Deployment Guide Series: IBM Tivoli Security Compliance Manager

The process that ensures that the security policies and standards of a company are adhered to is called compliance management. It requires the ability to report on the current compliance status of the security controls of any installed system and to react to any observed deviations. Most businesses today heavily rely on their IT systems, and damage incurred to their critical systems through downtime can force a company out of business. It is a good business practice to minimize the risk to IT systems in proportion to their importance to the business. The factors that influence how much compliance you need can be based on economical, technological, regulatory, or legal reasons.

This IBM Redbook discusses the business context for security compliance management. It introduces the logical and physical components of Tivoli's solution offering. We explain the planning steps and describe how to deploy IBM Tivoli Security Compliance Manager (ITSCM) Version 5.1 in a banking environment and how to integrate it with IBM Tivoli Access Manager and IBM Tivoli Risk Manager.

This book is a valuable resource for security administrators and architects who wish to understand and implement a centralized security infrastructure.

Part 1. Architecture and design
Chapter 1. Business context for security compliance management
Chapter 2. Tivoli Security Compliance Manager design and structure
Chapter 3. Architecting a Security Compliance Management solution
Part 2. Customer environment
Chapter 4. Armando Brothers Banking Corp.
Chapter 5. Security Compliance Manager design
Chapter 6. Technical implementation
Appendix A. Developing a custom collector
Appendix B. Introducing the Security Vulnerability Index
Appendix C. Additional material

• The POWER4 Processor Introduction and Tuning Guide, SG24-7041-00
• VM/ESA Network Computing with Java and NetRexx, SG24-5148-00
• Porting Applications to the OpenEdition MVS Platform, GG24-4473-00

Publish Date
11 August 2005

Rating: Not yet rated

Rate this book

Author(s)

Axel Buecker is a Certified Consulting Software IT Specialist at the International Technical Support Organization, Austin Center. He writes extensively and teaches IBM classes worldwide on areas of Software Security Architecture and Network Computing Technologies. He holds a degree in Computer Science from the University of Bremen, Germany. He has 18 years of experience in a variety of areas related to Workstation and Systems Management, Network Computing, and e-business Solutions. Before joining the ITSO in March 2000, Axel worked for IBM in Germany as a Senior IT Specialist in Software Security Architecture.

• Axel Buecker

Hendrik H. Fulda is a certified IT Strategy Consultant and currently holds a position as Managing Consultant in IBM Strategic Outsourcing. Having performed several engagements identifying information security risks and applying processes and technology to improve security, Hendrik has a strong background in Information Security and Security Architecture. He has published on the topic of e-business security and is a frequent speaker at industry conferences around Europe. Hendrik is a teacher of the IBM Method for Architecting Secure Solutions and holds an ISACA.org credential as a Certified Information Security Manager. Hendrik joined IBM in 1998 and lives in Hamburg, Germany.

• Hendrik H. Fulda

Dieter Riexinger is a Certified IT Security Architect in IBM Germany. He holds a degree in Computer Science from the University of Mannheim, Germany. He has more than 13 years of experience mainly in Networking and IT Security disciplines. His areas of expertise include User Management, IBM Tivoli Access Manager, and IBM Tivoli Security Compliance Manager. Dieter has managed various design and architecture engagements for complex IT infrastructures.

• Dieter Riexinger

ISBN

0738490067

IBM Form Number
SG24-6450-00

Number of pages
208