Agenda - PowerPoint PPT Presentation

View by Category
About This Presentation
Title:

Agenda

Description:

Title: Learn to Fish Author: IBM_USER Last modified by: Michael Campbell Created Date: 3/17/2005 7:15:16 PM Document presentation format: On-screen Show – PowerPoint PPT presentation

Number of Views:463
Avg rating:3.0/5.0
Slides: 34
Provided by: IBMU328
Learn more at: http://public.dhe.ibm.com
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Agenda


1
Agenda
Selling the IBM Security Portfolio Beginning
Part 3 of 3
  • Landscape/Background
  • Opportunity
  • Issues
  • CIO perspective
  • IBM Security Framework
  • Selling IBM Security Solutions for
  • Security Intelligence, Analytics and GRC
  • People (Identity and Access Management)
  • Data Security
  • Application Protection
  • Infrastructure - Network, Server and Endpoint
  • A Postscript to Boost Sales Possibilities
  • For More Information . . .

2
Managing Security for Endpoints - Challenges
  • How do I maintain the security and compliance of
    all my
  • endpoints, regardless of where they are located
    or
  • how they are connected, against a 24/7 ever
    evolving
  • threat landscape?
  • How do I achieve a high level or patch compliance
    across OSs and applications within days of a
    patch release while lowering end-user impact and
    operational costs?
  • In the event of a security incident, how do I
    ensure I can reach all my endpoints quickly
    enough to prevent further intrusion or
    disruption?

How do I ensure the security of mobile devices as
they access more and more sensitive systems?
3
Endpoint Manager, built on BigFix technology
EndpointManagerIT Security Solutions
EndpointManagerIT Operations Solutions
Unifying IT operations and security
4
Tivoli Endpoint Manager for Security and
Compliance
Tivoli Endpoint Manager
Microsoft Windows Mac OSX IBM AIX HP-UX
Solaris VMware ESX Server 7 versions of
Linux iOS Android Symbian Windows Mobile
IT Asset Management
IT Security and Compliance
IT Operations
Green IT
  • Network discovery
  • Managed endpoint hardware inventory
  • Managed endpoint software inventory
  • Software use Analysis
  • PC software license compliance analysis
  • Network discovery
  • Managed endpoint hardware inventory
  • Managed endpoint software inventory
  • Software use Analysis
  • PC software license compliance analysis
  • Patch management
  • Software distribution
  • OS deployment
  • Remote control
  • Server management
  • Security configuration baselines
  • Vulnerability assessment
  • Network self-quarantine
  • Personal firewall
  • Multi-vendor anti-malware management
  • Third-party anti-malware management
  • Web, file, email reputation services
  • Windows power management
  • Mac power management
  • Wake-on-LAN
  • Patch management
  • Software distribution
  • OS deployment
  • Remote control
  • Server management
  • Security configuration baselines
  • Vulnerability assessment
  • Network self-quarantine
  • Personal firewall
  • Multi-vendor anti-malware management
  • Third-party anti-malware management
  • Web, file, email reputation services
  • Windows power management
  • Mac power management
  • Wake-on-LAN

1 console, 1 agent, 1 server, many OSs
5
Endpoint Manager for Security and Compliance
  • Patch Management
  • Security Configuration Management
  • Vulnerability Management
  • Asset Management
  • Software Use Analysis
  • Network Self Quarantine
  • Multi-Vendor Endpoint Protection Management
  • Anti-Malware and Web Reputation Service

Library of 5,000 compliance settings, including
support for FDCC SCAP, DISA STIG
Discover 10 - 30 more assets than previously
reported
IBM Endpoint Manager
Achieve 95 first-pass success rates within
hours of policy or patch deployment
Automatically and continuously enforce policy at
the end point
6
Endpoint Manager and endpoint compliance
Traditional compliance
Continuous compliance
  1. Security and operations work together to
    formulate policies and service-level agreements
    (SLAs)
  2. Operations implements the baseline (patch,
    configuration, anti-virus, etc.) across all
    endpoints in the organization
  3. Policy compliance is continuously monitored and
    enforced at the endpoint changes are reported
    immediately
  4. The security team can instantly check on the
    current state of security and compliance anytime
  5. Security and operations teams work together to
    continually strengthen security and adjust to
    evolving requirements
  1. The security team develops compliance policies
  2. The security team runs an assessment tool (or
    tools) against that policy
  3. The security team forwards findings to operations
  4. Operations makes corrections as workload allows,
    one item at a time using different tools from
    security (which generates different answers to
    questions like how many endpoints do I have?)
  5. Users make changes causing endpoints to fall out
    of compliance again
  6. Start assessment all over again

