IBM United States
Software Announcement 201-276
September 25, 2001

Tivoli Risk Manager V3.8 Protects Your IT Assets

 ENUS201-276.PDF (38KB)


At a Glance

Tivoli Risk Manager V3.8:

  • Provides a security console to monitor, view, and manage alert events across the enterprise
  • Enables companies to identify and manage threats and vulnerabilities, and to enforce security policies
  • Enables system administrators to precisely identify different types of threats and attacks
  • Provides historical reporting
  • Provides a variety of predefined reaction tasks to quickly resolve urgent security issues or unauthorized accesses
  • Integrates with multi-vendor security technology products to provide comprehensive security management
  • Integrates with the full range of Tivoli network, system and security management products

For ordering, contact:

Your IBM representative, an IBM Business Partner, or IBM Americas Call Centers at 800-IBM-CALL (Reference: YE001).

Overview

Tivoli® Risk Manager is an e-business security solution that enables customers to quickly manage threats, such as denial-of-service attacks, viruses, unauthorized accesses, and other forms of intrusions, across the enterprise. Today, corporations are deploying a number of security solutions such as firewalls, intrusion detection systems, access control mechanisms, and so forth, as part of their overall security strategy, to achieve the simple objective of "Let the good guys in, keep the bad guys out."

Security policies are implemented at the network level, the host level, and at the application level, to help ensure that users have access only to their authorized applications and systems. Yet, businesses still face increasing risks from virus threats, unauthorized access, and denial of service attacks that target their enterprises. Further, threats can originate internally or externally. About half of the internal threats are malicious. The remaining internal threats are accidental, arising from misconfigured systems or weak security policies. Enterprise Risk Management is an approach whereby organizations can proactively upgrade their security to substantially reduce the gap between what is intended and what actually happens. To help guard against these different threats requires an "enterprise view" of security, a coordinated approach that can harness the information available at different security checkpoints within the enterprise and provide proper protection for your IT assets.

Key Prerequisites

The products in this announcement are supported on the following systems:

  • RS/6000® with AIX® 4.3.3
  • Intel-based systems with Microsoft™ Windows NT® 4.0
  • Sun SPARC systems with Sun Solaris 2.7 or 2.8

Planned Availability Date

September 28, 2001

End of Support

Based on the Tivoli end of support policy, Tivoli support for V3.7 of Tivoli Risk Manager will be discontinued September 28, 2002, which is 12 months after the planned availability of Tivoli Risk Manager V3.8.

Description

Today's network computing enterprise requires an open, centralized, scalable and process-oriented approach to intrusion detection and security management. Products such as firewalls, intrusion detection appliances, access control, and Web servers are all required to implement specialized security functions. More often than not these products do not inter-operate with each other, and they have to be managed and administered individually. They generate copious events and false alarms even during normal operation.

A security solution is most effective when the firewalls, intrusion detection agents, network security and application security solutions can work together in a coordinated fashion to minimize threats. Without centralized management, it is almost impossible to determine attack patterns, make security assessments with any degree of assurance, or respond with real-time countermeasures.

Tivoli Risk Manager is an e-Business security solution that makes it possible to:

  • Implement a multi-tiered/distributed architecture with different layers of servers collecting data, sending only the relevant information to the upper level. Tivoli Risk Manager can distribute correlation intelligence over a hierarchical Tivoli Enterprise Console® (TEC) environment composed of several tiers of TEC servers. The support of processing in multiple layers makes an Tivoli Risk Manager solution very scalable, and it will enable your local or regional administrators to manage security issues detected at the local or regional levels.
  • Implement role-based secure delegation of authority which allows definition of multiple administrator-roles with responsibility for first or second level of analysis or responsibility for a subset of the network.
  • Make enterprise risk management a seamless part of your enterprise management process, leveraging the integration with a broad range of Tivoli and Tivoli-Ready network and systems management products.
  • Historical Reporting (Tivoli Decision Support Guide) — The "Decision Support Guide for Enterprise Risk Management" will perform historical reporting on the data retrieved by our endpoints and other Tivoli products. It will help you perform continuous security improvements by easily identifying security "hot spots" in your enterprise network.
  • The network intrusion detection technology includes:
    • Event consolidation into TEC
    • Periodic update of signatures via secure Tivoli Customer Support Web Site to registered customers only.
    • Secure transmission of data via Tivoli Framework communication protocol
    • Ability to deploy and configure agent via the TEC Adapter Configuration Facility
    • Ability to deploy and update signatures via the TEC Adapter Configuration Facility

