Arrow ECS is a leading UK security distributor that can offer customers solutions from its Security Center of Excellence and partnerships with top security vendors. It has expertise in translating industry knowledge into practical security solutions for issues like safeguarding data, securing the network and data center, and ensuring compliance. Arrow ECS works with IBM security products to help organizations address escalating security and compliance needs.
2. Security_Brochure_2012_IBM_v1_DNS_training_v20 aw 21/02/2012 15:22 Page 1
Translating outstanding industry
knowledge into practical solutions As the UK’s leading security
distributor, Arrow ECS can offer
your customers the benefits of:
With infrastructure-wide experience and specialist knowledge
in the security area, Arrow ECS can help your customers to
safeguard their business by controlling and protecting data at • Our Security Centre of Excellence
every point.
• Partnerships with world-class security
We have market insight and the technical understanding to solution vendor
draw together the different technology elements into solutions
that meet your customers’ escalating needs to address security
and compliance issues. • A dedicated security team accredited to the
highest levels of certification
Working with Arrow ECS, we can help organisations tackle
security proactively and experience the business benefits that
come from good governance.
0800 983 2525
www.arrowecs.co.uk/ibmsecurity
iquotes@arrowecs.co.uk
IBM Product Security Portfolio
3. Security_Brochure_2012_IBM_v1_DNS_training_v20 aw 21/02/2012 15:22 Page 4
The security landscape is changing dramatically
The world is moving towards data centre centric and cloud computing, and this trend is
changing the way that IT infrastructures are deployed. Whilst the benefits of this
technology transition are well understood, it introduces a whole host of new risks and
security considerations.
! Increasing user mobility and usage of smart phones,
tablets and PDAs at the edge site has introduced
new security risks with mobile users wanting to access Tivoli identity and Encryption
Access Assurance
centrally held data and applications anywhere, anytime. App
Tivoli Endpoint Manager Endpoint Suite Se
! Business and personal use of technology will increasingly
converge as users synchronise and run their work, social Head
and educational lives through a single device opening up Office
potential security loop holes.
Rational AppScan
! High dependance on the Network coupled with Q
convergence of the Internet, Wide Area Network (WAN) NAC
Q
Authorised Third
and Telecommunications services introduces new security, Wireless
Party Access Networking
performance, and management issues.
Rational AppScan
Tivoli identity and
Access Assurance Prove
Authentication
Tivoli Endpoint Manager Endpoint Suite F
Policy
NIPS
IDP / IDS
QRadar
Rational AppScan Managed Firewall QFlow
Firewall
Customer / Public
Cloud Access
and Internet
Email
Filtering
ISP Load
Balancer
Internet / V
Cloud
Mobile Workers
and Small Offices
Rational AppScan
Proventia Web Filter
Lotus Protector
Content and Web
Filtering WAN
Accelerator
Encryption Router
Firewall Managed Firewall
Rational AppScan
Tivoli Endpoint Manager Endpoint Suite
Tivoli identity and
Access Assurance Authentication
1 Endpoint
SSL VPN
4. Security_Brochure_2012_IBM_v1_DNS_training_v20 aw 21/02/2012 15:22 Page 5
! Corporate data must be
segmented, encrypted,
backed up and monitored
Archiving and
to prevent corruption and
Traditional illegal access.
Tape Solution
Storage
3 Data Centre ! Consolidation into the data
centre and virtualisation
Pool
Tivoli Key
Guardium introduces risk due to
Virtual Tape
Library (VTL)
Lifecycle Manager Tivoli Endpoint
Manager
Encryption (Data and Applications)
multiple applications and
data being concentrated
onto virtualised hardware
SA
Endpoint Security (Host Servers)
N
/N
Application
AS
Rational AppScan
platforms.
Fa
Servers
br
Application
ic
Servers Content Security (Host Servers)
Rational AppScan
QRadar VFlow
NIPS
IDP / IDS
WAN
al AppScan NAC Accelerator Dashboard
Core Guardium
Router WAN Managed Firewall
Accelerator Monitoring
QRadar
QFlow Load Balancer
Virtual Server Protection
N.O.C.
Reporting
DMZ 1 Firewall
WAN Intranet
Webserver
DMZ 2
Proventia Web Filter
External
Web
Webservers
Filtering
(FTP / WWW) Global
WAN Company
!
PS Accelerator Security
IDS
External
Policy Corporate governence and
SSL Access QRadar
dar QRadar SIEM
QFlow risk management is now a
ow
Router major consideration in
2 Network network security planning.
NAC NIPS
Lotus Protector Remote
ail Site
ring
Encryption
SSL
VPN
Endpoint
Suite
Tivoli Endpoint Manager
Key Technologies
4 Compliance Data and Application Security Content Security
• Encryption • Email Filtering
• Data Loss Prevention (DLP) • Web Filtering
• Application Control
• Alerts
• Vulnerability Testing
Performance and Infrastructure
• Load Balancing
• WAN Acceleration
www.arrowecs.co.uk/ibmsecurity
5. Security_Brochure_2012_IBM_v1_DNS_training_v20 aw 21/02/2012 15:22 Page 6
Breaking it down, making it secure
New data centre centric and cloud infrastructures can be broken down into the four key areas of Endpoint devices and access,
the Network including Internet/WAN, the Core Data Centre and finally across all of these the need for a comprehensive Corporate
Governance and Compliance strategy.
These four key areas must now be considered when developing a comprehensive network and data security strategy. Key
technology components can be combined to address the full spectrum of individual and collective security challenges in the
modern world.
1 Security for the Desktop and Endpoint
• Safeguard data on the endpoint device • Separate work and personal activity
• Protect devices against theft and illegal access • Anti Virus, encryption, spyware and malware protection
• Authenticate and ID users • Track stolen devices, disable data and file access
2 Security for the Network
• Deploy Firewalls to protect key access and exit points • Filter emails for harmful and inappropriate content
• Encrypt data in transit across the Network • Filter, monitor and control website downloads and activity
• Deploy access authentication and intrusion detection
3 Security for the Data Centre
• Deploy dedicated Firewalls to protect key assets • Apply access and authentication controls at all levels
• Create DMZ and restricted areas • Deploy intrusion protection and alerts
• Separate and encrypt business critical data • Filter and control inbound / outbound content
4 Compliance for the Infrastructure
• Implement audit and tracking controls • Sarbanes-Oxley (SOX) and Payment Card Industry (PCI)
• Backup and recovery • Login and access procedures
• Resilience and data protection • Reporting, visibility, tracking and accountability
Network Security Endpoint Security Compliance
• Firewalls • Authentication and Tokens • Monitoring and Data Capture
• Intrusion Detection Prevention / • Single Sign-On • Policy Management
System (IDP / IDS) • Secure Sockets Layer Virtual Private • Dashboards
• Wi-Fi Network (SSL VPN) • Reporting Tools
• Network Access Control (NAC) • Endpoint Suite (Anti Virus, Spyware, • Log Correlation
Malware, etc)
• Rational AppScan
ty