7
Endpoint Manager for Core Protection
Endpoint Manager
Microsoft Windows Mac OSX IBM AIX HP-UX
Solaris VMware ESX Server 7 versions of
Linux iOS Android Symbian Windows Mobile
IT Asset Management
IT Security and Compliance
IT Operations
Green IT
  • Network discovery
  • Managed endpoint hardware inventory
  • Managed endpoint software inventory
  • Software use Analysis
  • PC software license compliance analysis
  • Network discovery
  • Managed endpoint hardware inventory
  • Managed endpoint software inventory
  • Software use Analysis
  • PC software license compliance analysis
  • Security configuration baselines
  • Vulnerability assessment
  • Network self-quarantine
  • Personal firewall
  • Multi-vendor anti-malware management
  • Third-party anti-malware management
  • Web, file, email reputation services
  • Security configuration baselines
  • Vulnerability assessment
  • Network self-quarantine
  • Personal firewall
  • Multi-vendor anti-malware management
  • Third-party anti-malware management
  • Web, file, email reputation services
  • Patch management
  • Software distribution
  • OS deployment
  • Remote control
  • Server management
  • Patch management
  • Software distribution
  • OS deployment
  • Remote control
  • Server management
  • Windows power management
  • Mac power management
  • Wake-on-LAN
  • Windows power management
  • Mac power management
  • Wake-on-LAN

1 console, 1 agent, 1 server, many OSs
8
Endpoint Manager for Core Protection
Protecting endpoints from viruses, malware and
other malicious threats
Overview Delivers single-console, integrated
cloud-based protection from viruses, malware and
other malicious threats via capabilities such as
file and web reputation, personal firewall, and
behavior monitoring
  • Highlights
  • Delivers real-time endpoint protection against
    viruses, Trojan horses, spyware, rootkits and
    other malware
  • Protects through cloud-based file and web
    reputation, behavior monitoring and personal
    firewall
  • Provides virtualization awareness to reduce
    resource contention issues on virtual
    infrastructures
  • Leverages industry-leading IBM and Trend Micro
    technologies with a single-console management
    infrastructure

9
Key Benefits Features of Data Protection Add-on
  • Real-time content scanning of sensitive data
  • Out-of-the-box compliance templates to detect
    credit card numbers, social security numbers,
    among other sensitive data
  • Monitoring and enforcement of multiple egress
    points (email, browser, USB, etc)
  • Low TCO Addresses baseline data protection
    requirements with minimal cost and investment
    scales to 250,000 endpoints on a single server

10
Tivoli Endpoint Manager for Mobile Device
Management
Tivoli Endpoint Manager
Microsoft Windows Mac OSX IBM AIX HP-UX
Solaris VMware ESX Server 7 versions of
Linux iOS Android Symbian Windows Mobile
IT Asset Management
IT Security and Compliance
IT Operations
Green IT
  • Network discovery
  • Managed endpoint hardware inventory
  • Managed endpoint software inventory
  • Software use Analysis
  • PC software license compliance analysis
  • Network discovery
  • Managed endpoint hardware inventory
  • Managed endpoint software inventory
  • Software use Analysis
  • PC software license compliance analysis
  • Security configuration baselines
  • Vulnerability assessment
  • Network self-quarantine
  • Personal firewall
  • Multi-vendor anti-malware management
  • Third-party anti-malware management
  • Web, file, email reputation services
  • Windows power management
  • Mac power management
  • Wake-on-LAN
  • Security configuration baselines
  • Vulnerability assessment
  • Network self-quarantine
  • Personal firewall
  • Multi-vendor anti-malware management
  • Third-party anti-malware management
  • Web, file, email reputation services
  • Windows power management
  • Mac power management
  • Wake-on-LAN
  • Patch management
  • Software distribution
  • OS deployment
  • Remote control
  • Server management
  • Patch management
  • Software distribution
  • OS deployment
  • Remote control
  • Server management