New functions added with Tivoli Risk Manager V3.8 include:

  • Support for Windows® 2000 — The Web Intrusion Detection System is supported on Windows 2000, on Microsoft and Apache Web servers.
  • The Host Intrusion Detection System is supported on Windows 2000. It can generate security alerts by monitoring the Windows 2000 System log and the Active Directory log.
  • The Symantec Norton AntiVirus (NAV) Adapter is supported on Windows 2000.
  • Support for LINUX RedHat — The Web Intrusion Detection System and Host Intrusion Detection System are supported on RedHat LINUX.
  • Performance Enhancements — The correlation rules have been enhanced to allow the processing of more events per second. The adapters have a new architecture that allows them to locally correlate and aggregate events, reducing duplicate events.
  • Sybase Support for TDS — Decision Support for Enterprise Risk Management will support Sybase in addition to the previously supported Oracle and DB2® databases.
  • Support for Cisco Secure IDS 4210, 4230 and IDS Module for Cisco Catalyst 6000 Switch. An adapter for the latest version of Cisco IDS appliances provides support the following Cisco Secure IDS sensors:
    • Cisco Secure IDS 4210 Sensor — A network security appliance that detects unauthorized activity traversing the network. The 4210 is the low-end model, designed to support 45 Mbps environments.
    • Cisco Secure IDS 4230 — The 4230 is the high-end model, designed to support 100 Mbps environments.
    • Cisco Catalyst 6000 family Intrusion Detection Module — The Cisco Catalyst 6000 IDS Module is a software component that can be installed on a Cisco Catalyst 6000 high-speed switch appliance. This module provides detection of unauthorized and malicious activities by integrating switching and security functions in the same appliance.
  • Network Associates McAfee Support — An adapter for McAfee for Windows NT and Windows 2000 has been added to Tivoli Risk Manager V3.8.

Euro Currency

This program is not impacted by euro currency.

Trademarks

 
AIX, RS/6000, and DB2 are registered trademarks of International Business Machines Corporation in the United States or other countries or both.
 
Microsoft is a trademark of Microsoft Corporation.
 
Windows NT and Windows are registered trademarks of Microsoft Corporation.
 
Tivoli and Tivoli Enterprise Console are registered trademarks of International Business Machines Corporation or Tivoli Systems Inc. in the United States or other countries or both.
 
Other company, product, and service names may be trademarks or service marks of others.

Offering Information

Product information will be available on day of announcement through Offering Information (OITOOL) at:

Publications

The following publications can be ordered after planned availability. To order, contact your IBM representative.

                                                       Order
Title                                                  Number
 
Tivoli(R) Risk Manager V3.8 User's Guide               GC32-0703
Tivoli Risk Manager V3.8 Release Notes                 GI11-0799
Tivoli Risk Manager V3.8 Developer's Guide             GC32-0702
Tivoli Risk Manager TDS V3.8 Release                   GI11-0862
 Notes

Technical Information

Specified Operating Environment

Hardware Requirements

  • Systems:
    • RS/6000®
    • Sun SPARC
    • Intel Pentium® II

    Review the Read Me for the most current information.

Software Requirements

Tivoli Risk Manager V3.8 requires:

  • IBM AIX® 4.3.3 for RS/6000 platforms
  • Sun Solaris 2.7 or 2.8 for Sun SPARC platforms
  • Microsoft™ Windows NT® 4.0 for Intel compatible platforms

Review the Read Me for the most current information.

Compatibility: End points supplied with Tivoli Risk Manager V3.7 will interoperate with the Tivoli Risk Manager V3.8 server.

Planning Information

Packaging

Tivoli Risk Manager V3.8 is distributed with:

  • Tivoli Risk Manager User's Guide
  • Tivoli Risk Manager Release Notes
  • Tivoli Risk Manager Developer's Guide
  • Tivoli Risk Manager TDS V3.8 Release Notes
  • International Program License Agreement (Z125-3301)
  • License Information document (LC23-4474)
  • IBM Addendum for Support for Tivoli (Z125-6189)
  • IBM Agreement for Acquisition of Support (Z125-6011)
  • 1 CD-ROM

Security, Auditability, and Control

Tivoli Risk Manager uses the security and auditability features of the operating system software.

