IBM Delivers Autonomic Security Management Software
September 30, 2002
IBM announced new software designed to integrate products and correlate security information across the enterprise that may result in an automated, self-protecting management system that helps increase security and reduce administrative costs.
IBM is delivering new autonomic features in the latest version of its security management software, IBM Tivoli Risk Manager 4.1, including a self-protecting "heartbeat" function that proactively notifies administrators of potential failures in the security infrastructure and promises real-time views of network topology to pinpoint security threats, automated security patch deployment, and broader interoperability with leading third-party security products.
With new interoperability with Enterasys Networks' Dragon Intrusion Detection System, Sanctum AppShield and Tripwire for Servers should extend the self-protecting capabilities of Big Blue's security management software to leading Web application firewalls and data integrity software, as well as broaden support for intrusion detection systems. Tivoli Risk Manager is designed to automatically correlate security events, provide attack response, and proactively analyze the state of these technologies and about 50 technologies from other vendors across the enterprise that affect security.
According to IBM, with this release administrators will have more tools to get to the root of security problems. For example, Tivoli Risk Manager's new heartbeat function may provide an early indication of possible failures in the security infrastructure so administrators can take proactive action. The software sends events throughout its architecture to say that the system is alive and well. If the server does not receive an event from the client, an alert is displayed on the management console and administrators are notified that a problem might occur-much like the human brain keeping tabs on the body's own heartbeat functions.
In addition, Tivoli Risk Manager now comes pre-integrated and pre-packaged with IBM Tivoli NetView, which should provide more detailed topology views across the enterprise and faster identification of root causes of security incidents. Integration with the Tivoli Data Warehouse should also provide forensics, trend analysis, historical reporting and security service level information.
Tivoli Risk Manager also includes new features to help enterprises automate the process of deploying critical security updates and patches.
Tivoli Risk Manager already supports technology products from vendors such as: Apache Software Foundation, Argus Systems Group, Check Point Software Technologies, Cisco Systems, ClickNet Security Technologies, Gilian Technologies, IBM, Internet Security Systems (ISS), Lockstep Systems, Microsoft Corp., Network Associates, NFR Security, Red Hat, Secure Computing, Sun Microsystems, Symantec, ZoneLabs and more.