Security management solutionsBuyer’s guide: purchasing criteria
Help optimize your IT infrastructure by selecting the right security management solution.
22
With greater visibility across your infrastructure, you can:
• Proactively correct vulnerabilities before breaches occur.
• Initiate IT cost-reduction directives that include consolidating
and streamlining IT systems.
• Achieve ongoing policy compliance requirements.
• Automate processes to help reduce or avoid manpower
expenditures on routine but important security operations.
Centralization also facilitates decentralized administration —
giving the right amount of responsibility to the right indivi-
duals and groups, wherever they are. When you extend
security management with a federated identity management
solution, you can even delegate administration of security
between your company and its business partners. As a
result, you help simplify — and minimize the cost of —
administering identities for third-party users.
The right security management solution can help you do
more than effectively manage user accounts and security
risks. Your security infrastructure can become a true business
enabler — providing the flexibility and integration required to
quickly adapt to changing market requirements and secure
new on demand business initiatives and services.
Getting started
Choosing to implement a security management solution
is one thing; figuring out how to get started toward the
solution that’s right for your organization is another. It can be
intimidating to identify what kind of software you initially
need to invest in, let alone to choose the best vendor in the
area you select — a vendor that can support you throughout
the process of implementing your total solution.
Organizations of all sizes, across all industries often must
accommodate a growing number of users and devices
that require access to resources inside and outside the IT
organization. At the same time, the need to address evolving
audit requirements demands more responsiveness and
control than ever before.
These challenges require a robust security management
solution that is designed to work across platforms and
applications, and flex and scale with the rapidly changing
demands on security. A solution that can help you establish
centralized, automated policies and processes to help
minimize security risks. A solution that can free IT staff from
firefighting and time-consuming routine security tasks to
focus on critical business initiatives and better integration of
your existing systems.
Beyond demonstrating business policy compliance and
helping ensure timely access to business assets, an effective
security infrastructure can help you transform your enterprise
into an On Demand Business: an enterprise whose business
processes — integrated end-to-end across the company and
with key partners, suppliers and customers — can respond
with speed to any customer demand, market opportunity or
external threat.
Centralized security management allows you to address
many aspects of the ongoing effort to help control user
activities, minimize vulnerabilities and consistently execute
your security policies across the breadth of your organization.
3
If you identify the security concern that most affects your
business priorities, then you can focus on the kind of
solution that directly addresses that concern. Later, as needed,
you can expand into the other security areas that support
your business goals.
This document outlines the most common challenges that lead
companies to invest in security management, then indicates
which components directly address each challenge.
The overall goal: manage security and compliance cost-effectively
Competing in today’s world often requires an increased
interconnectedness — opening your enterprise, along
with its processes and applications, to a growing number
of employees, customers and business partners. This
interconnectedness can raise new challenges for your IT
staff — managing all these users and their access efficiently
and effectively. You should also take into account the
security of the devices that enter your network and access
your systems and applications, including traditional Web
browsers, mobile phones, handhelds and other devices.
Managing these risks is only part of the security management
task these days. Because recent worldwide political events,
external attacks, corporate financial crises and identity theft
have given security management more focus, there is a
growing requirement to enforce and demonstrate compliance
with enterprise or governmental security mandates. Many
organizations must improve their accountability and trans-
parency to adhere with regulations such as Sarbanes-Oxley
(SOX), the Health Insurance Portability and Accountability
Act (HIPAA), Basel II and many others — at a national or
international level. Companies can fail audits if they are
unable to demonstrate effective application of processes
and procedures used to grant access rights to users.
Too often, companies address these challenges with time-
consuming, inefficient processes that are prone to error
and very costly. They manage user accounts, access
controls and a wide variety of user devices in a piecemeal
fashion that requires substantial staff time. When responding
to audits, they retrieve critical information manually — from
spreadsheets and other documents. Instead, companies
need a security management solution that helps them
automate common security processes and consistently
administer corporate security policies.
To begin with security management, address your most
pressing challenges
Security management solutions should enable you to
adopt a cross-enterprise view to help you overcome your
security challenges and make the most of your business
opportunities. Today security management is not a single
integrated process — it is a set of loosely coupled activities
spanning multiple processes.
With extensive research and experience working with clients
of many sizes and in many different industries, IBM has
found that increasingly clients are now prioritizing security
management processes such as identity and access
44
management, vulnerability management and IT compliance
management. Any of these challenges — or a combination of
them — can be a place where your company can concentrate
its initial investment in security management.
• Identity and access management: Provision and manage user
accounts and access to resources, facilitate collaboration and
control the disclosure of information.
• Vulnerability management: Identify and address system
vulnerabilities through patching and other measures.
• IT compliance management: Establish, monitor and enforce
your corporate IT policies.
