Your own security intelligence

IBM QRadar SIEM

 

Today's corporate networks are under constant cyber attacks using different paths to gain access to your network. To monitor all attack vectors, information (logs) must be gathered from core network infrastructure components to react and mediate the attack as fast as possible, 24/7.

 

How many core network components like routers, switches, firewall, servers,... do you have in your network?

How many security analysts are analyzing your network devices logs output 24/7? Using QRadar you can monitor all your endpoints to create more visibility and react fast to attacks happening on your network.

QRadar collects all log information from all devices and use behavior analytics to respond if a threat is occuring. The security analyst can react based on offences created by QRadar and take appropriate action. Or even more! If QRadar can communicate with the core network devices the remediation can be done automatically and the blocked attack can be reviewed by the security analyst.

IBM QRadar: The Intelligent SIEM

Discover ShadowIT with QRadar

Reasons to use QRadar:

  • Instant visibility in your network
  • Corrilate log data and bare data packets up to layer 7 to get a maximum level of detail
  • Use historical corrilation to compare live data in combination with historical events to detect anomalies
  • Connect your QRadar to any other IBM security product to increase functionality level
  • Use user behavior analytics to monitor the internal users
  • Connect any device or software that can send logs
  • Use the IBM X-Force exchange to get the latest updates on current botnets, C&C servers,...
  • Create or use predefined rules to act on network attacks

QRadar components

 

All QRadar components can be configured in a high availability deployment or scaling in multiple geo locations

  • QRadar All-in-one appliance
  • QRadar All-in-one virtual appliance
  • QRadar event processor appliance
  • QRadar event collector appliance
  • QRadar flow processor appliance
  • QRadar Flow collector appliance
  • QRadar Vulnerability manager
  • QRadar incident forensics
  • QRadar risk manager
  • QRadar network insights
 

Identity and Access management

 

Identity and access management is a response to the huge growth in accessibility and exchange of information across and between organisations. Barriers have come down and users expect easy access to information with a minimum of administrative overhead and maximum ease of use.

 

The network perimeter, once the primary protection of organizational assets, is vanishing because of this increasing interaction with partners, resources and stakeholders spread all over the globe.

 

Providing easy access to centrally or commonly stored information on this much broader level severely tests traditional centralised access control methods and processes to the point where a complete change of approach is required just to cope. Balancing increased accessibility and reduced overheads with the need to enhance security levels is what makes the challenge.

 
 

The IBM Identity Access Assurance software pack exists of three main products:

  • IBM Security Identity and Access Manager
  • IBM Security Identity Governance & Intelligence
 

Identity and access manager

IBM security access manager

 

IBM Security Access Manager enables businesses to more securely adopt web, mobile, and cloud technologies and simplifies user access management for employees and consumers.

It simplifies and secures user experiences with single sign-on across applications and protects critical assets using strong multi-factor authentication and risk-based access. It also enables the mobile enterprise with mobile access control policies that integrate with mobile device management, mobile application development and malware detection solutions. Furthermore, it helps bridge the access control gap between on-premise and cloud environments.

This highly scalable and configurable access management solution is available as a virtual or hardware appliance. The appliance form factor is not only easy-to-deploy-and- manage but also provides faster time-to-value and reduces total-cost-of-ownership.

IBM Security Access Manager integrated appliance is designed to:

Manage Access in the world of Hybrid Cloud

ISAM CLOUD
  • Quickly establish single sign-on connections to popular SaaS applications
  • More easily create custom application connectors with Do-It-Yourself federations based on SAML 2.0 standard
  • Deliver single sign-on to enterprise applications and support user identity propagation in hybrid cloud application interactions
  • Simplified deployment and management with appliance-based packaging is suitable for small-to-medium size businesses and scalable for large enterprises

Remove barriers to mobile productivity

Mobile Productivity
  • Allows users to easily access enterprise resources with minimal authentication friction
  • Utilizes existing access management infrastructure to prevent the need for application changes while enabling access from mobile devices
  • Enhance productivity and user experience with device-level single sign-on to enterprise resources from MaaS360 managed devices

Provide risk-aware access security for mobile apps and APIs

riskawresecurity
  • Dynamically assess risk associated with mobile app access using contextual information about the device, user, environment, resource, malware, device management status and past user behavior
  • Strong and multi-factor authentication capabilities protect critical sensitive assets depending on the risk context
  • Audit or block fraudulent and high-risk transactions from infected devices without modifying backend applications

Cloud based SSO

IBM Cloud Identity Connect

 

Log in with Single Sign-on

Eliminate username and password hassles. Sign into all your applications with a single set of login credentials, allowing one-click access to browser, mobile and on-premises applications.

Easily Connect to 1000's of Apps with Connectors

Easily connect to thousands of cloud applications through pre-built connectors or generic templates, to speed up business adoption of new applications.

Find Apps Easily with Application Launchpad

Conveniently find, view, and access all your applications from a central location. A launchpad that unifies all apps, both on-premises and in the cloud.

Enable User Lifecycle Management

Streamline user onboarding, off boarding, and self-service access request policies for both on-premise and cloud applications.

