Securing Data on Threat Detection Using IBM Spectrum Scale and IBM QRadar: An Enhanced Cyber Resiliency Solution
An IBM Redpaper publication
Published 18 May 2020
IBM Form #: REDP-5560-01
Rate and comment
Authors: Boudhayan Chakrabarty, Ashish Kothekar, Praphullachandra Mujumdar, Smita Raut, Sandeep Patil, Digvijay Ukirde
Having appropriate storage for hosting business-critical data and advanced Security Information and Event Management (SIEM) software for deep inspection, detection, and prioritization of threats has become a necessity for any business. This IBM® Redpaper publication explains how the storage features of IBM Spectrum® Scale, when combined with the log analysis, deep inspection, and detection of threats that are provided by IBM QRadar®, help reduce the impact of incidents on business data. Such integration provides an excellent platform for hosting unstructured business data that is subject to regulatory compliance requirements.
This paper describes how IBM Spectrum Scale File Audit Logging can be integrated with IBM QRadar. Using IBM QRadar, an administrator can monitor, inspect, detect, and derive insights for identifying potential threats to the data that is stored on IBM Spectrum Scale. When the threats are identified, you can quickly act on them to mitigate or reduce the impact of incidents. We further demonstrate how the threat detection by IBM QRadar can proactively trigger data snapshots or cyber resiliency workflow in IBM Spectrum Scale to protect the data during threat.
This paper is intended for chief technology officers, solution engineers, security architects, and systems administrators.
Table of contents
Introduction to IBM Spectrum Scale
Introduction to IBM QRadar
IBM QRadar with IBM Spectrum Scale: Identifying threats to data and acting on potential incidents
IBM Spectrum Scale cluster configuration
IBM QRadar with IBM Spectrum Scale: Proactively trigger a Data Protection/Cyber Resiliency workflow on threat detection
Appendix A: Custom script to take a snapshot
Others who read this publication also read
Follow IBM Redbooks
Follow IBM Redbooks