Security management encompasses all of these areas —
with each segment reinforcing the others. For example,
when you establish and enforce company-wide security
policies, you’ll be able to assess risks more easily. When
you establish user accounts according to a policy, you
can measure against that policy to be sure all accounts
and their access rights are valid. You can constantly monitor
against that policy to help ensure there are no orphan
accounts that can be used for attacks against your operation,
and that you have recorded when and to whom information
was disclosed. The more authoritative your data stores are,
the more confidence you can have that your security policy
will be administered correctly.
To identify a starting point for your organization, it helps to
see what each category encompasses. This buyer’s guide
provides checklists for each of these three starting points that
you can use when evaluating vendors and their products.
As you look for the solution that best addresses the challenge
you’ve prioritized, keep in mind the importance of a provider
who will be able to support the full breadth of your security
management solution.
Manage and provision both user accounts and access to resources
and information
From directory stores to single sign-on capabilities, identity
and access management is a critical component of your
security management solution. To help you pinpoint your
immediate needs, this table provides a closer look at
common requirements that lead companies to identity and
access management solutions and the appropriate areas of
identity and access management that help address these
requirements. Subsequently, this buyer’s guide includes
checklists for the various components of identity and
access management.
Deploy a user management and provisioning solution to
help establish cost-effective and consistent security
Your IT staff may spend an inordinate amount of time granting
and limiting user rights on a case-by-case basis. It can also
be costly and time-consuming to gather the information
you require to comply with security audits. These tasks
can drain IT resources away from projects that deliver greater
business value.
Automated workflows can reduce the cost of having IT staff
perform a repetitive task and help you administer security
in a uniform manner. A centralized user provisioning and
management solution can provide visibility across your
enterprise into exactly who has what rights. This visibility
enables you to track everyone who has access to your
systems and to align the degree of access you grant with
your business priorities and needs. User provi sioning and
management solutions should also enable you to maintain
accurate records of access rights changes for auditing
purposes — and thus help reduce the cost in terms of staff
time and money needed to comply with audit requirements.
5
You should make sure that the user management and
provisioning solution you select:
• Manages distributed sets of users and includes the ability to
assign users to one or more roles.
• Enforces security policies proactively — automates based on roles
and rules.
• Provides the ability to simulate policy change, so that you can
see the impact a new security policy may have on your users.
• Routes access requests through authorization processes and
escalates to alternate approvers if prompt action is not taken.
• Interfaces with applications, operating systems and resources
across your organization and those you might introduce in the
future — securely and efficiently.
• Provides significant standard reports to help respond to
compliance needs.
• Provides Web self-care interfaces to perform password and
personal information changes.
• Includes the necessary software components, including
necessary databases, LDAP servers, and Web and application
servers.
• Provides value beyond basic password management and scales
as your organization changes.
Help reduce the cost of establishing an authoritative
store of information
The cost and complexity of identity administration in today’s
environment are greatly tied to the process of creating and
managing user accounts. Whether you’re looking to grow
organically or through mergers and acquisitions, access
to new customers and markets — as well as a broader
range of products and services — is a strategic priority for
many initiatives.
If your company needs to: Start with:
Help reduce security administration
and support costs
User management and
provisioning
Keep track of all the users that
access systems
User management and
provisioning, access control
Manage identity information that is
spread out across multiple stores
Establishing an
authoritative store of
information
Deliver common services for your
service-oriented architecture
Federated identity
management
Implement single sign-on and unified
user experience
Access control, federated
identity management
Help reduce the cost of developing
adequate security for industry-leading
and internally built applications
Access control, federated
identity management
Help shore up security for deploying
portals and Web services
Access control, user
management and
provisioning, federated
identity management
To administer security consistently across your organization,
you should have some way to synchronize user information
in a highly efficient fashion. If an employee changes his or
her name, both the human resources database and all the
databases that deliver information about your company
to your customers should reflect the change. When a
prospective client or business partner becomes an active
client, changing the status in one information store should
initiate the same change in all other stores.
The solution lies in managing identities and controlling
access to resources. Identity management is a way to
address two key questions: who are you and what can
you access? An identity integration solution synchronizes
data across your organization. It helps you maximize the
66
accuracy of the data you maintain and reduce the costs
associated with manually updating that data. With a superior
identity integration solution, you can establish rules that
identify which groups and individuals have the authority to
change which data fields. The solution then pushes changes
made by those with authority out to all the other databases
where the same data is stored and utilized.
To find a superior identity integration solution, you should
look for one that:
• Deploys a distributed architecture that allows local groups
to manage the data they know best with the tools that make
them most productive.
• Supplies connectors to and integrates seamlessly with a
wide variety of repositories and technologies and enables
integration with new and existing enterprise Web services.
