Network security event management (SEM) solutions offer vulnerability management, intrusion detection and prevention, anomaly detection services, and event correlation analysis. These solutions are recognized as must-have technology to protect the enterprise from outside threats. The IBM ISS Proventia family of products integrates these services under one console to centralize the management of real-time security events. Used by over 12,000 customers worldwide, ISS offerings have a proven track of protecting the IT infrastructure. But external threats are not the only class of security vulnerabilities that require your attention. 

Information misuse from trusted internal users who have broad access privileges across your environment won’t trigger alerts from an SEM solution. According to Forrester research and IdM Trends 2006, 87 percent of internal security incidents are caused by authorized or technical (expert) users. Regardless of whether the breach is malicious or unintentional, it is estimated that these internal security breaches cost U.S. companies $400 billion per year. As a result, auditors are now asking for greater levels of control and oversight than can be addressed with traditional real-time, network-centric SEM solutions.

Tivoli Compliance Insight Management solution broadens your level of oversight by collecting security event logs from a wider range of sources to give you a complete picture of user activity across all of your systems. It incorporates network security event logs, as well as syslogs and audit logs from heterogeneous operating systems, and application logs from authentication servers, mail servers, web servers, SAP, DB2, SQL and Oracle. Insight gives you true enterprise event auditing and archive management capabilities, offering a complete picture of who has access to what, on what, when, where, where from, and to where. In addition to its superior security information management (SIM) capabilities, the Insight solution is packaged with compliance management modules that can help you determine your level of compliance with respect to the SOX, PCI, HIPAA and ISO17790 standards.  

To improve your security controls and compliance for System z, Tivoli has also introduced zSecure, a complete System z security and threat management solution that integrates policy management, policy auditing and security event reporting with RACF security administrative processes. zSecure gives you control over the RACF environment so even internal privileged users can not make inadvertent changes which would violate your security policies. zSecure extends the security events logged for administrative activities so you can have more complete oversight of the System z security process from the Compliance Insight Management solution.

For more information about security solutions, please contact Tim Nicolaou at 512-363-5683 or e-mail him This email address is being protected from spam bots, you need Javascript enabled to view it .