SlideShare una empresa de Scribd logo

Ibm tivoli access manager for operating systems host based intrusion prevention for applications and platforms redp3781

Banking at Ho Chi Minh city
Banking at Ho Chi Minh city
Tecnología
1 de 10
Descargar para leer sin conexión
Redbooks Paper Axel Buecker Shawn Young IBM Tivoli Access Manager for Operating Systems: Host-Based Intrusion Prevention for Applications and Platforms “A lot of companies have gone to a lot of effort to protect themselves from being hacked, but it’s a lot harder to stop a rogue employee … . We have the technology, but we’re not using it.” —The Washington Post, December 3, 2002 Employees—not hackers, not viruses—present the chief threat to IT security. In the biggest identity theft case yet reported, employees stole 30,000 consumer financial reports over three years. A ring of scam artists, in turn, paid the employees $30 for each stolen report. Ultimately, consumers lost more than $2.7 million. Law enforcement estimates that more than half of all identity thefts occur as a result of employees. In this IBM® Redpaper, we discuss IBM Tivoli® Access Manager for Operating Systems, a simple-to-use, powerful security system that securely locks down business-critical applications, operating platforms, and files from unauthorized access. This firewall-like capability prevents both insiders and outsiders from the unauthorized access to and use of vital customer, employee, and business partner data. Additionally, Tivoli Access Manager for Operating Systems audits application and platform activity to ensure compliance with corporate policies and government regulation. In an increasingly wired yet insecure world, Tivoli Access Manager for Operating Systems provides the assurance that customers, employees, and partners expect, and the rigorous auditing that the government and senior management require. © Copyright IBM Corp. 2003. All rights reserved. ibm.com/redbooks 1
Overview Tivoli Access Manager for Operating Systems erects and enforces a seamless security perimeter to UNIX/Linux systems to provide protection for business-critical systems and auditing of all users. These controls even apply to “Root” super-users, a notoriously difficult-to-secure UNIX/Linux group. Unchecked and unmonitored Root users are often the source of considerable abuse. Tivoli Access Manager for Operating Systems prevents misbehavior by Root users and all other users through the rigorous application of access controls on resources, files, and data. Further, hackers favor Root accounts as targets because Root users typically create backdoor access routes in order to bypass basic protocols. As a result, while the majority of cyber theft results from internal abusers, the application of adequate controls on Root accounts will also prevent a significant amount of external cyber theft. Tivoli Access Manager for Operating Systems ensures 24x7 protection from unauthorized access to business-critical applications by providing bulletproof controls against malicious actions. Most business-critical applications today are hosted on UNIX—or, increasingly, Linux—and are deployed throughout the enterprise network environments as shown in Figure 1. These applications include ERP, CRM, SCM, Human Resource Management applications, and Middleware platforms such as IBM WebSphere. Most of these applications offer inadequate out-of-the-box security and auditing for today’s enterprise. AS/400 S/390 UNIX Security M anagement 55% of data theft NT occurs here Mission-Critical Servers Proxy-Server W orkload Core Network M anagem ent Certificate Backup W eb Authority Restore Servers Internet VPN Single Sign-on Access Security Auditing Merchant Perim eter Network Firew all Server E-M ail Intrusion Active Detection Content Filtering PC Security Access Network Customers PC Anti-Virus Suppliers Distributors Business Partners M obile Employees Figure 1 The IT security map Policy-based security: peace of mind in troubled times The heart of an effective security program lies in its security policy. The bottom line is that everyone—partners, employees, customers, auditors, government regulators, and senior management—is looking for a security policy that guarantees the privacy and confidentiality of sensitive information. Never before have CIOs faced so many constituents demanding tight protection and accountability. Management and boards of directors no longer accept the 2 IBM Tivoli Access Manager for Operating Systems
running of expensive applications on insecure operating systems and ineffective protocols. Tivoli Access Manager for Operating Systems ensures that security policy is easily implementable, robust, and comprehensive. Easy-to-use: Because security policy is crucial to operational effectiveness, there’s no forgiving a security policy that is difficult to understand and challenging to enforce. Tivoli Access Manager for Operating Systems simplifies policy through multiple methods. The first is through Web Portal Manager, a GUI-based, web-accessible management tool. Security policy can now be managed in a point-and-click format. Command-line interfaces and script accommodation afford UNIX and Linux experts even greater ease. Simplicity is further ensured through Tivoli Access Manager for Operating Systems’ Fast Track Policy Modules. Fast Track Policy Modules are pre-written, best-practice security policies. They provide a method for demanding enterprises to quickly adopt effective security. Security threats multiply daily, and CIOs cannot be expected to wait on slow security policies. While enterprises can use Tivoli Access Manager for Operating Systems’ Web Portal Manager to design and set detailed policy if they wish, enterprises accelerate their ROI through the use of Fast Track Policy Modules. Fast Track Policy Modules also come in application-specific versions offering customers out-of-the-box customization. These pre-written, best-practice policies make it easy to tailor security policy for specific missions. These missions may include, for instance, enhancing Web security or defending CRM, ERP, or other applications and databases. Simplicity is crucial for an effective security policy. Through Web Portal Manager, shown in Figure 2, security policies can be managed in a point-and-click fashion. Figure 2 Web Portal Manager interface IBM Tivoli Access Manager for Operating Systems 3
Powerful: Power is provided through Tivoli Access Manager for Operating Systems’ multi-threaded architecture. This enables Tivoli Access Manager for Operating Systems to operate fully 22 times faster than its leading competitor. This performance also means that CIOs no longer have to trade operating efficiency for security. Applications run smoothly even with the rigorous security added by Tivoli Access Manager for Operating Systems. With Tivoli Access Manager for Operating Systems, administrators can set and enforce three types of security policy: password policy, login policy, and resource policy. In the case of password policy, for instance, administrators can require the timely changing of passwords, or passwords of a specified length and alphanumeric mix. In the case of login policy administrators can determine where users can access systems or what files they can access remotely. Resource policy enables administrators to restrict access to systems, files, and data on a “need-to-know” basis. Comprehensive: As a result of its industry-leading power, Tivoli Access Manager for Operating Systems successfully scales throughout the enterprise, enforcing security comprehensively. It enables management to set a single security policy that is implemented and enforced worldwide. Centralization ensures adherence to corporate guidelines and government regulations. With Web Portal Manager, Tivoli Access Manager for Operating Systems policy can be managed from a Web-based tool. The benefit of this approach is that it enables an enterprise’s security managers to delegate limited authority for routine or emergency matters to specified, local sub-domain administrators. This scheme offers maximum control while affording flexibility when necessary. In a case of network interruption, control can be delegated to local subdomain administrators without granting local administrators excessive access or access to other subdomains. Auditing: proof positive in a cynical world Defending resources is equally as important as auditing resources. Gone are the days when a CIO could simply attest that the network was secure. Amid unrelenting attacks, omnipresent threats, and widely publicized failures, customers, partners, and regulators all demand proof of effective security controls. Tivoli Access Manager for Operating Systems responds to this need through Persistent Universal Auditing, which maintains 24x7 audit logs on all programs, files, ports, resources, and systems. This provides administrators with a centralized report on security events, enabling administrators to review which users accessed what resources, how, and when. Misbehavior rarely occurs just once. It occurs frequently. Regular audits prevent prolonged abuse. The most successful information thieves endure through “creep and take” tactics. Through incremental attacks over long periods of time they accumulate extensive amounts of sensitive data and insidiously degrade system defenses. Because they typically are insiders, such “CAT thieves” present significant risk—much more than regular Internet hackers. Insiders, after all, know on which systems valuable information resides and how to best circumvent security protocols. Recurrent auditing with Tivoli Access Manager for Operating Systems prevents CAT attacks. The United States government has responded to financial scandals and health care concerns through the Sarbanes-Oxley Act of 2002 and the Health Insurance Portability and Accountability Act of 1996 (HIPAA). These two sets of legislation require the erection of significant barriers to secure sensitive financial and health care data. In addition, regular auditing is required to prove that confidential and private information is handled only on a need-to-know basis. Countries around the globe have enacted similar legislation. European legislation has gone even farther in its privacy and confidentiality requirements. 4 IBM Tivoli Access Manager for Operating Systems