1 console, 1 agent, 1 server, many OSs
11
Managing Mobile Devices The Solution
  • Endpoint Manager for Mobile Devices
  • Enable password policies
  • Enable device encryption
  • Force encrypted backup
  • Disable iCloud sync
  • Access to corporate email, apps, VPN, WiFi
    contingent on policy compliance!
  • Selectively wipe corporate data if employee
    leaves company
  • Fully wipe if lost or stolen

12
PCs and mobile devices have many of the same
management needs
Traditional Endpoint Management
Mobile Device Management
  • Device inventory
  • Security policy mgmt
  • Application mgmt
  • Device config (VPN/Email/Wifi)
  • Encryption mgmt
  • Roaming device support
  • Integration with internal systems
  • Scalable/Secure solution
  • Easy-to-deploy
  • Multiple OS support
  • Consolidated infrastructure
  • Device Wipe
  • Location info
  • Jailbreak/Root detection
  • Enterprise App store
  • Self-service portal
  • OS provisioning
  • Patching
  • Power Mgmt
  • Anti-Virus Mgmt

13
How does Endpoint Manager manage mobile devices?
  • Agent-based Management
  • Android via native BigFix agent
  • iOS via Apples MDM APIs
  • Full management
  • Email-based management through Exchange and Lotus
    Traveler
  • Supported platforms iOS, Android, Windows Phone,
    Windows Mobile, Symbian
  • Subset of management - management of email on the
    device and the ability to lock and wipe the
    device

Category Endpoint Manager Capabilities
Platform Support Apple iOS, Google Android, Nokia Symbian, Windows Phone, Windows Mobile
Management Actions Selective wipe, full wipe, deny email access, remote lock, user notification, clear passcode
End-User Services Self-service portal, enterprise app store, authenticated enrollment (AD/LDAP)
Application Management Application inventory, enterprise app store, whitelisting, blacklisting, Apple VPP
Policy Security Management Password policies, device encryption, jailbreak root detection
Location Services Track devices and locate on map
Enterprise Access Management Configure email, VPN, and Wi-Fi certificate management
Expense Management Enable/disable voice and data roaming
14
Endpoint Manager extends the value proposition
for existing endpoint and server security
customers
Endpoint Manager Family Value-Add
Proventia Desktop (PD) and Endpoint Secure Control (ESC) Robust, scalable BigFix platform for delivering full lifecycle and security applications and content Core PD applications move to BigFix Upgrade 400 PD customers to Endpoint Manager Lifecycle and Security Management suites
Tivoli Security Compliance Manager (TSCM) Vulnerability assessment and patch management for remediation Lightweight, flexible platform SCAP certifications for US Federal TSCM is at end-of-market so, TEM SC is not an upsell, per se. Upgrade 400 SCM clients (200 individual, 200 ITD) to patch management to remediate configuration vulnerability issues Upgrade to full Endpoint Manager Family
Proventia Server (IBM Security Server Protection) RealSecure Server Sensor Integrated platform for management, patching, config compliance and threat prevention Ability to sell/manage anti-malware Add patch, configuration and vulnerability management Anti-malware (via Trend Micro) for more complete compliance/ protection
IBM Security Access Manager for Enterprise Single Sign-On (E-SSO) Extend endpoint management value delivered by SAM E-SSO, to include Endpoint Manager deployment Strengthens endpoint ROI case Extend ROI / productivity gains from ESSO (450 installs) by adding Endpoint Manager Lifecycle Management
Up-Sell Opportunity
15
EndPoint Security Sales Insights (including
Competition)
IBM Internal/Business Partner Use Only Not for
Use with Clients
  • Endpoint continuous compliance, monitoring,
    visibility and take remediary action focus is a
    big play in these days of compliance focus and
    audit and intrusion fears
  • Dont accept We dont need this product because
    We already have security products for our
    endpoints (e.g. NAV for anti-virus, SCCM for
    patch management)
  • A Endpoint Manager proof of concept can
    dramatically demonstrate
  • Wow! We have more OSs, devices, endpoints than
    we thought, and we need to protect them! (Some
    werent installed, werent up-to-date, werent up
    and running, )
  • Wow! This product works! Its up and running
    quickly, it is accurate, it has a wealth of
    capabilities and there is really fast time to
    value!
  • Look for the following large scale deployments
    - tool consolidation, 3rd-party patching,
    continuous compliance focus, anti-virus
    consolidation/replacement.