Integrate Seamlessly with IBM Security Access Manager

One-click activation allows IBM Security Access Manager (ISAM) users instant access to IBM Cloud Identity.

IBM Demo: Simplified Employee Access to Cloud Apps through SSO and Launchpad

Cloud based Multi-Factor authentication

IBM Cloud Identity Verify

 

Enhance Security with Multi-Factor Authentication

Enhance security and meet compliance mandates with custom authentication policies. Infuse multiple user authentication methods for stronger security with IBM Verify.

Embed MFA into Consumer or Citizen-Facing Applications

Give developers the toolkits to quickly integrate the latest authentication methods into new applications.

Integrate Seamlessly with IBM Security Access Manager

One-click activation allows IBM Security Access Manager (ISAM) users instant access to IBM Cloud Identity.

IBM Demo: Enhance security with easy multi-factor authentication

IBM Demo: View Cloud Application Usage From A Single Dashboard

Privileged Access Management

IBM Secret Server

 

Keep your privileged accounts safe with a faster and easier solution for Privileged Access Management. Managing privileges throughout their life cycle can be extremely challenging. Setting up, rotating, removing and monitoring passwords takes time and effort. With IBM Security Secret Server, you’ll automate these actions and manage privileges with policy-based controls.

IBM Secret Server protects privileged accounts from hackers and insider threats, helps ensure compliance with evolving regulations, and allows authorized employees to seamlessly gain access to the tools and information they need to drive productivity.

Secret server demo: discover your privileged accounts

With IBM Secret Server you can:

  • Keep sensitive credentials secure
  • Automate account management
  • Meet compliance mandates
  • Know exacly who has access to key systems
  • Rapid time-to-value with quick deployment and robust APIs

IBM Demo: Secure & Manage Your Privileged Accounts

IBM Demo: Monitor Your Privileged Accounts

Your identity governance solution

ISIGI

 

ISIGI is a network appliance-based integrated identity governance solution. This solution employs business-centric rules, activities, and processes. It empowers line-of-business managers, auditors, and risk managers to govern access and evaluate regulatory compliance across enterprise applications and services.

Identity Governance and Intelligence offers:

  • A single identity governance foundation platform to help organizations understand, control, and make business decisions that are related to user access and access risks.
  • A business-activity-based approach to facilitate communication between auditors and IT staff and to help determine segregation of duties violations across enterprise applications, including SAP.
  • Better visibility and user access control through consolidating access entitlements from target applications and employing sophisticated algorithms for role mining, modelling, and optimization.
  • User lifecycle management including provisioning and workflow capabilities, along with integration with IBM Security Identity Manager and third-party tools.
  • Access request management that delivers easier-to-implement, business-friendly, self-service access request functions.
  • Target integration that automates the process of data collection and fulfilment provisioning of identity and access from distributed target systems.
  • Persona-based dashboards that help with tasks prioritization.
  • Option to authenticate users from an external user registry to the Local Management Interface.
  • Options for using the applicable FIPS 140-2 specifications.

Organizations seek a business-driven approach to identity governance

Identity and Governance Evolution

ISIGI provides analytical capabilities beyond what can be done with traditional identity management solutions alone beyond provisioning engine, that enable organizations to address compliance issues and the requirements of auditors. ISIGI main features, in addition to target systems management, are:

  • Role lifecycle management using advanced graphical role mining
  • Risk control modeling using a business activities approach to allow LOB manager to manage user access
  • Five types of certification campaigns and complete campaign reporting
  • Access Governance Core (AGC) is the administrative hub of Identity Governance and Intelligence
  • AGC grants access to administrative function though administrative roles that are highly configurable
  • Access for any role can be limited by scope. Scope can be applied to an entire role or to limit where specific individuals can exercise a particular role for example by organizational unit or by application
  • Any user attribute that is stored in the data may be used to assign scope, either by itself or combined in a polyarchy with other attributes

About identity governance & intelligence

Identity and Governance intelligence

The IGI solution provides customers with a powerful provisioning engine and self-service capabilities. This allows customers to manage their employees, contractors and external parties identities in a cost effective and automated way.

Beside from provisioning and role management, the solution gives insights of potential security risks related to people’s access. Often it is difficult to find out exactly what permissions people have. The IBM solution will help you getting a clear insight.

Advantages of the IGI solution:

Identity and access management has typically been seen as a traditional IT operational process becoming an increasingly important security measure due to increasing, regulatory requirements that are more and more relevant than in the past.

  • Role undependent
  • Identity and access governance
  • Deep integration with SAP SoD rules
    • SoD rules for SAP and non-SAP applications
  • Integrate access request with service desk
    • Integrate access policy validations into service desk portals for seamless and secure end-user experience.
  • Advanced analytics and reporting capabilities

Protect your data

IBM Guardium

 

Provides a full range of capabilities, from discovery and classification of sensitive data to vulnerability assessment to data and file activity monitoring to masking, encryption, blocking, alerting and quarantining to protect sensitive data. It helps secure sensitive data across a full range of environments, from databases to big data, cloud, file systems and more.