Architecture: simple, lean, and muscular Tivoli Access Manager for Operating Systems is built on a lightweight, powerful, easily installed architecture. This simple architecture centers on the Tivoli Access Manager Policy Server. This server houses all security policies and can also maintain the database of all users in an LDAP directory. Tivoli Access Manager for Operating Systems relies on its Security Agent for local policy enforcement. The Security Agent locally protects and audits each server, acting as a host-based firewall in physically preventing unauthorized users from accessing files. Exceeding typical firewall capability, Tivoli Access Manager for Operating Systems restricts both incoming and outgoing network traffic, providing a matchless level of security for TCP/IP ports. The Security Agent also locally audits the use of applications, files, and resources. Figure 3 is an overview of the architecture of Tivoli Access Manager for Operating Systems. Access Manager Policy Server Centralized server contains • Policy database • User IDs (LDAP) SSL connection Management Server maintains policy Policy Server maintains policy Security Agent enforces policy Security Agent Erects security perimeter • Intercepts system call • Make access decision Security Agent • Writes audit record Figure 3 Tivoli Access Manager for Operating Systems architecture For full security even during network interruptions, the Security Agent replicates the security policy and user identifications locally. In the event that the network connection fails, the Security Agent is fully able to make access decisions without the Policy Server being present. Linux: bulletproof answer to open source questions “Open source software is now the major source of elevated security vulnerabilities for IT buyers.” The majority of the 29 advisories issued from January through October 2002 by Carnegie Mellon’s CERT Coordination Center addressed vulnerabilities in open source or Linux products. —eWeek, Nov. 22, 2002 Linux provides a revolutionary platform with superb flexibility, dependability, and value—and a whole new set of security challenges. Typically, however, it is not the enterprise’s only operating system. In today’s heterogeneous enterprise, an effective security solution must be IBM Tivoli Access Manager for Operating Systems 5
able to secure and run on a variety of platforms. Tivoli Access Manager for Operating Systems can secure a wide range of Linux and UNIX® operating environments, and constantly expands its coverage. Tivoli Access Manager for Operating Systems supports Linux on iSeries, xSeries, pSeries, and zSeries® platforms. Integration: flexibility on demand Tivoli Access Manager for Operating Systems provides unparalleled breadth in value through full integration with the market’s leading identity management, identity provisioning, and security management products. IBM Tivoli Identity Manager, IBM Tivoli Access Manager for e-business, IBM Tivoli Privacy Manager, and IBM Tivoli Risk Manager all effectively complement Tivoli Access Manager for Operating Systems. Use of a common approach and infrastructure enables customers to rapidly meet demands for increased responsiveness, improved efficiency, and greater economy. 3rd Party Network Intrusion Software Firewalls Anti-Virus Detection VPN Security Tivoli Risk Manager Management Tivoli Tivoli Tivoli Identity Access Privacy Manager Manager Manager User Management User Application Privacy Provisioning Protection Assurance IBM Directory Server Directory Management IBM Directory Integrator Figure 4 IBM Tivoli Integrated Identity and Security Management The IBM Tivoli Integrated Identity Management suite (shown in Figure 4) scales to precisely meet customers’ needs, whether those needs are narrowly focused or broadly conceived. These solutions work together to provide significant return on investment and exceptional levels of service to internal and external users. Close cooperation with industry partners in developing standards ensures that Tivoli’s Integrated Identity Management suite is both widely interoperable and remarkably rigorous. Summary: exceptional solution for an insidious threat “The hacker who just stole your records is just as likely to be an insider as an outsider … Computer break-ins by insiders often do more damage than when a remote hacker gets into the system … They know what to take; they know what is important.” —The Atlanta Journal-Constitution, May 14, 2003 6 IBM Tivoli Access Manager for Operating Systems
In a recent case involving a large consumer goods company, a hacker pilfered the confidential financial, Social Security, and employee records of 450 co-workers. The employee bypassed protocols to slip into the company’s computer system without authorization. Incidents of insider cyber theft are rising rapidly. With increasing amounts of valuable consumer, employee, and partner data being accumulated, the incentives for insider misbehavior are increasing as well. Organizations face growing risk. Simultaneously, regulators and legislators are targeting enterprises that do not implement effective controls with fines and increased scrutiny. CIOs face unrelenting pressure for improved security, auditability, and accountability. The most economic and effective solution for CIOs is to combine comprehensive intrusion prevention technology—host-based firewall capability, application and platform protection, user tracking and controls—with persistent auditing capability. In a lightweight, powerful way, Tivoli Access Manager for Operating Systems does exactly this. No longer do organizations need to run business-critical applications on mainframes in order to enjoy mainframe-class security. With Tivoli Access Manager for Operating Systems they can enjoy mainframe-class security on distributed systems. And they can enjoy the peace of mind that comes when valuable data is fully secured and all users are held fully accountable. The team that wrote this Redpaper This Redpaper was produced by a team of specialists from around the world working at the International Technical Support Organization, Austin Center. Axel Buecker is a Certified Consulting Software I/T Specialist at the International Technical Support Organization, Austin Center. He writes extensively and teaches IBM classes worldwide on areas of Software Security Architecture. He holds a degree in computer science from the University of Bremen, Germany. He has 17 years of experience in a variety of areas related to Workstation and Systems Management, Network Computing, and e-business solutions. Before joining the ITSO in March 2000, Axel worked for IBM in Germany as a Senior I/T Specialist in Software Security Architecture. Shawn Young is the IBM Tivoli Access Manager for Operating Systems' worldwide product manager. While at IBM he has contributed to the development of a number of leading edge security products. He has an extensive background in management consulting and has consulted with leading Fortune 500 companies on customer-centric approaches to improved operational effectiveness. He holds a degree in Economics and Public Policy from Rice University and a Masters degree in Business Administration from the University of California, Los Angeles' Anderson School of Management. Thanks to the following person for her contribution to this project: Betsy Thaggard International Technical Support Organization, Austin Center IBM Tivoli Access Manager for Operating Systems 7
8 IBM Tivoli Access Manager for Operating Systems
Notices This information was developed for products and services offered in the U.S.A. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not give you any license to these patents. You can send license inquiries, in writing, to: IBM Director of Licensing, IBM Corporation, North Castle Drive Armonk, NY 10504-1785 U.S.A. The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you. This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk. IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you. Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental. COPYRIGHT LICENSE: This information contains sample application programs in source language, which illustrates programming techniques on various operating platforms. You may copy, modify, and distribute these sample programs in any form without payment to IBM, for the purposes of developing, using, marketing or distributing application programs conforming to the application programming interface for the operating platform for which the sample programs are written. These examples have not been thoroughly tested under all conditions. IBM, therefore, cannot guarantee or imply reliability, serviceability, or function of these programs. You may copy, modify, and distribute these sample programs in any form without payment to IBM for the purposes of developing, using, marketing, or distributing application programs conforming to IBM's application programming interfaces. © Copyright IBM Corp. 2003. All rights reserved. 9
Trademarks The following terms are trademarks of the International Business Machines Corporation in the United States, other countries, or both: IBM® Redbooks(logo) ™ zSeries® ibm.com® Tivoli® The following terms are trademarks of other companies: UNIX is a registered trademark of The Open Group in the United States and other countries. Other company, product, and service names may be trademarks or service marks of others. 10 IBM Tivoli Access Manager for Operating Systems

