IBM Security Information & Events Manager

Facilitate security audits and monitor privileged users through a robust security compliance dashboard

Many businesses face the challenge of managing the massive amounts of log data that must be maintained for audit purposes. First, logs must be reliably and verifiably collected from dispersed sources across the enterprise, and done so in a continuous, sustainable manner. Once billions of log entries have been captured, a fast, efficient way to make sense of it all is needed.Collecting and analyzing this informa­tion can take a significant amount of time and expertise. Many organiza­tions — already stretched thin on resources — simply don’t have the time and manpower. That’s why there’s IBM Security Information & Events Manager. An automated solution for monitoring, inves­tigating and reporting on user activity across the enterprise, Security Information and Events Manager can provide contin­uous, nonintrusive assurance and documentary evidence that your data and systems are being managed in accordance with company policies.
 
IBM Security Information & Events Manager provides an easy-to-use security compliance dashboard that summa­rizes billions of log files. Through this dashboard, you can quickly gain an overview of your security compliance posture, understand user activities and security events in comparison to acceptable-use frameworks, and monitor privileged users and related security events.Through its patent-pending W7 meth­odology, IBM Security Information & Events Manager translates native log data into easily understood language. A powerful combination, the W7 methodology and graphical dashboard can help you rapidly verify the seven W’s: Who, did What, When, Where, Where from, Where to and on What.
 

With this information at your fingertips, you can:

  • Quickly drill down into user behaviour, system activity and security information across all platform types.
  • Compare log entries to baseline policy to help pinpoint and minimize security problems.
  • Deliver reporting to support auditors’ evidence requests and security managers’ investigatory needs without burdening expensive subject matter experts.
  • Rapidly respond to incidents through the ability to set actions and alerts about privileged user activity, while allowing administrators to perform their jobs.

IBM Security Information & Events Manager integrates with IBM Security Identity Manager, IBM Security Access Manager for Web and IBM Security Access Manager for Operating Systems. This integration allows you to monitor administrative activity on these servers to determine whether changes and activity by IBM Security Identity Manager and IBM Security Access Manager adminis­trators occur within your policy and acceptable-use guidelines. IBM Security Information & Events Manager also integrates with the administrator direc­tories of IBM Security Identity Manager and IBM Security Access Manager software so that administrative users’ actual user names are included in IBM Security Information & Events Manager reports.

 
SecurIT is a Tivoli AA-level accredited IBM Business Partner in IBM Security Information and Events  Manager. IBM Tivoli Accreditated Partners have achieved the highest standards in technical certifications for delivering Tivoli software and solutions to earn A, AA, AAA skill level competency. Each accreditation level requires additional qualification of deployment professionals and solution advisors to have in-depth knowledge across a broad range of Tivoli solutions or for individual products.
To learn more about how IBM Security Information & Events Manager and integrated solutions from IBM can help you increase IT efficiency, reduce administration costs and address policy compliance needs, contact SecurIT, or visit the IBM website 
Source: www.IBM.com