The customer is responsible for evaluation, selection, and implementation of security features, administrative procedures, and appropriate controls in application systems and communication facilities.

Ordering Information

Current Licensees

Current licensees of Tivoli Risk Manager with support in effect will receive instructions on how to order this update.

New Licensees

Orders for new licenses will be accepted now.

Shipment will begin on the planned availability date.

Ordering Information for 5698-RMG

For ordering information on the base program number, 5698-RMG, refer to:

  • Software Announcement 200-105 , dated April 25, 2000
  • Software Announcement 200-404 , dated November 14, 2000

Withdrawal of Obsolete Media Features for 5698-RMG

The Network Intrusion Detection function is now delivered on the same CD-ROM as the rest of the product. Therefore, the following separate ordering features for Network Intrusion Detection are withdrawn effective immediately:

Description                                              Feature
 
Network Intrusion Detection                              5808

Ordering Information for Passport Advantage

The quantity of the Passport Advantage part numbers in the following table is based on the number of required Tivoli Management Points. To order for passport advantage, specify the desired part number and quantity.

                                                         Part
Description                                              Number
 
License and Software Maintenance                         D57GGLL
 1st Anniversary
License and Software Maintenance                         D57GHLL
 2nd Anniversary
Software Maintenance Renewal                             E17H4LL
 to Anniversary Date
Software Maintenance after License                       D57IDLL
 to Anniversary Date

To order a media pack or a documentation pack for passport advantage, specify the applicable part number in the desired quantity from the following table:

                                             Part
Description                                  Number
 
Tivoli Risk Manager V3.8                     BJ01GML
 Media Pack
 
Tivoli Risk Manager V3.8                     BJ01HIE (English)
 Doc. Pack
Tivoli Risk Manager V3.8                     BJ01HFR (French)
 Doc. Pack
Tivoli Risk Manager V3.8                     BJ01HDE (German)
 Doc. Pack
Tivoli Risk Manager V3.8                     BJ01HIT (Italian)
 Doc. Pack
Tivoli Risk Manager V3.8                     BJ01HES (Spanish)
 Doc. Pack
Tivoli Risk Manager V3.8                     BJ01HBP (Portuguese
 Doc. Pack                                           -Brazilian)
Tivoli Risk Manager V3.8                     BJ01HJA (Japanese)
 Doc. Pack
Tivoli Risk Manager V3.8                     BJ01HKO (Korean)
 Doc. Pack
Tivoli Risk Manager V3.8                     BJ01HSC (Chinese
 Doc. Pack                                           -Simplified)
Tivoli Risk Manager V3.8                     BJ01HTC (Chinese
 Doc. Pack                                           -Traditional)

Withdrawal of Passport Advantage Part Numbers

The following passport advantage part numbers are withdrawn effective immediately:

                                                         Part
Description                                              Number
 
Tivoli Risk Manager V3.7 Media Pack                      BJ6QZML
 
Tivoli Risk Manager V3.7                                 BJ6R0IE
 Documentation Pack
Tivoli Risk Manager V3.7                                 BJ6R0FR
 Documentation Pack
Tivoli Risk Manager V3.7                                 BJ6R0ES
 Documentation Pack
Tivoli Risk Manager V3.7                                 BJ6R0BP
 Documentation Pack

Passport Advantage Software Maintenance

Software Maintenance is included with each product authorization acquired under Passport Advantage.

Software Maintenance provides an easy and effective way by which you have access, during the coverage period, to eligible new versions and releases and to technical support for your covered products.

The technical support included in Software Maintenance provides remote support during normal business hours in your country or location as well as access to escalation management 24 hours a day, 7 days a week, for problems that you deem "mission critical."

With Software Maintenance, you receive the following technical support benefits:

  • Telephone access via the country single point of contact (SPOC) to IBM worldwide customer support
  • Electronic question submission (not available in all countries)
  • Support for routine, short duration installation and usage ("how-to") questions and code-related problems for covered products
  • Support during normal country business hours, namely prime shift hours excluding national or statutory holidays
  • Support for a problem you deem mission critical offshift, namely all hours outside normal country business hours including national and/or statutory holidays
  • A response within two hours during prime shift for voice and electronic submission. The response objective for critical/emergency calls during offshift is two hours.
  • Access to hints, tips, and frequently asked questions
  • Ability to transfer calls/issues within IBM, Lotus®, and Tivoli
  • Access to escalation management 24 hours a day, seven days a week
  • No limit on the number of IS technical staff authorized to contact IBM technical support centers on your behalf
  • eCare for Software — Your Support Advantage provides:
    • Single view of IBM distributed software that includes easy/integrated access to the following information and functions:
      • Marketing
      • Technical
      • Developer
      • Business Partner
      • IBM Services
      • Download
      • ibm.com
    • Comprehensive electronic SelfHelp capabilities
    • Advanced search capabilities
    • A single interface into problem submission/management system for IBM distributed software
    • Streamlined problem resolution process with quicker access to highly skilled support teams

