Threats come from a unique variety of sources. Insider threats, as well as malicious hackers are not only difficult to detect and prevent, but many times they have been using resources without the business even aware they are there. This IBM Redbooks deliverable describes the various threats and how to prevent them through a distributed array of protection technologies and services. We take a closer look at preemptive security that is designed to stop Internet threats before they can impact networks. We also explore technologies that can help complement threat mitigation techniques such as identity management solutions as well as network mapping tools and behavior techniques. This book is a valuable resource for senior officers, architects as well as C level executives who want to understand and implement enterprise security following architectural guidelines.

Network and resource availability is critical to business and service assurance, but organizations can lose millions of dollars per year as a result of malware that brings down corporate resources. Thus, information security is one of the top concerns of every CIO. To maximize resource and service availability and to protect valuable information, information security teams must be able to recognize and handle security incidents quickly, enforce security policies, and support audit and compliance initiatives. The problem is that each of these activities involves security data that resides throughout the organization. Enterprises and service providers must access and analyze time sensitive data quickly and efficiently. In today's complex multi-vendor environment, you must take advantage of an automated and integrated solution. In response to these challenges, the IBM® Tivoli® Security Operations Manager, a SIEM platform improves the effectiveness, efficiency, and visibility of security operations and information risk management. This IBM Redbooks® publication helps you design and create a solution. This book is a valuable resource for security officers, administrators, and architects who want to understand and implement a SIEM system.

This IBM Redbooks publication provides solution designers and architects with a comprehensive view of the security services they can exploit on z/OS, whether their application is hosted by z/OS or by another platform. It also discusses, at a high level, the Tivoli products that team with mainframe security services to provide flexible and extensible security architectures that fit On Demand infrastructure requirements, because implementing optimum solution-based security requires extensive knowledge of what security services and APIs provide on the platforms for which you are developing the solution. The book briefly describes data processing security concepts, with a focus on the problems that enterprises face today because of the heterogeneous nature of their platforms and technologies, and the requirement to progress towards an On Demand environment. Next, it explains the security services and APIs that are provided on z/OS, with respect to the security concepts they implement and their seamless integration into distributed environments, as building blocks for optimal solution-based security. This analysis is examined from the perspective of both z/OS solutions and non-z/OS hosted solutions, because non-z/OS hosted solutions can exploit the remote security services that z/OS offers. High level explanations and exploitation considerations are provided for z/OS RACF, LDAP server, Kerberos and PKI support, z/OS Communications Server-specific features (such as embedded IP filtering, IPSec VPNs, and application-t

This IBM Redbooks publication reviews the overall Tivoli Enterprise Security Architecture. It focuses on the integration of audit and compliance, access control, identity management, and federation throughout extensive e-business enterprise implementations. The available security product diversity in the marketplace challenges everyone in charge of designing single secure solutions or an overall enterprise security architecture. With Access Manager, Identity Manager, Federated Identity Manager, Security Compliance Manager, Security Operations Manager, Directory Server, and Directory Integrator, Tivoli offers a complete set of products designed to address these challenges. This book describes the major logical and physical components of each of the Tivoli products. It also depicts several e-business scenarios with different security challenges and requirements. By matching the desired Tivoli security product criteria, this publication describes the appropriate security implementations that meet the targeted requirements. This book is a valuable resource for security officers, administrators, and architects who want to understand and implement enterprise security following architectural guidelines.

Today's computing environment is subject to increasing regulatory pressures and potentially malicious attacks. Regulatory compliance, security, and audit are in the daily headlines and growing more prominent.The security of the information to which you have been entrusted has never been more critical. The reality of compliance is too complex. Compliance demands that you work carefully to set up a strong, comprehensive set of policies and controls. That means controls that consider operational data, financial data, unstructured data, spreadsheets, e-mail, and business intelligence data. We have a responsibility to secure all business data and especially sensitive customer data. Security can be difficult to manage. IBM DB2 for z/OS already resides on one of the most secure platforms in the industry. IBM System z servers are routinely used by enterprises around the world to support their mission-critical applications. The mainframe's strengths in security stem in part from its history of supporting sensitive data for large enterprises, resulting in security features being built into its design for many decades. It also benefits from a system-wide approach with security capabilities built into the hardware, operating systems, databases, key middleware and more. Its highly evolved layers and security management components give it a fundamental advantage over other systems.