Recomendados

Minutes c ouncil 12-07-10
Minutes c ouncil 12-07-10Minutes c ouncil 12-07-10
Minutes c ouncil 12-07-10gholten
 
Postgresql v15.1
Postgresql v15.1Postgresql v15.1
Postgresql v15.1Banking at Ho Chi Minh city
 
Postgresql v14.6 Document Guide
Postgresql v14.6 Document GuidePostgresql v14.6 Document Guide
Postgresql v14.6 Document GuideBanking at Ho Chi Minh city
 
IBM MobileFirst Platform v7.0 Pot Intro v0.1
IBM MobileFirst Platform v7.0 Pot Intro v0.1IBM MobileFirst Platform v7.0 Pot Intro v0.1
IBM MobileFirst Platform v7.0 Pot Intro v0.1Banking at Ho Chi Minh city
 
IBM MobileFirst Platform v7 Tech Overview
IBM MobileFirst Platform v7 Tech OverviewIBM MobileFirst Platform v7 Tech Overview
IBM MobileFirst Platform v7 Tech OverviewBanking at Ho Chi Minh city
 
IBM MobileFirst Foundation Version Flyer v1.0
IBM MobileFirst Foundation Version Flyer v1.0IBM MobileFirst Foundation Version Flyer v1.0
IBM MobileFirst Foundation Version Flyer v1.0Banking at Ho Chi Minh city
 
IBM MobileFirst Platform v7.0 POT Offers Lab v1.0
IBM MobileFirst Platform v7.0 POT Offers Lab v1.0IBM MobileFirst Platform v7.0 POT Offers Lab v1.0
IBM MobileFirst Platform v7.0 POT Offers Lab v1.0Banking at Ho Chi Minh city
 
IBM MobileFirst Platform v7.0 pot intro v0.1
IBM MobileFirst Platform v7.0 pot intro v0.1IBM MobileFirst Platform v7.0 pot intro v0.1
IBM MobileFirst Platform v7.0 pot intro v0.1Banking at Ho Chi Minh city
 

Recomendados

Minutes c ouncil 12-07-10
Minutes c ouncil 12-07-10Minutes c ouncil 12-07-10
Minutes c ouncil 12-07-10gholten
 
Postgresql v15.1
Postgresql v15.1Postgresql v15.1
Postgresql v15.1Banking at Ho Chi Minh city
 
Postgresql v14.6 Document Guide
Postgresql v14.6 Document GuidePostgresql v14.6 Document Guide
Postgresql v14.6 Document GuideBanking at Ho Chi Minh city
 
IBM MobileFirst Platform v7.0 Pot Intro v0.1
IBM MobileFirst Platform v7.0 Pot Intro v0.1IBM MobileFirst Platform v7.0 Pot Intro v0.1
IBM MobileFirst Platform v7.0 Pot Intro v0.1Banking at Ho Chi Minh city
 
IBM MobileFirst Platform v7 Tech Overview
IBM MobileFirst Platform v7 Tech OverviewIBM MobileFirst Platform v7 Tech Overview
IBM MobileFirst Platform v7 Tech OverviewBanking at Ho Chi Minh city
 
IBM MobileFirst Foundation Version Flyer v1.0
IBM MobileFirst Foundation Version Flyer v1.0IBM MobileFirst Foundation Version Flyer v1.0
IBM MobileFirst Foundation Version Flyer v1.0Banking at Ho Chi Minh city
 
IBM MobileFirst Platform v7.0 POT Offers Lab v1.0
IBM MobileFirst Platform v7.0 POT Offers Lab v1.0IBM MobileFirst Platform v7.0 POT Offers Lab v1.0
IBM MobileFirst Platform v7.0 POT Offers Lab v1.0Banking at Ho Chi Minh city
 
