Tivoli Security Operations Manager
Features, advantages and benefits
Features | Advantages | Benefits |
---|---|---|
Automated log aggregation | Operational efficiency through platform integration | Centralize security operations across discrete organizations, technologies and processes |
Automated event correlation and analysis | Efficiency through automation | Align security operations with IT operations to assure business uptime |
Streamlined incident tracking and handling | Support for audit and compliance | Align security activities with the business' top priorities |
Network and resource availability is absolutely critical to business and service assurance. But enterprises, federal agencies and service providers can lose millions of dollars per year as a result of worms and other types of malware that bring down corporate resources and customer-facing services. That's why information security is one of the top concerns of every CIO in any enterprise or carrier.
To maximize resource and service availability and protect customer information, today's information security teams must be able to:
- Quickly recognize and handle security incidents.
- Enforce security policies.
- Support audit and compliance initiatives.
The challenge is that each of these activities involves security data that resides throughout the organization. Enterprises and service providers need to be able to access and quickly analyze this disparate data - quickly and efficiently. In today's complex, multi-vendor environments, that means leveraging an automated, integrated solution.
Tivoli Security Operations Manager
In response to these challenges, turn to Tivoli Security Operations Manager (TSOM) - a security information and event management (SIEM) platform designed to improve the effectiveness, efficiency and visibility of security operations and information risk management. By centralizing and storing security data from throughout the technology infrastructure, Tivoli Security Operations Manager enables you to:
- Automate log aggregation, correlation and analysis
- Recognize, investigate and respond to incidents automatically
- Streamline incident tracking and handling
- Enable monitoring and enforcement of policy
- Provide comprehensive reporting for compliance efforts
Tivoli's Security Operations Manager automates many repetitive, time-intensive activities required for effective security operations. The result is an efficient, cost-effective approach to security operations.
Improve efficiency through operational integration
TSOM addresses operational inefficiencies experienced by siloed IT organizations by facilitating the flow of incident management data between security, network and systems management operations teams. For example, TSOM integrates closely with enterprise network and system management products - including Netcool event managers and dashboards, as well as Tivoli Enterprise Console - and IT help-desk ticketing systems. You can leverage these integrations to:
- Ensure business and service assurance.
- Correlate security insights with information from the broader operations environment.
- Further facilitate incident remediation.
TSOM also integrates with Tivoli Identity Manager and Tivoli Access Manager to provide monitoring and oversight for customer's identity and access policies, ensuring that policies are enforced, and that potential misuse attempts are quickly detected and addressed.
Deepen understanding by using comprehensive reporting
The on-the-fly data mining, historical reporting, self-auditing and tracking capabilities in Tivoli Security Operations Manager provide critical components for understanding security trends. What's more, these reports help IT communicate relevant security information to other audiences, such as management and audit.
Features include:
- Standard and customizable report templates.
- An automated report scheduler.
- HTML, PDF and XML exporting of all graphs and charts.
- Self-auditing and tracking of all security activities.
Tivoli Security Operations Manager draws on information stored in a security event database to deliver historical reporting and trending on demand.
Select from multiple deployment options to suit your environment
Tivoli Security Operations Manager features a modular architecture that can adapt to - and grow with - your organization's security infrastructure. Each of the components - the event aggregation module that collects and normalizes data, the central management server that performs advanced analysis and correlation, and the database that stores historical information - can be distributed on separate hardware, or the components can be deployed together.
An organization might deploy multiple event aggregation modules throughout the organization to support higher volumes of event information or facilitate geographic distribution of system resources. For example, one customer uses 12 event aggregation modules for its geographically dispersed locations - enabling the company to distribute data collection and processing.
Similarly, the event aggregation modules can all send data to a single central management server, or an organization can use multiple servers to maximize availability - if one server is unavailable to an event aggregation module, it will instead forward the event to a secondary central management server.
Provide a platform for offering managed security services
In addition to serving as the critical IT security platform for midsize and large enterprises and carriers, Tivoli Security Operations Manager can also act as a strong, proven foundation for a highly profitable managed security services business. The same deployment options that make the software scalable and stable for any organization also enable Tivoli Security Operations Manager to meet the needs of a highly distributed services environment.
When used by managed security service providers, Tivoli Security Operations Manager helps:
- Reduce operational costs by offering a high degree of operational automation.
- Optimize time to value, thanks to speedy implementation and immediate, out-of-the-box capabilities.
- Demonstrate service levels and value to customers through comprehensive reporting capabilities.
Security breaches can have serious, measurable consequences: lost revenue, downtime, damage to reputation, damage to IT assets, theft of proprietary or customer information, cleanup and restoration costs, and potential litigation costs. To reduce these risks, security organizations need the capability to quickly identify and react to attacks.
Tivoli Security Operations Manager provides a holistic view of your security posture and the abilities to drill down and investigate attacks quickly. As a result, it is a valuable tool to help prevent intrusions and help maximize the security of your business.