16
Security Challenges Specific to the Mainframe
  • Compliance
  • Compliance verification is a manual task with
    alerts coming after a problem has occurred, if at
    all
  • Complexity
  • The mainframe is an integral component of many
    large business services, making the
    identification and analysis of threats very
    complex and creating a higher risk to business
    services
  • Systems are vulnerable to the unmanaged
    activities of privileged users.
  • Cost
  • Mainframe security administration is usually a
    manual operation, or relies upon old, poorly
    documented scripts.
  • Administration is done by highly skilled
    mainframe resources that are usually in short
    supply.

Ensuring Compliance
Rising Costs
17
zSecure suite Capabilities
Auditing Compliance Reporting Vulnerability
analysis for your mainframe infrastructure.
Automatically analyze and report on security
events and detect security exposures
Enhanced Administration Enables more efficient
and effective RACF administration, using
significantly fewer resources
Visual Administration Helps reduce the need for
scarce, RACF-trained expertise through a
Microsoft Windowsbased GUI for RACF
administration
Event Alerting Real-time mainframe threat
monitoring permits you to monitor intruders and
identify misconfigurations that could hamper your
compliance efforts
CICS based Administration Provides access RACF
command APIs from a CICS environment, allowing
for additional administrative flexibility
Command Verification Policy enforcement solution
that helps enforce compliance to company and
regulatory policies by preventing erroneous
commands
Administration Auditing for z/VM Combined audit
and administration for RACF in the VM environment
including auditing Linux on System z
18
zSecure suite Business Benefits
  • Helps to reduce cost and improves resource
    utilization
  • Task automation reduces labor cost to perform
    essential z/OS and RACF security functions
  • Simplified UI allows less experienced resources
    to perform key security functions, freeing up
    skilled mainframe resources and allowing
    administer to manage security rather than using
    system programmer skills.
  • Improved system availability with automated
    analysis and detection of threats and
    configuration changes.
  • Proactive compliance monitoring
  • Automated compliance monitoring, customized to
    fit your business, issues real time alerts on
    external threats, inappropriate data access or
    misconfiguration
  • Real-time blocking of dangerous RACF commands
    helps prevent privileged user abuse
  • Automated data collection for compliance
    reporting, audit trail analysis and forensic
    research.
  • Improves efficiency and quality
  • Automated functions reduce mistakes that lead to
    data exposure and costly outages
  • Single point of administration easily manages
    large and small z/OS environments, and multiple
    RACF databases
  • Streamlined management of privileged users
    quickly identifies removes unnecessary access
    to information

