IBM Security Endpoint Manager- BigFix Daniel Joksch Security Sales
Establish security as an immune system Malware protection Incident and threat management Identity management Device management Data monitoring Transaction protection Firewalls Access management Entitlements and roles Data access control Privileged identity management Security research Sandboxing Endpoint patching and management Log, flow and data analysis Vulnerability assessment Criminal detection Antivirus Network visibility Content security Application security management Anomaly detection Application scanning Virtual patching Fraud protection 2
Establish security as an immune system Global Threat Intelligence Incident and threat management Firewalls Sandboxing Virtual patching Network visibility Antivirus Endpoint patching and management Malware protection Transaction protection Device management Content security Application scanning Application security management Security Intelligence Log, flow and data analysis Anomaly detection Vulnerability assessment Fraud protection Criminal detection Security Research Data monitoring Data access control Cloud Consulting Services Managed Services Privileged identity management Entitlements and roles Access management Identity management 3
IBM has the world s broadest and deepest security portfolio Global Threat Intelligence QRadar Incident Forensics QRadar Risk Manager Network Protection XGS SiteProtector BigFix Trusteer Apex zsecure MaaS360 AppScan DataPower Web Security Gateway Security Intelligence QRadar SIEM QRadar Log Manager QRadar Vulnerability Manager Trusteer Pinpoint Trusteer Mobile Trusteer Rapport IBM Security Research Guardium Key Lifecycle Manager Cloud Cloud Security Enforcer Consulting Services Managed Services Privileged Identity Manager Access Manager Identity Manager Identity Governance and Intelligence 4
IBM BigFix
Siloed IT Operations and Security Teams Disparate tools, manual processes, lack of integration and narrow visibility IT SECURITY Scan for compliance status Create security policies Identify vulnerabilities IT OPERATIONS Deploy/Remove software, apply patches and fixes Implement security and operational policy Manual process takes weeks / months 6
IBM BigFix: Bridge the gap between Security and IT Ops IT OPERATIONS SECURITY ENDPOINT MANAGEMENT Discovery and Patching IBM BigFix FIND IT. FIX IT. SECURE IT. FAST ENDPOINT SECURITY Continuous Monitoring Lifecycle Management Software Compliance and Usage Shared visibility and control between IT Operations and Security Threat Protection Incident Response Reduce operational costs while improving your security posture 7
IBM BigFix Platform Elements 8 Single Intelligent Agent Continuous self-assessment Continuous Policy enforcement Minimal system impact (<2% cpu) Single Server & Console Highly secure, highly available Aggregates data, analyzes & reports Manages >250k endpoints An existing TEM managed asset can become a relay in minutes Powerful policy language (Fixlets) Thousands of out-of-the-box policies Best practices for ops and security Simple custom policy authoring Highly extensible / applicable across all platforms Virtual Infrastructure Designate any TEM agent a relay or scan point Built-in redundancy Leverage existing systems/ shared infrastructure 8
IBM BigFix Supported OSes 9 Heterogeneous Platform Support (Managed Assets) Microsoft Windows Windows XP - 10, Server 2000 2012 R2 SUSE Linux Enterprise Red Hat Enterprise Linux CentOS Ubuntu Oracle Enterprise Linux Solaris IBM AIX HP-UX Mac OS X VMWare ESX Linux on System z Visibility into any IP enabled device through network scanning enabled in any TEM managed asset (Unmanaged Assets) 9
IBM BigFix Unified Management and Security IT OPERATIONS SECURITY IBM BigFix FIND IT. FIX IT. SECURE IT FAST Lifecycle Inventory Patch Compliance Protection Everything from provisioning and SW distribution to patching and remote control of Win, Mac and *nix endpoints Identify what software is installed and how its used to reduce costs and increase compliance Compress patch cycles to minutes/hours with 98-99% firstpass success Ensure continuous compliance of security, operational and regulatory policies Real-time protection from viruses, Trojan horses, spyware, rootkits, and other malware. Device control and data loss prevention available 10
Patch Management content and process benefits Review of MS Patch Tuesday and other source analysis Publish related Patch Fixlets content on IBM site Patch Fixlet content streamed to TEM Server and to Agents accordingly Patch Fixlet Relevance check and reporting Take Action on Patch Fixlets for relevant target computers 11 11
Compliance Continuous security configuration compliance Accurate, real-time visibility and continuous security configuration enforcement BigFix was designed for Continuous Compliance! Traditional versus Continuous Traditional Continuous RISK Time Traditional compliance out of synch High-risk and cost periods Manual approach causes endpoints to fall out of compliance again Continuous compliance set and forget No high-risk periods Lower total cost Continued improvement Identify and report on any configuration drift 98% patch and update compliance rate on 4,000+ workstations with 50% reduced labor costs Infirmary Health System 12
Why Gartner has recognized IBM as a Leader Magic Quadrant for Client Management Tools LEADER - Four Years in a ROW!! Gartner Magic Quadrant Report June 2015 Analyst(s): Kevin Knox, Terrence Cosgrove Link to Gartner MQ report Why Clients Select BigFix over Competition: Less infrastructure = Lower operational and admin costs Automation tools = Faster ROI and payback Note: This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from IBM. G00264801. Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or Greater implied, with respect visibility to this research, = Complete including any coverage warranties of merchantability of all endpoints or fitness for a particular purpose. Real time visibility and control = Faster time to compliance More OOB content = Faster incident response Proven industry success and client references of all sizes 13
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOU www.ibm.com/security Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
IBM BigFix Architecture 15