Passport Advantage allows you to have a common anniversary date for Software Maintenance renewals, making it easier for you to manage and budget for access to eligible new versions and releases, and for related technical support, for your covered products. The anniversary date, established at the start of your Passport Advantage Agreement, recurs on an annual basis while your Passport Advantage Agreement remains in effect. However, regardless of when Software Maintenance is acquired, the coverage period for Software Maintenance is always up to the anniversary date specified in the acquisition.

Software Maintenance renewals offer you favorable pricing to continue your coverage without interruption.

Refer to the IBM International Passport Advantage Agreement and to the IBM Software Maintenance Handbook for specific terms relating to, and a more complete description of, technical support provided through Software Maintenance.

Note: The Tivoli Select Support offering is not available under Passport Advantage. Contact you IBM or Tivoli service representative for information on separately available service offerings.

Terms and Conditions

For a limited time during the migration period to Passport Advantage, customers may acquire eligible programs and Tivoli Support under agreements outside of Passport Advantage.

Terms and conditions for Program Number/Feature orders and IBM Passport Advantage are as follows:

Agreement: For orders under 5698-RMG: IBM International Program License Agreement (IPLA), IBM International Agreement for Acquisition of Programs and Support (IIAAPS) and the IBM Attachment for Support, IBM Agreement for Acquisition of Support (IAAS), IBM Addendum for Support for Tivoli Systems Products under Value-Based Pricing, and an Order Form.

For orders under Passport Advantage: IBM International Program License Agreement (IPLA), IBM International Passport Advantage Agreement (PAA), and an IBM International Passport Advantage Agreement Enrollment Form

Transferable: Yes, except for programs acquired at a discount or allowance

Limited Warranty Applies: Yes

Guarantee: Two months

Usage Restriction: Yes. Usage is limited to the quantity of Tivoli Management Points acquired for a one-time charge.

Volume Offering (IVO): No

Upgrade Protection Applies: Covered as long as Tivoli Support or Passport Advantage Software Maintenance is in effect

Educational Allowance Available: Yes, to qualified education institution customers

Percentage: 15%

Licensed Program Materials Availability

  • Restricted Materials of IBM: None
  • Non-Restricted Source Materials: None
  • Object Code Only (OCO): All

Maintenance Applies

  • Software Maintenance under Passport Advantage: Yes
  • Support for Tivoli products: Yes

Complementary Introductory Support: Not available

Tivoli Support and Passport Advantage Software Maintenance

Support Center applies:     Yes
 
                            Access is available through
                             the Tivoli Support Center,
                             800-237-5511
 
Availability of             The first year of Tivoli
 Tivoli Support:             Support is available at no
                             additional charge.  The
                             first year starts when the
                             product is shipped to the
                             customer.
 
                            Subsequent years of Tivoli
                             Support are available for
                             a fee as part of The IAAS,
                             IIAAPS, or any equivalent
                             agreement.
 
Availability of Passport    Passport Advantage
 Advantage Software          Software Maintenance is
 Maintenance:                provided at no additional
                             charge for each eligible
                             program acquired during
                             the initial term.
 
                            Passport Advantage
                             Software Maintenance is
                             provided at an additional
                             charge for all eligible
                             programs in the second
                             and subsequent terms.
 
Tivoli Support and          Twelve months after
 Passport Advantage          announcement of product
 Software Maintenance        discontinuance, (that is,
 are available until:        end-of-life (EOL))
 
Tivoli Support and          The current release
 Passport Advantage
 Software Maintenance       The immediate previous
 are applicable to:          release for twelve months
                             after the general
                             availability of the
                             current release
 
APAR Mailing Address:       Tivoli Systems Inc.
                            11400 Burnet Road
                            Austin, TX  78758
                            Attention:
                             Product Development

IBM Operational Support Services — Support Line: No

Product Web Site: A complete list of products, terminology definitions, and licensing documents are available at the following Web site:

Prices

The prices provided in this announcement are suggested retail prices for the U.S. only and are provided for your information only. Dealer prices may vary, and prices may also vary by country. Prices are subject to change without notice. For additional information and current prices, contact your local IBM representative.