IBM MobileFirst Platform v7.0 pot intro v0.1
IBM MobileFirst Platform v7.0 pot intro v0.1IBM MobileFirst Platform v7.0 pot intro v0.1
IBM MobileFirst Platform v7.0 pot intro v0.1Banking at Ho Chi Minh city
 
IBM MobileFirst Platform v7.0 POT App Mgmt Lab v1.1
IBM MobileFirst Platform v7.0 POT App Mgmt Lab v1.1IBM MobileFirst Platform v7.0 POT App Mgmt Lab v1.1
IBM MobileFirst Platform v7.0 POT App Mgmt Lab v1.1Banking at Ho Chi Minh city
 
IBM MobileFirst Platform v7.0 POT Analytics v1.1
IBM MobileFirst Platform v7.0 POT Analytics v1.1IBM MobileFirst Platform v7.0 POT Analytics v1.1
IBM MobileFirst Platform v7.0 POT Analytics v1.1Banking at Ho Chi Minh city
 
IBM MobileFirst Platform Pot Sentiment Analysis v3
IBM MobileFirst Platform Pot Sentiment Analysis v3IBM MobileFirst Platform Pot Sentiment Analysis v3
IBM MobileFirst Platform Pot Sentiment Analysis v3Banking at Ho Chi Minh city
 
IBM MobileFirst Platform 7.0 POT InApp Feedback V0.1
IBM MobileFirst Platform 7.0 POT InApp Feedback V0.1IBM MobileFirst Platform 7.0 POT InApp Feedback V0.1
IBM MobileFirst Platform 7.0 POT InApp Feedback V0.1Banking at Ho Chi Minh city
 
Tme 10 cookbook for aix systems management and networking sg244867
Tme 10 cookbook for aix systems management and networking sg244867Tme 10 cookbook for aix systems management and networking sg244867
Tme 10 cookbook for aix systems management and networking sg244867Banking at Ho Chi Minh city
 
Tivoli firewall magic redp0227
Tivoli firewall magic redp0227Tivoli firewall magic redp0227
Tivoli firewall magic redp0227Banking at Ho Chi Minh city
 
Tivoli data warehouse version 1.3 planning and implementation sg246343
Tivoli data warehouse version 1.3 planning and implementation sg246343Tivoli data warehouse version 1.3 planning and implementation sg246343
Tivoli data warehouse version 1.3 planning and implementation sg246343Banking at Ho Chi Minh city
 
Tivoli data warehouse 1.2 and business objects redp9116
Tivoli data warehouse 1.2 and business objects redp9116Tivoli data warehouse 1.2 and business objects redp9116
Tivoli data warehouse 1.2 and business objects redp9116Banking at Ho Chi Minh city
 
Tivoli business systems manager v2.1 end to-end business impact management sg...
Tivoli business systems manager v2.1 end to-end business impact management sg...Tivoli business systems manager v2.1 end to-end business impact management sg...
Tivoli business systems manager v2.1 end to-end business impact management sg...Banking at Ho Chi Minh city
 
Tec implementation examples sg245216
Tec implementation examples sg245216Tec implementation examples sg245216
Tec implementation examples sg245216Banking at Ho Chi Minh city
 
Tape automation with ibm e server xseries servers redp0415
Tape automation with ibm e server xseries servers redp0415Tape automation with ibm e server xseries servers redp0415
Tape automation with ibm e server xseries servers redp0415Banking at Ho Chi Minh city
 
Tivoli storage productivity center v4.2 release guide sg247894
Tivoli storage productivity center v4.2 release guide sg247894Tivoli storage productivity center v4.2 release guide sg247894
Tivoli storage productivity center v4.2 release guide sg247894Banking at Ho Chi Minh city
 
Synchronizing data with ibm tivoli directory integrator 6.1 redp4317
Synchronizing data with ibm tivoli directory integrator 6.1 redp4317Synchronizing data with ibm tivoli directory integrator 6.1 redp4317
Synchronizing data with ibm tivoli directory integrator 6.1 redp4317Banking at Ho Chi Minh city
 
Storage migration and consolidation with ibm total storage products redp3888
Storage migration and consolidation with ibm total storage products redp3888Storage migration and consolidation with ibm total storage products redp3888
Storage migration and consolidation with ibm total storage products redp3888Banking at Ho Chi Minh city
 
Solution deployment guide for ibm tivoli composite application manager for we...
Solution deployment guide for ibm tivoli composite application manager for we...Solution deployment guide for ibm tivoli composite application manager for we...
Solution deployment guide for ibm tivoli composite application manager for we...Banking at Ho Chi Minh city
 
Slr to tivoli performance reporter for os 390 migration cookbook sg245128
Slr to tivoli performance reporter for os 390 migration cookbook sg245128Slr to tivoli performance reporter for os 390 migration cookbook sg245128
Slr to tivoli performance reporter for os 390 migration cookbook sg245128Banking at Ho Chi Minh city
 
Setup and configuration for ibm tivoli access manager for enterprise single s...
Setup and configuration for ibm tivoli access manager for enterprise single s...Setup and configuration for ibm tivoli access manager for enterprise single s...
Setup and configuration for ibm tivoli access manager for enterprise single s...Banking at Ho Chi Minh city
 
Windows nt backup and recovery with adsm sg242231
Windows nt backup and recovery with adsm sg242231Windows nt backup and recovery with adsm sg242231
Windows nt backup and recovery with adsm sg242231Banking at Ho Chi Minh city
 
Tivoli management services warehouse and reporting sg247290
Tivoli management services warehouse and reporting sg247290Tivoli management services warehouse and reporting sg247290
Tivoli management services warehouse and reporting sg247290Banking at Ho Chi Minh city
 
Service level management using ibm tivoli service level advisor and tivoli bu...
Service level management using ibm tivoli service level advisor and tivoli bu...Service level management using ibm tivoli service level advisor and tivoli bu...
Service level management using ibm tivoli service level advisor and tivoli bu...Banking at Ho Chi Minh city
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 

Más contenido relacionado

Más de Banking at Ho Chi Minh city

IBM MobileFirst Platform v7.0 POT App Mgmt Lab v1.1
IBM MobileFirst Platform v7.0 POT App Mgmt Lab v1.1IBM MobileFirst Platform v7.0 POT App Mgmt Lab v1.1
IBM MobileFirst Platform v7.0 POT App Mgmt Lab v1.1Banking at Ho Chi Minh city
 