• Responds to predefined events, enabling automated, real-time
updates to your identity stores.
• Deploys rapidly and extends with minimum dependencies on
centralized data stores.
• Provides a centralized metaview with whatever directory or
database best meets your needs — without being locked into a
vendor’s proprietary data store.
• Enables you to deploy your solution as a metadirectory
(synchronizing data) or virtual directory (federating data
without overwriting) and easily migrate between the two
implementations with just one toolkit and one skill set
to manage.
• Deploys on any operating system platform to maximize
flexibility.
• Leverages reusable connectors and components.
• Integrates a wide variety of data types, including passwords.
Implement a high-performance 24x7 directory infrastructure
for global enterprise applications
To enable security management solutions, your infrastructure
typically needs to drive identity data to an increasing number
of directory-enabled applications. The situation is analogous
to critical highway infrastructure. The more comprehensive
and reliable the road network, the more value can be
derived from all the cars that use it. Similarly, the more
comprehensive and reliable your identity data infrastructure,
the more value you can derive from all the security
management and enterprise applications that use that data.
An on demand business requires a robust data engine that
can support large groups — up to hundreds of millions of
entries — and continue to demonstrate superior performance
even as the directory grows. A data engine that is:
• Open — your data engine should run on all major platforms.
To truly be a software platform for your entire enterprise, the
directory must offer dynamic, extensible support for the many
applications on which your enterprise depends.
• Reliable — to support global applications, companies like yours
increasingly need to create a 24x7 directory infrastructure.
Advanced replication capabilities — including a multimaster
capability — help provide high availability and rapid delivery
of frequently accessed content to anywhere in the world.
• Scalable — because your directories grow and consolidate,
you require a trusted relational database — not merely a
proprietary data store.
7
Federated identity management extends a company’s
security reach beyond the enterprise and into the ecosystem
to help simplify, secure and strengthen the administration of
users, Web services and data shared by business partners.
For example, consider a customer who logs on to the
brokerage site of a full-service financial services company
using one identity and password. If he decides to log on to
the credit card partner of his financial services provider, he
typically uses a different identity and password. In effect, the
companies are managing twice the infrastructure at twice
the cost.
The federated model enables not just users but also Web
services (or applications) to be integrated across company
or trust boundaries. This type of service integration is referred
to as service-oriented architecture (SOA). For example,
a jewelry supplier could use Web services to check real-
time inventory levels at a key retailer to ensure just-in-time
inventory levels.
The federated identity management solution you choose should:
• Deliver secure Web services, and thus aid the business in
leveraging a SOA that expands business for a relatively
minor investment.
• Enable single sign-on across an entire business ecosystem.
• Help minimize operational costs through user self-care.
• Help minimize identity infrastructure investment and
operational costs by eliminating redundant processes and
user accounts.
• Leverage an efficient, economic solution for integrating
application platforms such as IBM WebSphere® software,
Microsoft .NET and SAP.
To locate a directory infrastructure solution that meets these
three standards, you should seek one that:
• Is Certified LDAP, Version 3 Compliant by the Open Group.
• Supports leading platforms, including Microsoft® Windows®,
Linux®, IBM AIX®, Sun Solaris and HP-UX.
• Enables you to achieve the 24x7 availability required for
global enterprise applications through advanced replication
and multimastering capabilities — including support for dozens
of master copies of the directory and the ability to replicate
different directory subtrees against different masters.
• Has been widely deployed in a broad range of customer
applications around the world.
• Relies on a highly trusted relational database — rather than
a proprietary data store — for excellent scalability, reliability
and performance.
Deploy a federated identity management solution that can
simplify identity and access administration
Companies often need to share information, data and Web
services with business partners. You can help lower costs,
enhance productivity and optimize efficiency by improving
integration and communication with suppliers, business
partners and customers. Federated identity management
provides this link. Federation is the sharing of data and
Web services with business partners and customers.
Federated identity management enables businesses to
deliver more functional and cost-effective solutions. The
federated business model for identity management enables
companies to federate data to clients, trading partners and
customers whom would normally not have access. By doing
so, companies can minimize infrastructure investment and
operational costs. Instead of each company having to build
and operate its own expensive identity infrastructure, it can
spread the costs over the entire ecosystem.
8
• Help maximize compliance with business policies.
• Help ensure rapid deployment and easy integration by
supporting a wide number of standards, including Security
Assertion Markup Language (SAML), Liberty Alliance
and Web Services Federation Language (WS-Federation),
WS-Security and WS-Trust.
Select an access control solution that helps minimize your
vulnerability and can improve ease of use
Developing the security layer of an application often
accounts for as much as 30 percent of application cost
and time. By eliminating the need for application architects
to develop the security layer, access control solutions help
your IT staff deliver better applications faster and cheaper.
