationSymantec Security Monitoring Services
24x7 real-time security monitoring and protection Protect corporate assets from malicious global threat activity before it impacts your network. Partnering with Symantec skilled and experienced analysts
More informationFIVE BEST PRACTICES FOR ENSURING A SUCCESSFUL SQL SERVER MIGRATION
FIVE BEST PRACTICES FOR ENSURING A SUCCESSFUL SQL SERVER MIGRATION The process of planning and executing SQL Server migrations can be complex and risk-prone. This is a case where the right approach and
More informationTRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald
TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE John McDonald 1 What is Trust? Can I trust that my assets will be available when I need them? Availability Critical Assets Security Can I trust
More informationJoe Stocker, CISSP, MCITP, VTSP Patriot Consulting
Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 12.16 EB7178 DATA SECURITY Table of Contents 2 Data Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationVMware BCDR Accelerator Service
AT A GLANCE The rapidly deploys a business continuity and disaster recovery (BCDR) solution with a limited, pre-defined scope in a non-production environment. The goal of this service is to prove the solution
More informationIBM Internet Security Systems Proventia Management SiteProtector
Supporting compliance and mitigating risk through centralized management of enterprise security devices IBM Internet Security Systems Proventia Management SiteProtector Highlights Reduces the costs and
More informationIBM Security Guardium Analyzer
IBM Guardium Analyzer Highlights Assess security & compliance risk associated with GDPR data Find GDPR data across onpremises and cloud databases Scan for database vulnerabilities Leverage next-generation
More informationMapping BeyondTrust Solutions to
TECH BRIEF Taking a Preventive Care Approach to Healthcare IT Security Table of Contents Table of Contents... 2 Taking a Preventive Care Approach to Healthcare IT Security... 3 Improvements to be Made
More informationNOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect
NOTHING IS WHAT IT SIEMs: COVER PAGE Simpler Way to Effective Threat Management TEMPLATE Dan Pitman Principal Security Architect Cybersecurity is harder than it should be 2 SIEM can be harder than it should
More informationIBM s Integrated Data Management Solutions for the DBA
Information Management IBM s Integrated Data Management Solutions for the DBA Stop Stressing and Start Automating! Agenda Daily Woes: Trials and tribulations of the DBA Business Challenges: Beyond the
More informationGovernance, Risk, and Compliance: A Practical Guide to Points of Entry
An Oracle White Paper January 2010 Governance, Risk, and Compliance: A Practical Guide to Points of Entry Disclaimer The following is intended to outline our general product direction. It is intended for
More informationAccelerate Your Enterprise Private Cloud Initiative
Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service
More informationSIEMLESS THREAT MANAGEMENT
SOLUTION BRIEF: SIEMLESS THREAT MANAGEMENT SECURITY AND COMPLIANCE COVERAGE FOR APPLICATIONS IN ANY ENVIRONMENT Evolving threats, expanding compliance risks, and resource constraints require a new approach.
More informationWHAT CIOs NEED TO KNOW TO CAPITALIZE ON HYBRID CLOUD
WHAT CIOs NEED TO KNOW TO CAPITALIZE ON HYBRID CLOUD 2 A CONVERSATION WITH DAVID GOULDEN Hybrid clouds are rapidly coming of age as the platforms for managing the extended computing environments of innovative
More informationAdvanced Solutions of Microsoft SharePoint Server 2013 Course Contact Hours
Advanced Solutions of Microsoft SharePoint Server 2013 Course 20332 36 Contact Hours Course Overview This course examines how to plan, configure, and manage a Microsoft SharePoint Server 2013 environment.