19
Solving Customer Security Challenges in Mainframe
Environmentsz/OS, z/VM and Linux on System z
Illustrated to auditors that preventative,
detective and corrective controls are installed
Automate continuous compliance to address
worldwide industry standards and regulations
Reduced identity and access security management
overhead and costs with integrated security
management
Improve administrator effectiveness with
built-in best practices
Used IBM technologies to track and redact medical
information from imaged documents.
Protect the integrity of sensitive enterprise
data
Major healthcare organization
Establish user identification services for
compliance and governance
Simplify mainframe administration and auditing
for compliance and governance
20
zSecure provides customers with significant
business value
zSecure IBM's Significant Product Capabilities IBM's Business Value
Enhanced Administration Automated cleanup of orphan accounts Off line change management change modeling RACF DB merges Cascading permissions for Group Tree Structures Helps improve security at lower labor cost Aids in reducing costs by avoiding configuration mistakes Eases labor cost for directory merges Helps reduce labor cost by more efficient group management
Auditing Compliance Customizable reports Automated risk classification Broad coverage of audit control points Security Intelligence to identify and manage Trusted Users Exceptional coverage of security event records Can provide report that match business model / business requirements Helps optimize labor utilization by prioritizing tasks Aids in reducing cost by helping eliminate outages not detected by non-IBM solutions Address business risk by helping to find segregation of duties exposure
21
zSecure provides customers with significant
business value
zSecure IBM's Significant Product Capabilities IBM's Business Value
Alerting Can capture unauthorized back door changes to RACF, Security Policies Extensive coverage of real time audit control points, especially network Can reduce cost by helping eliminate outages not detected by competition
Command Verification Auditing of RACF changes by Privileged Users Can complete audit in seconds, not days, reducing labor cost
Visual Administration Real time, on line updates Integrates w/ HR Systems (PeopleSoft, SAP, etc.) Roles based administration for separation of duties Manage from a single screen Permits changes in minutes, not overnight Enables better business control by providing access for only current employees contractors Helps minimize business risk by enabling segregation of duties Aids in reducing labor cost and errors
CICS based administration Externalizes authentication from the application Can lower application development and maintenance costs
22
IBM Security zSecure suite products
Combined audit and administration for RACF in the
VM environment including auditing Linux on System
z
Vulnerability analysis for your mainframe
infrastructure. Automatically analyze and report
on security events and detect security exposures
Enables more efficient and effective RACF
administration, using significantly fewer
resources
Real-time mainframe threat monitoring permits you
to monitor intruders and identify
misconfigurations that could hamper your
compliance efforts
Helps reduce the need for scarce, RACF-trained
expertise through a Microsoft Windowsbased GUI
for RACF administration
Policy enforcement solution that helps enforce
compliance to company and regulatory policies by
preventing erroneous commands
Provides access RACF command APIs from a CICS
environment, allowing for additional
administrative flexibility
Note ACF2 and Top Secret are either registered
trademarks or trademarks of CA, Inc. or one of
its subsidiaries.
23
You Survived the Security Gauntlet . . . Time for
a Knowledge Check
IBM Internal/Business Partner Use Only Not for
Use with Clients
Match customer need with IBM security solution
  • Provisioning and managing users
  • Comprehensive single sign-on
  • Proactive threat mitigation
  • RACF administration ease of use
  • Patch management, endpoint protection asset
    discovery and mobile device security

C
C
A, B, C, D
B
A
D
C IBM Security Identity Access
Assurance D Endpoint Manager Family
A IBM Security zSecure suite B IBM Security
Network IPS
24
Move Up the Food Chain Whenever You Can
24
IBM Internal/Business Partner Use Only Not for
Use with Clients
25
P.S. Tivoli Directory Server
25
  • A registry/directory/repository . . . For
    multiple applications to share consistent,
    up-to-date info about users
  • World-class technology (DB2 underpinnings)
  • Aids IBM Security Sales, by being in the package
    (limited use license) comes in the AMeb, TIM,
    TFIM,. packages.
  • Can compete on its own with other
    Directory/Registry providers
  • Performance/scalability
  • Performance/scalability
  • Did we mention performance/scalability?
  • Wide platform coverage. (AIX, Solaris, HP-UX,
    Linux (zSeries, iSeries, xSeries, pSeries),
    Windows 2003/2008, z/OS)
  • OpenGroup LDAP v2 certified (Only TDS and Apache
    are listed at http//www.opengroup.org/openbrand/r
    egister/ )
  • Common Criteria evaluation of EAL 4 (2009)
    (Oracle is 4 (2008), CA is 3 (2007))
  • Price. Can beat Sun, for example, on price.
  • Good in large deployments. Some vendor LDAP
    servers (e.g. Sun) have an architecture requiring
    all directory entries to be cached in memory to
    give good performance. TDS offers good
    performance in configurations where the number of
    directory entries is too large to be cached in
    memory.

