| |
Threats come from a variety of sources. Insider threats, as well as malicious hackers, are not only difficult to detect and prevent, but many times the authors of these threats are using resources without anybody being aware that those threats are there. Threats would not be harmful if there were no vulnerabilities that could be exploited. With IT environments becoming more complex every day, the challenges to keep an eye on all potential weaknesses are skyrocketing.
Smart methods to detect threats and vulnerabilities, as well as highly efficient approaches to analysis, mitigation, and remediation, become necessary to counter a growing number of attacks against networks, servers, and endpoints in every organization.
In this IBMa® Redbooksa® publication, we examine the aspects of the holistic Threat and Vulnerability Management component in the Network, Server and Endpoint domain of the IBM Security Framework. We explain the comprehensive solution approach, identify business drivers and issues, and derive corresponding functional and technical requirements, which enables us to choose and create matching security solutions.
We discuss IBM Security Solutions for Network, Server and Endpoint to effectively counter threats and attacks using a range of protection technologies and service offerings. Using two customer scenarios, we apply the solution design approach and show how to address the customer requirements by identifying the corresponding IBM service and software products.
About the Authors
Axel Buecker is a Certified Consulting Software IT Specialist at the International Technical Support Organization, Austin Center. He writes extensively and teaches IBM classes worldwide on areas of Software Security Architecture and Network Computing Technologies. He holds a degree in computer science from the University of Bremen, Germany. He has 24 years of experience in a variety of areas related to Workstation and Systems Management, Network Computing, and e-business Solutions. Before joining the ITSO in March 2000, Axel worked for IBM in Germany as a Senior IT Specialist in Software Security Architecture.
Kent Browne is a Worldwide Principal Security Architect for IBM Security Solutions. With more than two decades of experience in networking and security, Kent is one of those responsible for the technical vision and architecture of security solutions, and is regarded as an expert in technical subject matter for the IBM Internet Security Systems protection solution suite. He is also well versed in physical security infrastructure and strategy, and is asked to speak regularly on the convergence between physical and logical (network) security. Kent has spoken at leading industry events, such as RSA, Interop, InfoSec, Bicsi, ISC, Infragard, ISACA, and The Conference Board. He has been a featured guest on television (BBC, RAI, ABC News, Silicon Spin, and so on), radio, and in magazines (Computer World, Business News, New York Times, Wired, and so on) to name a few. Kent received a Bachelors Degree in Business Management/Marketing, Summa Cum Laude, from American Intercontinental University. He has been a penetration tester for the public and private sector, and uses this unique view of security to help others better understand the taxonomy of an attack and the strategies to prevent it.
Louis Foss is an Executive IT Architect supporting US federal customers that use IBM Software and IBM Security Solutions. Lou has 25 years of experience in the IT Industry and worked 18 years as an IT Specialist and Solutions Architect in a multitude of different roles, and projects, across the commercial and federal industries. Lou holds a Bachelor of Science degree in Computer Networking and a Master of Science degree in E-Commerce with a graduate certificate in Information Assurance from the University of Maryland University College. Lou is both a Certified Information Systems Security Professional (CISSP) and a VMware Certified Professional (VCP).
Jaco Jacobs is a Security and Privacy Consultant and Architect in the IBM Global Technology Services Middle East and Africa Technical Practice, where he delivers a wide variety of IBM Information Security services and solutions throughout the Middle East and Africa. He is a Certified Information Systems Security Professional and holds numerous Information Security Certifications. He has been a practicing Information Security Professional since 1998 with extensive experience in Vulnerability Management, Compliance Management, Incident and Event Management, and Intrusion Management across the Network, Server and Endpoint domain.
Vladimir Jeremic is a Security Enablement Instructor for the IBM Security Solutions portfolio. He primarily focuses on IBM Security Solutions for Network, Server and Endpoint (formerly known as the IBM Internet Security Systems (IBM ISS) portfolio). He has experience in designing, developing, and delivering learning materials. Vladimir also worked for many years as a Certified Security Managing Consultant with the IBM Global Services team, where he focused on architecture and implementation of the IBM Tivolia® Security portfolio. He has over ten years of experience in the IT field related to security, networking, and programming. He is Tivoli Certified Professional, IBM Certified Consultant, and he holds a Bachelor of Science degree in Electrical Engineering from the University of Novi Sad, in Serbia.
Carsten Lorenz is a certified Senior Managing Consultant at IBM UK and leads a team of security solution consultants and architects. He is responsible for managing, reviewing, and approving security solutions for large and complex IT infrastructure and business process outsourcing engagements for customers throughout Europe, the Middle East, and Africa. Carsten is involved in projects about IBM Security strategy and is currently engaged in the further advancement of the IBM Security Framework and the IBM Security Blueprint. With more than 10 years of experience in the security and compliance field, Carsten specializes in the areas of Security Governance, IT Risk Assessment, Compliance Management, Ethical Hacking, and Operational Risk Management. During his career, Carsten has engaged in consulting engagements with IBM customers in various industries, ranging from Fortune 500 companies to SMBs. Carsten is a CISSP, a CISA, and a CISM, and holds a Bachelors degree in European Studies from the University of Wolverhamption, UK, and a Masters degree in Business Science from the University of Trier, Germany.
Craig Stabler graduated from Heriot-Watt University in Edinburgh, Scotland in 1989 with a Master of Engineering (MEng) degree. Since graduating, Craig has built up his expertise in a number of European countries (UK, France, Benelux, and several East European countries) while working for various international data networking and security vendors, including Spider Systems, Shiva, Nortel, Internet Security Systems, and IBM. Craig has a keen interest in data security and completed his CISSP certification in 2009, which followed a CCNA certification that he completed in 2003. Craig was a member of the IBM Security X-Forcea® Research and Development Organization (X-Force) Roadshow team that presented in various European countries in 2007. Craig also presented the X-Force 24 hour vulnerability to malware life cycle presentation at the ITWeb Security Summit in South Africa in May 2007.
Joris Van Herzele is an IT Specialist based in Brussels who provides research, design, and evaluation analysis for IBM Managed Security Services. He is a Certified Information Systems Security Professional with 10 years of experience in the network and security field and is a subject matter expert on threat management. Prior to his current role, Joris taught classes in the EMEA region through X-Force education services, and was a technical pre-sales engineer advocating the comprehensive product portfolio of IBM Security Solutions.isbn-9789350233665
|