IBM MobileFirst Platform v7.0 POT Analytics v1.1
IBM MobileFirst Platform v7.0 POT Analytics v1.1IBM MobileFirst Platform v7.0 POT Analytics v1.1
IBM MobileFirst Platform v7.0 POT Analytics v1.1Banking at Ho Chi Minh city
 
IBM MobileFirst Platform Pot Sentiment Analysis v3
IBM MobileFirst Platform Pot Sentiment Analysis v3IBM MobileFirst Platform Pot Sentiment Analysis v3
IBM MobileFirst Platform Pot Sentiment Analysis v3Banking at Ho Chi Minh city
 
IBM MobileFirst Platform 7.0 POT InApp Feedback V0.1
IBM MobileFirst Platform 7.0 POT InApp Feedback V0.1IBM MobileFirst Platform 7.0 POT InApp Feedback V0.1
IBM MobileFirst Platform 7.0 POT InApp Feedback V0.1Banking at Ho Chi Minh city
 
Tme 10 cookbook for aix systems management and networking sg244867
Tme 10 cookbook for aix systems management and networking sg244867Tme 10 cookbook for aix systems management and networking sg244867
Tme 10 cookbook for aix systems management and networking sg244867Banking at Ho Chi Minh city
 
Tivoli data warehouse version 1.3 planning and implementation sg246343
Tivoli data warehouse version 1.3 planning and implementation sg246343Tivoli data warehouse version 1.3 planning and implementation sg246343
Tivoli data warehouse version 1.3 planning and implementation sg246343Banking at Ho Chi Minh city
 
Tivoli data warehouse 1.2 and business objects redp9116
Tivoli data warehouse 1.2 and business objects redp9116Tivoli data warehouse 1.2 and business objects redp9116
Tivoli data warehouse 1.2 and business objects redp9116Banking at Ho Chi Minh city
 
Tivoli business systems manager v2.1 end to-end business impact management sg...
Tivoli business systems manager v2.1 end to-end business impact management sg...Tivoli business systems manager v2.1 end to-end business impact management sg...
Tivoli business systems manager v2.1 end to-end business impact management sg...Banking at Ho Chi Minh city
 
Tape automation with ibm e server xseries servers redp0415
Tape automation with ibm e server xseries servers redp0415Tape automation with ibm e server xseries servers redp0415
Tape automation with ibm e server xseries servers redp0415Banking at Ho Chi Minh city
 
Tivoli storage productivity center v4.2 release guide sg247894
Tivoli storage productivity center v4.2 release guide sg247894Tivoli storage productivity center v4.2 release guide sg247894
Tivoli storage productivity center v4.2 release guide sg247894Banking at Ho Chi Minh city
 
Synchronizing data with ibm tivoli directory integrator 6.1 redp4317
Synchronizing data with ibm tivoli directory integrator 6.1 redp4317Synchronizing data with ibm tivoli directory integrator 6.1 redp4317
Synchronizing data with ibm tivoli directory integrator 6.1 redp4317Banking at Ho Chi Minh city
 
Storage migration and consolidation with ibm total storage products redp3888
Storage migration and consolidation with ibm total storage products redp3888Storage migration and consolidation with ibm total storage products redp3888
Storage migration and consolidation with ibm total storage products redp3888Banking at Ho Chi Minh city
 
Solution deployment guide for ibm tivoli composite application manager for we...
Solution deployment guide for ibm tivoli composite application manager for we...Solution deployment guide for ibm tivoli composite application manager for we...
Solution deployment guide for ibm tivoli composite application manager for we...Banking at Ho Chi Minh city
 
Slr to tivoli performance reporter for os 390 migration cookbook sg245128
Slr to tivoli performance reporter for os 390 migration cookbook sg245128Slr to tivoli performance reporter for os 390 migration cookbook sg245128
Slr to tivoli performance reporter for os 390 migration cookbook sg245128Banking at Ho Chi Minh city
 
Setup and configuration for ibm tivoli access manager for enterprise single s...
Setup and configuration for ibm tivoli access manager for enterprise single s...Setup and configuration for ibm tivoli access manager for enterprise single s...
Setup and configuration for ibm tivoli access manager for enterprise single s...Banking at Ho Chi Minh city
 
Windows nt backup and recovery with adsm sg242231
Windows nt backup and recovery with adsm sg242231Windows nt backup and recovery with adsm sg242231
Windows nt backup and recovery with adsm sg242231Banking at Ho Chi Minh city
 
Tivoli management services warehouse and reporting sg247290
Tivoli management services warehouse and reporting sg247290Tivoli management services warehouse and reporting sg247290
Tivoli management services warehouse and reporting sg247290Banking at Ho Chi Minh city
 
Service level management using ibm tivoli service level advisor and tivoli bu...
Service level management using ibm tivoli service level advisor and tivoli bu...Service level management using ibm tivoli service level advisor and tivoli bu...
Service level management using ibm tivoli service level advisor and tivoli bu...Banking at Ho Chi Minh city
 

Más de Banking at Ho Chi Minh city (20)

IBM MobileFirst Platform v7.0 POT App Mgmt Lab v1.1
IBM MobileFirst Platform v7.0 POT App Mgmt Lab v1.1IBM MobileFirst Platform v7.0 POT App Mgmt Lab v1.1
IBM MobileFirst Platform v7.0 POT App Mgmt Lab v1.1
 
IBM MobileFirst Platform v7.0 POT Analytics v1.1
IBM MobileFirst Platform v7.0 POT Analytics v1.1IBM MobileFirst Platform v7.0 POT Analytics v1.1
IBM MobileFirst Platform v7.0 POT Analytics v1.1
 
IBM MobileFirst Platform Pot Sentiment Analysis v3
IBM MobileFirst Platform Pot Sentiment Analysis v3IBM MobileFirst Platform Pot Sentiment Analysis v3
IBM MobileFirst Platform Pot Sentiment Analysis v3
 
IBM MobileFirst Platform 7.0 POT InApp Feedback V0.1
IBM MobileFirst Platform 7.0 POT InApp Feedback V0.1IBM MobileFirst Platform 7.0 POT InApp Feedback V0.1
IBM MobileFirst Platform 7.0 POT InApp Feedback V0.1
 
Tme 10 cookbook for aix systems management and networking sg244867
Tme 10 cookbook for aix systems management and networking sg244867Tme 10 cookbook for aix systems management and networking sg244867
Tme 10 cookbook for aix systems management and networking sg244867
 
