IBM Releases New Security Software

IBM has announced new security software that secures networks by automatically detecting and managing security threats as they happen, rather than after the damage is done.

The new software -- IBM Tivoli Security Operations Manager -- will be the company's first product to incorporate technology from IBM's acquisition of Micromuse, and comes only five months after the acquisition closed in February 2006. The software expands on the capabilities of the Neusecure product, which was recently positioned in the leaders quadrant in the Gartner Magic Quadrant for Security Information and Event Management.

By integrating network, security, identity and systems management, IBM Tivoli Security Operations Manager can minimize how computer networks are affected by computer worms, which are a growing scourge. A single worm could potentially cause $50 billion of worldwide damage, according to the International Computer Science Institute.

The IBM software automates how security data is collected and analyzed across an IT infrastructure and prioritizes security incidents via a real-time dashboard. This cuts a company's response time from minutes to milliseconds and can make it less expensive for IT outsourcers, ISPs and corporations to maintain secure, available networks.

The software can help IT outsourcers and telecom service providers deliver more reliable service to their customers. Not only can the software monitor how security incidents impact the network's health; network performance can be measured against service level agreements signed with their customers.

Companies can also use the software to monitor security controls in accordance with compliance initiatives such as Sarbanes-Oxley, Basel II, ISO17799 and CoBIT (Control Objectives for Information and related Technology), an industry framework for controlling and governing the use of technology.

IBM Tivoli Security Operations Manager lets companies automatically monitor security controls and show their level of effectiveness through real-time and historical reporting. The software offers a variety of rule and report templates that make it easier to monitor and report on security controls. Integration with different security, system and network devices, such as firewalls and host intrusion detection systems, enables the software to generate reports around audit-worthy security event details.

Tivoli Security Operations Manager integrates with network and systems management from Netcool Omnibus and Tivoli Enterprise Console -- especially to simplify workflow and communications between security and the rest of the IT organization. The software's ability to pull security data from Netcool Omnibus enables companies to monitor security incidents tied to the growing adoption of voice, video and data over IP being delivered by service providers.

Tivoli Security Operations Manager derives other security features from Tivoli Identity Manager and Tivoli Access Manager, helping companies enforce internal security policies and detect foul play by employees and contractors. Insider attacks such as identity theft, whether perpetrated by employees or contractors, typically require access to sensitive systems. This user account and access information is managed by Tivoli Access Manager and Tivoli Identity Manager, and leveraged by Tivoli Security Operations Manager for proactive assessment of security threats.

Posted by Jon Erickson at 09:26 AM  Permalink