In today's global world clients needs to show compliance to different laws like Sarbanes Oxley, HIPPA, the European Union's 8th directive, privacy laws, and so on, in an enterprise (horizontal) environment. The environments become more and more complex with the rapid growth of e-business, and they often span several geographies. Most IT organizations are still very much vertical, often with different organizations within each country, with little cooperation between them. Lack of skills on cross-platform skills are also a major issue.
Integration and automation at the infrastructure layer is key to enabling e-business. With the growing number of security databases, proving compliance across the enterprise is very complex.
This is also true for auditors, as they need a very deep knowledge of IT and a variety of solutions and IT Infrastructures to be able to do a reliable audit.
This IBM Redbooks publication documents the results of our efforts and tests to show how you can perform audit trail and report in an enterprise. Our configuration, even though a not very complex one, shows results of using internal (intranet) and external (internet) configurations. We have been testing with standard users and privilege users, using tools that are available in today's market.
Chapter 1. Strategy overview and security roles
Part 1. Tools
Chapter 2. Enterprise-wide auditing tools
Chapter 3. e-business model auditing tools
Chapter 4. z/OS
Chapter 5. UNIX/Linux auditing tools
Chapter 6. DB2 auditing tools
Part 2. Scenarios
Chapter 7. Introduction to scenarios
Chapter 8. e-business scenarios
Chapter 9. Privileged access
Appendix A. Linux Audit record description
Appendix B. SSL/SSH configuration guides
Appendix C. Additional material