Tivoli firewall magic redp0227
Tivoli firewall magic redp0227Tivoli firewall magic redp0227
Tivoli firewall magic redp0227
 
Tivoli data warehouse version 1.3 planning and implementation sg246343
Tivoli data warehouse version 1.3 planning and implementation sg246343Tivoli data warehouse version 1.3 planning and implementation sg246343
Tivoli data warehouse version 1.3 planning and implementation sg246343
 
Tivoli data warehouse 1.2 and business objects redp9116
Tivoli data warehouse 1.2 and business objects redp9116Tivoli data warehouse 1.2 and business objects redp9116
Tivoli data warehouse 1.2 and business objects redp9116
 
Tivoli business systems manager v2.1 end to-end business impact management sg...
Tivoli business systems manager v2.1 end to-end business impact management sg...Tivoli business systems manager v2.1 end to-end business impact management sg...
Tivoli business systems manager v2.1 end to-end business impact management sg...
 
Tec implementation examples sg245216
Tec implementation examples sg245216Tec implementation examples sg245216
Tec implementation examples sg245216
 
Tape automation with ibm e server xseries servers redp0415
Tape automation with ibm e server xseries servers redp0415Tape automation with ibm e server xseries servers redp0415
Tape automation with ibm e server xseries servers redp0415
 
Tivoli storage productivity center v4.2 release guide sg247894
Tivoli storage productivity center v4.2 release guide sg247894Tivoli storage productivity center v4.2 release guide sg247894
Tivoli storage productivity center v4.2 release guide sg247894
 
Synchronizing data with ibm tivoli directory integrator 6.1 redp4317
Synchronizing data with ibm tivoli directory integrator 6.1 redp4317Synchronizing data with ibm tivoli directory integrator 6.1 redp4317
Synchronizing data with ibm tivoli directory integrator 6.1 redp4317
 
Storage migration and consolidation with ibm total storage products redp3888
Storage migration and consolidation with ibm total storage products redp3888Storage migration and consolidation with ibm total storage products redp3888
Storage migration and consolidation with ibm total storage products redp3888
 
Solution deployment guide for ibm tivoli composite application manager for we...
Solution deployment guide for ibm tivoli composite application manager for we...Solution deployment guide for ibm tivoli composite application manager for we...
Solution deployment guide for ibm tivoli composite application manager for we...
 
Slr to tivoli performance reporter for os 390 migration cookbook sg245128
Slr to tivoli performance reporter for os 390 migration cookbook sg245128Slr to tivoli performance reporter for os 390 migration cookbook sg245128
Slr to tivoli performance reporter for os 390 migration cookbook sg245128
 
Setup and configuration for ibm tivoli access manager for enterprise single s...
Setup and configuration for ibm tivoli access manager for enterprise single s...Setup and configuration for ibm tivoli access manager for enterprise single s...
Setup and configuration for ibm tivoli access manager for enterprise single s...
 
Windows nt backup and recovery with adsm sg242231
Windows nt backup and recovery with adsm sg242231Windows nt backup and recovery with adsm sg242231
Windows nt backup and recovery with adsm sg242231
 
Tivoli management services warehouse and reporting sg247290
Tivoli management services warehouse and reporting sg247290Tivoli management services warehouse and reporting sg247290
Tivoli management services warehouse and reporting sg247290
 
Service level management using ibm tivoli service level advisor and tivoli bu...
Service level management using ibm tivoli service level advisor and tivoli bu...Service level management using ibm tivoli service level advisor and tivoli bu...
Service level management using ibm tivoli service level advisor and tivoli bu...
 

Último

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 

Último (20)

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 

Ibm tivoli access manager for operating systems host based intrusion prevention for applications and platforms redp3781