More informationSOLUTIONS BRIEFS. ADMINISTRATION (Solutions Brief) KEY SERVICES:
(Solutions Brief) An integrated cybersecurity Administration solution for securing any Large Enterprise. The Industry s most complete protection for the Large Enterprise and Cloud Deployments. KEY SERVICES:
More informationAdvanced Solutions of Microsoft SharePoint 2013
Course 20332A :Advanced Solutions of Microsoft SharePoint 2013 Page 1 of 9 Advanced Solutions of Microsoft SharePoint 2013 Course 20332A: 4 days; Instructor-Led About the Course This four-day course examines
More informationSQL Security Whitepaper SECURITY AND COMPLIANCE SOLUTIONS FOR PCI DSS PAYMENT CARD INDUSTRY DATA SECURITY STANDARD
SQL Security Whitepaper SECURITY AND COMPLIANCE SOLUTIONS FOR PCI DSS PAYMENT CARD INDUSTRY DATA SECURITY STANDARD The Payment Card Industry Data Security Standard (PCI DSS), currently at version 3.2,
More informationIBM WebSphere Message Broker for z/os V6.1 delivers the enterprise service bus built for connectivity and transformation
IBM Europe Announcement ZP07-0445, dated October 9, 2007 IBM WebSphere Message Broker for z/os V6.1 delivers the enterprise service bus built for connectivity and transformation Description...2 Product
More informationEvaluator Group Inc. Executive Editor: Randy Kerns
Avoiding an Infrastructure Cost Explosion as You Move to Exchange 2010 Metalogix Archive Manager Evaluator Group Inc. Technology Insight Series Executive Editor: Randy Kerns Version 1: January 2012 Copyright
More informationAdvanced Solutions of Microsoft SharePoint Server 2013
Course Duration: 4 Days + 1 day Self Study Course Pre-requisites: Before attending this course, students must have: Completed Course 20331: Core Solutions of Microsoft SharePoint Server 2013, successful
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationCCISO Blueprint v1. EC-Council
CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance
More informationCore Services for ediscovery Perfection
BEST-IN-CLASS DATA ENVIRONMENTS. Core Services for ediscovery Perfection MANAGE MANAGE IMPLEMENT IMPLEMENT ASSESS Core Services for ediscovery Perfection George Jon is an ediscovery infrastructure specialist
More informationSponsored by Oracle. SANS Institute Product Review: Oracle Audit Vault. March A SANS Whitepaper. Written by: Tanya Baccam
Sponsored by Oracle SANS Institute Product Review: Oracle Audit Vault March 2012 A SANS Whitepaper Written by: Tanya Baccam Product Review: Oracle Audit Vault Page 2 Auditing Page 2 Reporting Page 4 Alerting
More informationCisco Tetration Analytics
Cisco Tetration Analytics Enhanced security and operations with real time analytics John Joo Tetration Business Unit Cisco Systems Security Challenges in Modern Data Centers Securing applications has become
More informationDATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI
DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI EXECUTIVE SUMMARY The shortage of cybersecurity skills Organizations continue to face a shortage of IT skill
More informationTest Data Management for Security and Compliance
White Paper Test Data Management for Security and Compliance Reducing Risk in the Era of Big Data WHITE PAPER This document contains Confidential, Proprietary and Trade Secret Information ( Confidential
More informationMEETING ISO STANDARDS
WHITE PAPER MEETING ISO 27002 STANDARDS September 2018 SECURITY GUIDELINE COMPLIANCE Organizations have seen a rapid increase in malicious insider threats, sensitive data exfiltration, and other advanced
More informationVirtualizing the SAP Infrastructure through Grid Technology. WHITE PAPER March 2007
Virtualizing the SAP Infrastructure through Grid Technology WHITE PAPER March 2007 TABLE OF CONTENTS TABLE OF CONTENTS 2 Introduction 3 The Complexity of the SAP Landscape 3 Specific Pain Areas 4 Virtualizing
More informationImperva Incapsula Website Security
Imperva Incapsula Website Security DA T A SH E E T Application Security from the Cloud Imperva Incapsula cloud-based website security solution features the industry s leading WAF technology, as well as
More informationCA Security Management
CA Security CA Security CA Security In today s business environment, security remains one of the most pressing IT concerns. Most organizations are struggling to protect an increasing amount of disparate
More informationOktober 2018 Dell Tech. Forum München
Oktober 2018 Dell Tech. Forum München Virtustream Digital Transformation & SAP Jan Büsen Client Solutions Executive, Virtustream The Business Agenda: Digital IT = Competitive Advantage Business Driven
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More informationBest Practices for PCI DSS Version 3.2 Network Security Compliance
Best Practices for PCI DSS Version 3.2 Network Security Compliance www.tufin.com Executive Summary Payment data fraud by cyber criminals is a growing threat not only to financial institutions and retail
More informationTHE TRIPWIRE NERC SOLUTION SUITE
CONFIDENCE: SECURED BUSINESS INTELLIGENCE SOLUTION BRIEF THE TRIPWIRE NERC SOLUTION SUITE A TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on
More information