All products within the Tivoli category
- IBM Intelligent Building Management
- Maximo Adapter for Microsoft Project
- Maximo Archiving with Optim Data Growth Solution
- Maximo Asset Configuration Manager
- Maximo Asset Management
- Maximo Calibration
- Maximo Change and Corrective Action Manager
- Maximo Compliance Assistance Documentation
- Maximo Data Center Infrastructure Management
- Maximo Enterprise Adapter
- Maximo for Transportation
- Maximo Linear Asset Manager
- Maximo Mobile Inventory Manager SE
- Maximo Mobile Work Manager SE
- Maximo Mobile Work Manager with Calibration SE
- Maximo SLA Manager
- Tivoli Asset Management for IT
- Tivoli Release Process Manager
- Tivoli Unified Process Composer
- for Application Diagnostics
- for Applications
- for Microsoft Applications
- for SOA Platform
- for Transactions
- for Virtual Servers
- for Databases
- for Messaging and Collaboration
- for Virtual Servers
- for CICS Transaction Gateway on zOS
- for Databases
- for R3
- for WebSphere Application Server on zOS
- for WebSphere Integration Brokers on zOS
- Application manager
- for Integrated Operations Management
- IBM Application Manager for Smart Business
- Tivoli ETEWatch
- Tivoli IntelliWatch Pinnacle for Distributed Systems
- Tivoli Web Response Monitor
- Tivoli Endpoint Manager for Lifecycle Management
- Tivoli Endpoint Manager for Patch Management
- Tivoli Endpoint Manager for Power Management
- Tivoli Endpoint Manager for Security and Compliance
- for Inventory
- for Software Distribution
- IBM License Metric Tool
- Tivoli Application Dependency Discovery Manager
- Tivoli Business Service Manager for zOS
- Tivoli Capacity Process Manager
- Tivoli Change and Configuration Management Database
- Tivoli Configuration Manager for Automated Teller Machines
- Tivoli Endpoint Manager for Core Protection
- Tivoli License Compliance Manager
- Tivoli Provisioning Manager
- Tivoli Remote Control
- Tivoli Service Automation Manager
- Tivoli Workload Automation
- Tivoli AFOPERATOR on zOS
- Tivoli Availability Process Manager
- Tivoli Enterprise Console
- Tivoli OMEGACENTER Gateway on zOS
- Tivoli OMNIbus and Network Manager
- IBM Service Delivery Manager
- Tivoli Service Automation Manager
- Entry Edition
- Tivoli Network Manager Transmission Edition
- Netcool Performance Manager
- Netcool Performance Manager for Wireless
- Tivoli Netcool Service Quality Management Center
- Tivoli Netcool Service Quality Manager
- Tivoli NetcoolImpact
- Tivoli NetcoolOMNIbus
- Tivoli NetcoolOMNIbus Gateways
- Tivoli NetcoolReporter
- Tivoli NetcoolWebtop
- Tivoli NetView
- Tivoli NetView Distribution Manager
- Tivoli NetView Performance Monitor
- Tivoli OMNIbus and Network Manager
- Tivoli Performance Modeler for zOS
- DB2 Tools for zOS
- NetcoolPortal
- NetcoolProviso
- NetcoolRealtime Active Dashboards
- Tivoli Data Warehouse
- Tivoli Decision Support for zOS
- Tivoli Netcool Carrier VoIP Manager
- Tivoli Netcool Configuration Manager
- Tivoli Netcool Enterprise VoIP Manager
- Tivoli Netcool IP Multimedia Subsystem Manager
- Tivoli Netcool Network Mediation
- Tivoli Netcool Performance Flow Analyzer
- for Power Management
- Tivoli Endpoint Manager for Lifecycle Management
- Business Gateway
- Federated Identity Manager
- Tivoli Federated Identity Manager for zOS
- Tivoli Access Manager for Enterprise Single Sign-On
- Tivoli Identity and Access Assurance
- Tivoli Unified Single Sign-On
- Directory Integrator
- for zOS
- Tivoli Data and Application Security
- Tivoli Directory Server
- Tivoli Key Lifecycle Manager
- IBM Security Content Analysis Software Development
- IBM Security Network Active Bypass
- IBM Security Network Controller
- IBM Security Network Intrusion Prevention System
- IBM Security Server Protection
- IBM Security Virtual Server Protection for VMware
- IBM Security zSecure CICS Toolkit
- IBM Security zSecure Command Verifier
- IBM Security zSecure Suite
- Proventia Desktop Endpoint Security
- Proventia Management SiteProtector System
- Proventia Network Enterprise Scanner
- Proventia Network Multi-Function Security
- Tivoli Endpoint Manager for Core Protection
- Tivoli Security Information and Event Manager
- Tivoli Security Management for zOS
- Tivoli Identity and Access Manager
- Tivoli Compliance Insight Manager
- Tivoli Security Compliance Manager
- Tivoli Security Operations Manager
- DB2 Tools for zOS
- IBM Information Archive
- IBM System Storage Archive Manager
- Storage Manager Product line
- Tivoli Advanced Reporting for DFSMShsm
- Tivoli Automated Tape Allocation Manager for zOS
- Tivoli OMEGAMON XE for Storage on zOS
- Tivoli Tape Optimizer on zOS
- Storage Enterprise Resource Planner
- Tivoli Advanced Allocation Management for zOS
- Tivoli Storage Productivity Center
- Tivoli Storage Productivity Center Suite
- Tivoli Business Continuity Process Manager
- Tivoli Continuous Data Protection for Files
- Tivoli Storage Manager Product line
- Copy (3) of Tivoli Asset Discovery for Distributed
- Tivoli OMEGAMON XE for Messaging for Distributed Systems
- Tivoli OMEGAMON XE for WebSphere InterChange Server
- WebSphere Integration Brokers for Distributed Systems
- Tivoli Asset Discovery for Distributed
- DB2 Tools for zOS
- IBM Tivoli Editor for Messages on zOS
- Tivoli Advanced Audit for DFSMShsm
- Tivoli Advanced Backup and Recovery for zOS
- Tivoli Advanced Catalog Management for zOS
- Tivoli Asset Discovery for zOS
- Tivoli Composite Application Manager
- Tivoli Event Pump for zOS
- Tivoli Monitoring
- Tivoli OMEGAMON DE on zOS
- Tivoli OMEGAMON XE for Mainframe Networks
- Tivoli Output Manager for zOS
- Tivoli Storage Optimizer for zOS
- Tivoli System Automation for zOS