  • 1. Redbooks Paper Axel Buecker Shawn Young IBM Tivoli Access Manager for Operating Systems: Host-Based Intrusion Prevention for Applications and Platforms “A lot of companies have gone to a lot of effort to protect themselves from being hacked, but it’s a lot harder to stop a rogue employee … . We have the technology, but we’re not using it.” —The Washington Post, December 3, 2002 Employees—not hackers, not viruses—present the chief threat to IT security. In the biggest identity theft case yet reported, employees stole 30,000 consumer financial reports over three years. A ring of scam artists, in turn, paid the employees $30 for each stolen report. Ultimately, consumers lost more than $2.7 million. Law enforcement estimates that more than half of all identity thefts occur as a result of employees. In this IBM® Redpaper, we discuss IBM Tivoli® Access Manager for Operating Systems, a simple-to-use, powerful security system that securely locks down business-critical applications, operating platforms, and files from unauthorized access. This firewall-like capability prevents both insiders and outsiders from the unauthorized access to and use of vital customer, employee, and business partner data. Additionally, Tivoli Access Manager for Operating Systems audits application and platform activity to ensure compliance with corporate policies and government regulation. In an increasingly wired yet insecure world, Tivoli Access Manager for Operating Systems provides the assurance that customers, employees, and partners expect, and the rigorous auditing that the government and senior management require. © Copyright IBM Corp. 2003. All rights reserved. ibm.com/redbooks 1
  • 2. Overview Tivoli Access Manager for Operating Systems erects and enforces a seamless security perimeter to UNIX/Linux systems to provide protection for business-critical systems and auditing of all users. These controls even apply to “Root” super-users, a notoriously difficult-to-secure UNIX/Linux group. Unchecked and unmonitored Root users are often the source of considerable abuse. Tivoli Access Manager for Operating Systems prevents misbehavior by Root users and all other users through the rigorous application of access controls on resources, files, and data. Further, hackers favor Root accounts as targets because Root users typically create backdoor access routes in order to bypass basic protocols. As a result, while the majority of cyber theft results from internal abusers, the application of adequate controls on Root accounts will also prevent a significant amount of external cyber theft. Tivoli Access Manager for Operating Systems ensures 24x7 protection from unauthorized access to business-critical applications by providing bulletproof controls against malicious actions. Most business-critical applications today are hosted on UNIX—or, increasingly, Linux—and are deployed throughout the enterprise network environments as shown in Figure 1. These applications include ERP, CRM, SCM, Human Resource Management applications, and Middleware platforms such as IBM WebSphere. Most of these applications offer inadequate out-of-the-box security and auditing for today’s enterprise. AS/400 S/390 UNIX Security M anagement 55% of data theft NT occurs here Mission-Critical Servers Proxy-Server W orkload Core Network M anagem ent Certificate Backup W eb Authority Restore Servers Internet VPN Single Sign-on Access Security Auditing Merchant Perim eter Network Firew all Server E-M ail Intrusion Active Detection Content Filtering PC Security Access Network Customers PC Anti-Virus Suppliers Distributors Business Partners M obile Employees Figure 1 The IT security map Policy-based security: peace of mind in troubled times The heart of an effective security program lies in its security policy. The bottom line is that everyone—partners, employees, customers, auditors, government regulators, and senior management—is looking for a security policy that guarantees the privacy and confidentiality of sensitive information. Never before have CIOs faced so many constituents demanding tight protection and accountability. Management and boards of directors no longer accept the 2 IBM Tivoli Access Manager for Operating Systems
  • 3. running of expensive applications on insecure operating systems and ineffective protocols. Tivoli Access Manager for Operating Systems ensures that security policy is easily implementable, robust, and comprehensive. Easy-to-use: Because security policy is crucial to operational effectiveness, there’s no forgiving a security policy that is difficult to understand and challenging to enforce. Tivoli Access Manager for Operating Systems simplifies policy through multiple methods. The first is through Web Portal Manager, a GUI-based, web-accessible management tool. Security policy can now be managed in a point-and-click format. Command-line interfaces and script accommodation afford UNIX and Linux experts even greater ease. Simplicity is further ensured through Tivoli Access Manager for Operating Systems’ Fast Track Policy Modules. Fast Track Policy Modules are pre-written, best-practice security policies. They provide a method for demanding enterprises to quickly adopt effective security. Security threats multiply daily, and CIOs cannot be expected to wait on slow security policies. While enterprises can use Tivoli Access Manager for Operating Systems’ Web Portal Manager to design and set detailed policy if they wish, enterprises accelerate their ROI through the use of Fast Track Policy Modules. Fast Track Policy Modules also come in application-specific versions offering customers out-of-the-box customization. These pre-written, best-practice policies make it easy to tailor security policy for specific missions. These missions may include, for instance, enhancing Web security or defending CRM, ERP, or other applications and databases. Simplicity is crucial for an effective security policy. Through Web Portal Manager, shown in Figure 2, security policies can be managed in a point-and-click fashion. Figure 2 Web Portal Manager interface IBM Tivoli Access Manager for Operating Systems 3
  • 4. Powerful: Power is provided through Tivoli Access Manager for Operating Systems’ multi-threaded architecture. This enables Tivoli Access Manager for Operating Systems to operate fully 22 times faster than its leading competitor. This performance also means that CIOs no longer have to trade operating efficiency for security. Applications run smoothly even with the rigorous security added by Tivoli Access Manager for Operating Systems. With Tivoli Access Manager for Operating Systems, administrators can set and enforce three types of security policy: password policy, login policy, and resource policy. In the case of password policy, for instance, administrators can require the timely changing of passwords, or passwords of a specified length and alphanumeric mix. In the case of login policy administrators can determine where users can access systems or what files they can access remotely. Resource policy enables administrators to restrict access to systems, files, and data on a “need-to-know” basis. Comprehensive: As a result of its industry-leading power, Tivoli Access Manager for Operating Systems successfully scales throughout the enterprise, enforcing security comprehensively. It enables management to set a single security policy that is implemented and enforced worldwide. Centralization ensures adherence to corporate guidelines and government regulations. With Web Portal Manager, Tivoli Access Manager for Operating Systems policy can be managed from a Web-based tool. The benefit of this approach is that it enables an enterprise’s security managers to delegate limited authority for routine or emergency matters to specified, local sub-domain administrators. This scheme offers maximum control while affording flexibility when necessary. In a case of network interruption, control can be delegated to local subdomain administrators without granting local administrators excessive access or access to other subdomains. Auditing: proof positive in a cynical world Defending resources is equally as important as auditing resources. Gone are the days when a CIO could simply attest that the network was secure. Amid unrelenting attacks, omnipresent threats, and widely publicized failures, customers, partners, and regulators all demand proof of effective security controls. Tivoli Access Manager for Operating Systems responds to this need through Persistent Universal Auditing, which maintains 24x7 audit logs on all programs, files, ports, resources, and systems. This provides administrators with a centralized report on security events, enabling administrators to review which users accessed what resources, how, and when. Misbehavior rarely occurs just once. It occurs frequently. Regular audits prevent prolonged abuse. The most successful information thieves endure through “creep and take” tactics. Through incremental attacks over long periods of time they accumulate extensive amounts of sensitive data and insidiously degrade system defenses. Because they typically are insiders, such “CAT thieves” present significant risk—much more than regular Internet hackers. Insiders, after all, know on which systems valuable information resides and how to best circumvent security protocols. Recurrent auditing with Tivoli Access Manager for Operating Systems prevents CAT attacks. The United States government has responded to financial scandals and health care concerns through the Sarbanes-Oxley Act of 2002 and the Health Insurance Portability and Accountability Act of 1996 (HIPAA). These two sets of legislation require the erection of significant barriers to secure sensitive financial and health care data. In addition, regular auditing is required to prove that confidential and private information is handled only on a need-to-know basis. Countries around the globe have enacted similar legislation. European legislation has gone even farther in its privacy and confidentiality requirements. 4 IBM Tivoli Access Manager for Operating Systems
