SOFTWARE: A COMPREHENSIVE SECURITY SOLUTION FOR E-BUSINESS

IBM SecureWay Integrated Security Solutions give companies a complete security package to protect their enterprise

IBM SecureWay FirstSecure is a policy-based security solution designed to protect all aspects of networking via the Internet.

As companies continue to discover the benefits of exploiting Web technologies for e-business, they have also realized some corresponding risks. The second a computer links to the Internet or even intranets and extranets, it becomes visible to a wide audience and vulnerable to the hazards associated with broad exposure. As a result, enterprise security today is more than just a characteristic of the e-business environment—it is increasingly a key enabler of e-business.

To help companies preserve the integrity, confidentiality, and invulnerability of information and applications—especially while exploiting the power of the Internet—IBM has developed the SecureWay™ Integrated Security Solutions. This comprehensive e-business security package gives companies a single-vendor offering for all the security software, hardware, and services needed when moving their businesses to the Internet. The complete, single-vendor design improves on the piecemeal or proprietary security product approach by:

• Reducing the complexity of the security implementation
• Simplifying the implementation and enforcement of a security policy
• Minimizing the total cost of secure computing
• Promoting the rapid deployment of secure e-business applications

A Safer Path to e-business

The new SecureWay Integrated Security Solutions are policy-based solutions that integrate with the OS/390 and OS/400® security schemes currently protecting enterprise data and transactions. They also accommodate the standard e-business environments—intranets, extranets, and the Internet—while addressing a wide range of critical security issues that companies face:

• Securely deploying e-business applications
• Strengthening the security of existing operations
• Integrating a security solution with a legacy IT environment
• Maximizing the potential of e-business

By addressing all of these needs, SecureWay Integrated Security Solutions can save companies from having to deal with multiple proprietary protocols and policy systems, which require the continual re-evaluation of security schemes and additional investment. Instead, the SecureWay Integrated Security Solutions for e-business unify the security elements into a single, enterprise-wide scheme to provide:

• An integration point for authentication and access control across multiple platforms
• Centralized user-access policy management and enforcement
• Availability to reduce the burdens of security on the computing infrastructure
• Administration systems to centrally manage and coordinate security elements
• A toolkit to integrate and deploy new applications securely within an enterprise

Powerful, Flexible Security Components

The SecureWay Integrated Security Solutions include SecureWay FirstSecure™, Tivoli® User Administration, Tivoli Security Management, and Tivoli ADSM. This combination of functions covers the five high-level security requirements that serve as the conceptual base for IBM's Security Architecture for e-business:

• Authorization—Protection that admits only legitimate user access to systems, data, applications, or networks
• Accountability—The facility to determine who performed any given action and which actions occurred during a specific time interval
• Assurance—The ability to demonstrate and periodically validate that the claimed level of security protection is being enforced
• Availability—The capability to keep systems, data, networks, and applications usable
• Administration—The means to define, maintain, monitor, and modify policy information

FirstSecure provides a framework to secure all aspects of networking via the Web and other networks. It also enables companies to build on their current investments with modular, interoperable offerings that can reduce the cost of conducting secure e-business. In addition, FirstSecure provides virus protection, access control, traffic content control, intrusion detection, encryption, digital certificates, firewalls, toolkits, as well as implementation and validation services.

Tivoli ADSM provides powerful backup and recovery capabilities. It enhances FirstSecure by addressing the factors that cause denial of service—helping ensure continuous operations for network services and providing the ability to recover lost or penetrated systems.

Tivoli User Administration and Tivoli Security Management help ensure that security mechanisms are being managed efficiently and effectively. These two solutions provide a simplified, single point of control by providing the mechanisms to manage a complex security environment. Available functions address security policy, identities, privileges, and auditing for both users and programs in the UNIX®, Windows NT, OS/390, OS/400, Novell® NetWare®, and Lotus Notes® environments.

Rapid, Secure e-business Deployment

In addition to offering its Integrated Security Solutions, IBM also provides a variety of services to help companies balance risk reduction with security costs. By effectively decreasing risk, reducing complexity, and helping lower the cost of secure computing, IBM SecureWay Integrated Security Solutions can remove many of the barriers that keep companies from fully exploiting the potential of the Internet. As a result, these solutions can help companies deploy powerful Web applications quickly and securely—setting the stage for e-business opportunities today.

IBM Launches SecureWay FirstSecure

One of the core modules of the IBM Integrated Security Solutions is IBM SecureWay FirstSecure, which features powerful policy management capabilities. The key security functions within FirstSecure—intrusion immunity, public key infrastructure, secure business server, and toolkit—are organized around a policy director that defines, administers, and serves security policy while acting as an access control manager for Web applications and resources. In addition to controlling the security activities among the other FirstSecure components, the policy director can optionally interact with a higher level enterprise management control point. Through notifications from and directions to the other parts of FirstSecure, the policy director enables comprehensive policy-based responses to events such as intrusions, firewall alerts, and anti-virus detection. FirstSecure's intrusion immunity capabilities focus on detecting and reacting to security problems. Intrusion immunity integrates with the policy director by accepting or requesting component policy and sending security alerts and events. For example, if an alert comes in, the policy director records the alert and initiates a response to handle the situation. Depending on the alert, the response could be to shut down access to a particular resource, to reroute access to a data set to obtain more information on the intruder, or to perform a virus sweep on the affected area. For public key infrastructure, the focus is on certificate authentication, secured communications, and validation of signed policy. For the secure business server, the policy director combines access control with the gateway functions of a firewall and firewall content filters. The policy director also sends out changes to affected areas of the system. The toolkit, which enables companies to build and deploy secure applications within their enterprise, includes APIs for policy management. For more information about SecureWay FirstSecure, visit http://www.ibm.com/software/security/firstsecure.

For More Information

Visit:
http://www.ibm.com/security