26
P.S. Tivoli Directory Integrator
26
  • Lotus Connections
  • Maps/maintains enterprise users into Connections
    DBs (various sources)
  • Sametime Unified Telephony
  • Integrates w/PBX middleware that controls
    physical telephone switches
  • Help desk integration
  • Integration between TSRM 3rd party helpdesk
    systems
  • Tivoli Identity Manager
  • TIMs integration platform for new supported
    adapters. Customers use TDI as their extension
    point for customization.
  • WebSphere Commerce Server
  • Automatically add customers to Lotus Connections
    through published WWW interface into TDI
  • IBM Mashup Center
  • Provides WWW access to enterprise data such as
    SAP, Domino, and other TDI-accessible resources
  • Compliance Management
  • TSIEM scans audit log files. TDI reads from
    custom systems in the field to create W7 format
    logs.
  • Tivoli Directory Server
  • TDI acts as an SNMP agent for TDS, IBMs great
    LDAP server.
  • TADDM Service Management IT infrastructure
    discovery
  • Custom integration of asset information into
    TADDM and CCMDB using the IdML XML format
  • Network Monitoring drives TSRM ticket generation

Blue Glue - Closes the gaps between products
27
To successfully sell security, you must include
the right stakeholders during the sales cycle
IBM Internal/Business Partner Use Only Not for
Use with Clients
LOB owners
SOA/App Architects
Security Admin
Network / Operations
Identity and Access Management
Application/Db Authorization
Federation
Web Security
User AccountProvisioning
KeyManagement
Compliance
Threat Mitigation
(The solution categories shown typically move
right over time (For ex. - Federation and Web
Security both started more in the
SOA/Application Architects domain))
28
IBM Internal/Business Partner Use Only Not for
Use with Clients
Resources IBM Putting Collateral at Your
Fingertips
Top of mind items Sales Plays, SVSA, Security
Talk replays
Single landing page URL to bookmark
Links to all non-SSD Sales Kits
Links to all SSD Sales Kits
http//w3.ibm.com/software/xl/portal/products?nav.
selection/securitysystems
and more . . .
29
Business Partner Security Collateral -
PartnerWorld
IBM Internal/Business Partner Use Only Not for
Use with Clients
Key Resources Sales Plays, Security Talk
Replays, Sales Kits, Top Gun Preparation
Single landing page URL to bookmark
ibm.com/partnerworld/security
30
IBM Internal/Business Partner Use Only Not for
Use with Clients
Resources IBM Leverage the Power of the Full
IBM Security Team
w3 Connections IBM security contacts
PPT PartnerWorld IBM Security contacts PPT
Plus Tiger Team, SWAT, Sales, . . . contacts
(incl. non SSD)
31
IBM Security Sales Kits
IBM Internal/Business Partner Use Only Not for
Use with Clients
  • A Sales Kit for each IBM Security Product
  • Linked to from the IBM Security Landing pages
    (see previous chart)
  • 80-20 approach (The 20 of the collateral you
    need 80 of the time)
  • Easy One Stop Shopping
  • Ongoing sweeps are done, to ensure relevance,
    up-to-datedness
  • Includes up-to-date contact info



Value proposition Benefits Average Deal
Size/Pricing Lead Passing Guidelines Cross
Selling Target Audience Pain Points Key
Questions Seller Call to Action Competitive
Differentiators References Platform
Announcement letters Case studies Client
presentation Client References Contacts Data
Sheets Demos Education offering
solution Education - skills knowledge
building FAQ Presentations for IBM Sellers
Press releases Pricing information Proof of
concept Proposal Support Materials Redbooks Reques
t a quote Return on Investment (ROI) Solution/prod
uct information Technical sales Web
sites/blogs/wikis Wins and successes

Self explanatory
32
IBM Security References
IBM Internal/Business Partner Use Only Not for
Use with Clients
  • IBM sales professionals contribute
  • Through successful sales (revenue)
  • Through references
  • Expand the impact/scope of your sales successes
  • Assist your peers
  • Thereby positively impacting IBM Security
    revenue, your salary, variable pay
  • We ask that you
  • Review your customers . . . in terms of their
    willingness to be a reference
  • Submit information about the reference customers
    who you identify and negotiate online here.
  • Need help in explaining the reference process to
    your client?
  • Either visit the Client Reference wiki for
    information, or contact your Client References
    Specialist for help.
  • All client references are welcome. In
    particular, we need of references for
  • TSPM, SIAA and zSecure
  • Any questions, please feel free to contact us.
    (See Client References Specialist .)

33
Youve Made It!
33
About PowerShow.com