  • 5. Architecture: simple, lean, and muscular Tivoli Access Manager for Operating Systems is built on a lightweight, powerful, easily installed architecture. This simple architecture centers on the Tivoli Access Manager Policy Server. This server houses all security policies and can also maintain the database of all users in an LDAP directory. Tivoli Access Manager for Operating Systems relies on its Security Agent for local policy enforcement. The Security Agent locally protects and audits each server, acting as a host-based firewall in physically preventing unauthorized users from accessing files. Exceeding typical firewall capability, Tivoli Access Manager for Operating Systems restricts both incoming and outgoing network traffic, providing a matchless level of security for TCP/IP ports. The Security Agent also locally audits the use of applications, files, and resources. Figure 3 is an overview of the architecture of Tivoli Access Manager for Operating Systems. Access Manager Policy Server Centralized server contains • Policy database • User IDs (LDAP) SSL connection Management Server maintains policy Policy Server maintains policy Security Agent enforces policy Security Agent Erects security perimeter • Intercepts system call • Make access decision Security Agent • Writes audit record Figure 3 Tivoli Access Manager for Operating Systems architecture For full security even during network interruptions, the Security Agent replicates the security policy and user identifications locally. In the event that the network connection fails, the Security Agent is fully able to make access decisions without the Policy Server being present. Linux: bulletproof answer to open source questions “Open source software is now the major source of elevated security vulnerabilities for IT buyers.” The majority of the 29 advisories issued from January through October 2002 by Carnegie Mellon’s CERT Coordination Center addressed vulnerabilities in open source or Linux products. —eWeek, Nov. 22, 2002 Linux provides a revolutionary platform with superb flexibility, dependability, and value—and a whole new set of security challenges. Typically, however, it is not the enterprise’s only operating system. In today’s heterogeneous enterprise, an effective security solution must be IBM Tivoli Access Manager for Operating Systems 5
  • 6. able to secure and run on a variety of platforms. Tivoli Access Manager for Operating Systems can secure a wide range of Linux and UNIX® operating environments, and constantly expands its coverage. Tivoli Access Manager for Operating Systems supports Linux on iSeries, xSeries, pSeries, and zSeries® platforms. Integration: flexibility on demand Tivoli Access Manager for Operating Systems provides unparalleled breadth in value through full integration with the market’s leading identity management, identity provisioning, and security management products. IBM Tivoli Identity Manager, IBM Tivoli Access Manager for e-business, IBM Tivoli Privacy Manager, and IBM Tivoli Risk Manager all effectively complement Tivoli Access Manager for Operating Systems. Use of a common approach and infrastructure enables customers to rapidly meet demands for increased responsiveness, improved efficiency, and greater economy. 3rd Party Network Intrusion Software Firewalls Anti-Virus Detection VPN Security Tivoli Risk Manager Management Tivoli Tivoli Tivoli Identity Access Privacy Manager Manager Manager User Management User Application Privacy Provisioning Protection Assurance IBM Directory Server Directory Management IBM Directory Integrator Figure 4 IBM Tivoli Integrated Identity and Security Management The IBM Tivoli Integrated Identity Management suite (shown in Figure 4) scales to precisely meet customers’ needs, whether those needs are narrowly focused or broadly conceived. These solutions work together to provide significant return on investment and exceptional levels of service to internal and external users. Close cooperation with industry partners in developing standards ensures that Tivoli’s Integrated Identity Management suite is both widely interoperable and remarkably rigorous. Summary: exceptional solution for an insidious threat “The hacker who just stole your records is just as likely to be an insider as an outsider … Computer break-ins by insiders often do more damage than when a remote hacker gets into the system … They know what to take; they know what is important.” —The Atlanta Journal-Constitution, May 14, 2003 6 IBM Tivoli Access Manager for Operating Systems
  • 7. In a recent case involving a large consumer goods company, a hacker pilfered the confidential financial, Social Security, and employee records of 450 co-workers. The employee bypassed protocols to slip into the company’s computer system without authorization. Incidents of insider cyber theft are rising rapidly. With increasing amounts of valuable consumer, employee, and partner data being accumulated, the incentives for insider misbehavior are increasing as well. Organizations face growing risk. Simultaneously, regulators and legislators are targeting enterprises that do not implement effective controls with fines and increased scrutiny. CIOs face unrelenting pressure for improved security, auditability, and accountability. The most economic and effective solution for CIOs is to combine comprehensive intrusion prevention technology—host-based firewall capability, application and platform protection, user tracking and controls—with persistent auditing capability. In a lightweight, powerful way, Tivoli Access Manager for Operating Systems does exactly this. No longer do organizations need to run business-critical applications on mainframes in order to enjoy mainframe-class security. With Tivoli Access Manager for Operating Systems they can enjoy mainframe-class security on distributed systems. And they can enjoy the peace of mind that comes when valuable data is fully secured and all users are held fully accountable. The team that wrote this Redpaper This Redpaper was produced by a team of specialists from around the world working at the International Technical Support Organization, Austin Center. Axel Buecker is a Certified Consulting Software I/T Specialist at the International Technical Support Organization, Austin Center. He writes extensively and teaches IBM classes worldwide on areas of Software Security Architecture. He holds a degree in computer science from the University of Bremen, Germany. He has 17 years of experience in a variety of areas related to Workstation and Systems Management, Network Computing, and e-business solutions. Before joining the ITSO in March 2000, Axel worked for IBM in Germany as a Senior I/T Specialist in Software Security Architecture. Shawn Young is the IBM Tivoli Access Manager for Operating Systems' worldwide product manager. While at IBM he has contributed to the development of a number of leading edge security products. He has an extensive background in management consulting and has consulted with leading Fortune 500 companies on customer-centric approaches to improved operational effectiveness. He holds a degree in Economics and Public Policy from Rice University and a Masters degree in Business Administration from the University of California, Los Angeles' Anderson School of Management. Thanks to the following person for her contribution to this project: Betsy Thaggard International Technical Support Organization, Austin Center IBM Tivoli Access Manager for Operating Systems 7
  • 8. 8 IBM Tivoli Access Manager for Operating Systems
  • 9. Notices This information was developed for products and services offered in the U.S.A. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not give you any license to these patents. You can send license inquiries, in writing, to: IBM Director of Licensing, IBM Corporation, North Castle Drive Armonk, NY 10504-1785 U.S.A. The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you. This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk. IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you. Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental. COPYRIGHT LICENSE: This information contains sample application programs in source language, which illustrates programming techniques on various operating platforms. You may copy, modify, and distribute these sample programs in any form without payment to IBM, for the purposes of developing, using, marketing or distributing application programs conforming to the application programming interface for the operating platform for which the sample programs are written. These examples have not been thoroughly tested under all conditions. IBM, therefore, cannot guarantee or imply reliability, serviceability, or function of these programs. You may copy, modify, and distribute these sample programs in any form without payment to IBM for the purposes of developing, using, marketing, or distributing application programs conforming to IBM's application programming interfaces. © Copyright IBM Corp. 2003. All rights reserved. 9
  • 10. Trademarks The following terms are trademarks of the International Business Machines Corporation in the United States, other countries, or both: IBM® Redbooks(logo) ™ zSeries® ibm.com® Tivoli® The following terms are trademarks of other companies: UNIX is a registered trademark of The Open Group in the United States and other countries. Other company, product, and service names may be trademarks or service marks of others. 10 IBM Tivoli Access Manager for Operating Systems