The number of Tivoli Management Points (TMP) has been reduced for servers configured with Tivoli Risk Manager V3.8. This reduction of TMPs gives existing customers the opportunity to expand their Tivoli server environment by re-deploying their "excess" TMPs by installing additional Tivoli Risk Manager servers. TMPs are not transferable to other products.

At the next Tivoli Support or Passport Advantage Maintenance renewal, customers who have expanded their Tivoli environment to match the number of TMPs originally acquired, can renew support or maintenance at the same level of points they originally acquired for support. If customers choose to keep their environment static, and not utilize their "excess" TMPs, they can renew support at a reduced level of points to match the new lower points per server required. Existing customers can use the Web-based tool, available through their Tivoli Support or Passport Advantage Maintenance contract, to assess the points required for their environment. This tool is simple to use and enables scenario planning with the new points values. The new points requirements values will apply to new orders and Tivoli Support and Passport Advantage Maintenance renewals.

If you are interested in this product, or you have questions about this Value-Based Pricing Points Requirements reduction, contact your IBM Sales Specialist or IBM Business Partner.

Tivoli Value-Based Pricing Points Requirements Reduction for Tivoli Risk Manager

The number of TMP has been reduced for servers configured with Tivoli Risk Manager. This reduction of TMPs gives existing customers the opportunity to expand their Tivoli server environment by re-deploying their "excess" TMPs by installing additional Tivoli Risk Manager servers. TMPs are not transferable to other products.

At the next Tivoli Support or Passport Advantage Maintenance renewal, customers who have expanded their Tivoli environment to match the number of TMPs originally acquired, can renew support or maintenance at the same level of points they originally acquired for support. If customers choose to keep their environment static, and not utilize their "excess" TMPs, they can renew support at a reduced level of points to match the new lower points per server required.

Existing customers can use the Web-based tool, available through their Tivoli Support or Passport Advantage Maintenance contract, to assess the points required for their environment. This tool is simple to use and enables scenario planning with the new points values.

The new points requirements values will apply to new orders and Tivoli Support and Passport Advantage Maintenance renewals.

If you are interested in this product, or you have questions about this Value-Based Pricing Points Requirements reduction, contact your IBM Sales Specialist or IBM Business Partner.

Passport Advantage

For Passport Advantage and charges, contact your authorized IBM Lotus Business Partner. Additional information is also available on the Passport Advantage Web site:

Customer Financing: IBM Global Financing offers attractive financing to credit-qualified commercial and government customers and Business Partners in more than 40 countries around the world. IBM Global Financing is provided by the IBM Credit Corporation in the United States. Offerings, rates, terms, and availability may vary by country. Contact your local IBM Global Financing organization. Country organizations are listed on the Web at:

Standard Value-Based pricing information is unchanged by this announcement.

Passport Advantage

For Passport Advantage and charges, contact your IBM representative or your authorized IBM Business Partner. For additional information about the Passport Advantage offering, visit the following Web site:

Order Now

 Use Priority/Reference Code: YE001
 
 Phone:     800-IBM-CALL
 Fax:       800-2IBM-FAX
 Internet:  ibm_direct@vnet.ibm.com
 Mail:      IBM Atlanta Sales Center
            Dept. YE001
            P.O. Box 2690
            Atlanta, GA  30301-2690

You can also contact your local IBM Business Partner or IBM representative. To identify them, call 800-IBM-4YOU.

Note: Shipments will begin after the planned availability date.

Trademarks

 
RS/6000 and AIX are registered trademarks of International Business Machines Corporation in the United States or other countries or both.
 
Pentium is a registered trademark of Intel Corporation.
 
Microsoft is a trademark of Microsoft Corporation.
 
Windows NT is a registered trademark of Microsoft Corporation.
 
Tivoli is a registered trademark of International Business Machines Corporation or Tivoli Systems Inc. in the United States or other countries or both.
 
Notes is a trademark of Lotus Development Corporation.
 
Lotus is a registered trademark of Lotus Development Corporation.
 
Other company, product, and service names may be trademarks or service marks of others.