IBM Skip to main content
spacer
spacer spacer
     Home  |  Products & services  |  Support & downloads  |  My account
IBM : Software : Networking and Communications : Library : SecureWay Connection
-----


IBM SecureWay FirstSecure V2 Enhances e-business Protection

IBM’s centrally managed security software integrates new functions to provide even higher levels of security

rope

IBM has enhanced its powerful SecureWay FirstSecure e-business security software, an integrated set of security components that enable companies to easily identify and authorize user access from a central point. In early 1999, IBM introduced FirstSecure as the vision of how it plans to combine existing IBM products and technologies—along with those from other security vendors—to help companies securely deploy e-business applications and strengthen the security of existing applications. Now, FirstSecure Version 2 advances this open framework to centrally integrate additional FirstSecure components around the Policy Director.

The Customer’s Viewpoint
FirstSecure provides a comprehensive framework to help companies secure all aspects of networking via the Web and other networks, while helping them build on their current investments with modular, interoperable offerings that help minimize the total cost of conducting secure e-business. FirstSecure provides virus protection, access control, traffic content control, intrusion detection, encryption, digital certificates, firewalls, toolboxes, and implementation services.

IKON(sm) Office Solutions, Inc., one of the world’s leading office technology companies, relies on FirstSecure to protect its Web-enabled network. The company also resells FirstSecure to its customers.

"In order to win in today’s marketplace, we’re going to have to prove that the Internet is a secure place to work," says Steve Harber, brand manager, IKON Technology Services. "And that’s why we’ve teamed with IBM and the FirstSecure product line. FirstSecure—the name says it all—it’s a security blanket."

A Comprehensive Security Solution

IBM SecureWay Software is a comprehensive family of products that provide a secure network platform for running e-business applications in multiplatform environments. SecureWay Software is designed to help e-businesses locate resources—such as people, information, and applications—in the network; connect customers, partners, and employees to those resources across diverse systems; and address the concern of how to secure applications, communications, data, and transactions.

The core security product of SecureWay Software is FirstSecure, the industry’s first end-to-end security solution for e-business. With the introduction of FirstSecure, IBM was one of the first vendors to provide a centrally managed, permissions-based security system that combines strong authorization and authentication of users. With policy definition and enforcement, FirstSecure helps companies protect, detect, and direct network traffic for a more secure e-business environment. As a result, companies can significantly reduce the cost and complexity of implementing IT security in large enterprises.

The key security functions within FirstSecure—intrusion immunity, Public Key Infrastructure (PKI), secure business server, and toolbox—are organized around a Policy Director that defines, administers, and serves security policy while acting as an access control manager for Web applications and resources. In addition to controlling the security activities among the other FirstSecure components, the Policy Director enables comprehensive policy-based responses to events such as intrusions, firewall alerts, and anti-virus detection.

FirstSecure’s intrusion immunity capabilities focus on detecting and reacting to security problems. Intrusion immunity integrates with the Policy Director by accepting or requesting component policy and sending security alerts and events. For PKI, the focus is on certificate authentication, secured communications, and validation of signed policy. The toolbox, which enables companies to build and deploy secure applications within their enterprise, includes APIs for policy management. FirstSecure runs on AIX® and Windows NT®.

IBM Integrated Security Offerings at a Glance
SecureWay FirstSecure is a key component of the IBM integrated security offerings that are designed to meet the critical requirements of security, availability, and manageability for e-business.

In addition to FirstSecure, the IBM integrated security offerings include Tivoli User Administration, Tivoli Security Management, and Tivoli Storage Management (formerly ADSM). These offerings, along with comprehensive FirstSecure Implementation Services, address a full range of security requirements for e-business:

  • Authorization —Protection that admits only legitimate user access to systems, data, applications, or networks
  • Accountability —The facility to determine who performed any given action and which actions occurred during a specific time interval
  • Assurance —The ability to demonstrate and periodically validate that the claimed level of security protection is being enforced
  • Availability —The capability to keep systems, data, networks, and applications usable
  • Administration —The means to define, maintain, monitor, and modify policy information

    By reducing risk, simplifying complexity, and lowering costs, these comprehensive security solutions provide the critical elements that enable a company’s successful e-business transformation.

    • Version 2 Enhancements for Improved Security

    With the new Version 2 enhancements available today, FirstSecure provides an even better—and more highly integrated—security solution for safeguarding business information. To help companies overcome their ever-increasing security concerns, FirstSecure uniquely addresses the entire company infrastructure by protecting Web-based activities and client/server and host environments. Because FirstSecure is a comprehensive solution based on industry standards, it also enables maximum interoperability with other products.

    Key enhancements to FirstSecure Version 2 include:

    • A standards-based Internet infrastructure—Enhancements to the SecureWay Policy Director integrate support for the Lightweight Directory Access Protocol (LDAP) and the PKI X.509 standard, simplifying centralized administration and enhancing portability.
    • An intrusion detection offering—Tivoli® Cross-Site for Security detects, logs, and responds to unauthorized activities in real time, enhancing the reliability and availability of applications and the network.
    • A PKI offering—With the inclusion of SecureWay Trust Authority, FirstSecure now supports PKI, which issues and manages digital certificates for two-way authentication and non-repudiation. This enhancement creates a trusted and open e-business framework for critical internal and external applications.
    • A more powerful SecureWay Boundary Server—This feature provides more comprehensive monitoring of network perimeter security to detect unauthorized access.
    • An improved SecureWay Toolbox—The updated toolbox enables the development of secure e-business applications that are integrated with FirstSecure, including Trust Authority certificates and Policy Director queries for authorization decisions.
    • An expanded implementation service—More comprehensive service capabilities help companies leverage FirstSecure’s enhancements more effectively.

    For more information
    Visit www.ibm.com/software/security/firstsecure


    | IBM Networking Home Page | Contents of This Issue | Next Article | Find a Different Issue |

    © International Business Machines Corporation 1999
    All rights reserved
    November 1999
    Privacy spacer Legal spacer Contact spacer
    spacer spacer spacer spacer spacer spacer
    spacer
    spacer