Access control solutions also enable you to improve the
usability and security of your customer-facing and partner-
facing applications. Capabilities such as single sign-on and
user self-service help increase employee productivity and
enhance the customer and partner experience. By providing
single sign-on — for your business partners, your suppliers
and your employees — access control solutions can minimize
a number of password-related problems:
• Multiple-password confusion
• Security exposure that can occur with writing down passwords
• IT staff time and resources spent administering passwords
and unlocking accounts
• Downtime that end users experience when locked out
of accounts
The access control solution you choose should:
• Perform and scale well in difficult, high-traffic conditions.
• Provide self-service interfaces for password resets, password
synchronization and user account updates, to reduce help-desk
costs and improve user satisfaction.
• Support multiple authentication methods and access devices
(desktops, PDAs, mobile phones and more) so that you can
work with as many different protocols as your users rely on
to access your system.
• Integrate easily and widely with identity servers, applications,
middleware, operating systems and platforms.
• Rely on open and de facto standards, including Java 2
Platform, Enterprise Edition (J2EE™), .NET and Web services,
to help maximize interoperability both now and in the future.
• Deploy policy-based security infrastructure to ease adminis-
tration and align security with your business rules and
business goals.
• Include single sign-on — with your existing desktop
infrastructure, other security environments and leading
online business applications.
Identify an access control solution for UNIX- and Linux-
specific security challenges
Access control for UNIX® and Linux environments is
particularly challenging. The top security threat that these
environments face is misbehavior by internal users and
employees. The key to fixing this issue is to more closely
control super-user (root) accounts. Super-user accounts
are particularly vulnerable to abuse because traditionally
there are no controls on the access rights of these accounts
and no way to audit the actions taken by people using
these accounts.
9
An access control solution for your UNIX and Linux systems
enables you to secure the applications, files and data on
these operating platforms and the platforms themselves. It
applies the same business policies you use to control access
throughout the enterprise to your UNIX and Linux resources
and creates a sophisticated audit trail for tracking users and
administrators.
To find a superior access control solution for your UNIX and
Linux environments, look for one that:
• Combines full-fledged intrusion prevention — host-based
firewall, application and platform protection, user tracking
and controls — with robust auditing and compliance checking.
• Includes best-practice (yet customizable) policies that enable
enterprises to quickly ramp up to effective security.
• Centrally manages access and audits across large numbers of
UNIX and Linux servers.
• Provides extensive auditing and detailed reports you can give
to regulators, external and corporate auditors.
• Delivers mainframe-class security and auditing in a
lightweight, easy-to-use product.
• Integrates GUI and policy database across security
applications for UNIX and Linux systems, Web applications
and IBM WebSphere MQ installations.
• Imposes negligible overhead (less than 1 percent), main-
tains security during system backup and provides a highly
scalable system.
Choose an access control solution that enhances the security
of your IBM WebSphere Business Integration environment
Companies that use WebSphere MQ to process personally
identifiable information and other types of sensitive data often
seek to protect message data end to end. Additionally, as
they use WebSphere MQ to tie together strings of applica-
tions, companies need a way to centrally manage both data
protection and access control policies.
An enhanced security solution for WebSphere MQ
enables these companies to demonstrate the integrity
and confidentiality of messages not just while in transit
from system to system, but also while under the control of
WebSphere MQ itself. Moreover, this enhanced security
solution applies business policy to ensure the desired
level of confidentiality and integrity for each transaction.
When analyzing enhanced security solutions for your
WebSphere MQ environment, make sure you select a
solution that:
• Helps strengthen security for high-value WebSphere MQ
transactions, without the need to modify or recompile
WebSphere MQ applications.
• Maintains strict data integrity and confidentiality, using
message-level audit capabilities to demonstrate compliance
with the defined security policy.
• Helps reduce administration costs through centralized
administration of access control and data-protection policies
across mainframe and distributed servers.
• Provides enterprise-wide management of security policies
for WebSphere MQ, including message integrity and
confidentiality, security audit posture and queue access-control
permissions from a Web-based administration tool.
• Is compatible with the other members of the IBM WebSphere
Business Integration family of products, including IBM
WebSphere MQ Workflow and IBM WebSphere Business
Integration Message and Event Brokers.
Assess and minimize system vulnerabilities across and beyond
your enterprise
Security breaches and cyberattacks within enterprises
have skyrocketed in recent years, causing significant IT
infrastructure damage and a significant loss of productivity.
Both intentional and unintentional employee and organiza-
tional behavior often cause the exposure and risk.
10
The need to keep systems safe has never been more neces-
sary, but the validation process is often time-consuming,
costly and inconsistent. At the same time, security adminis-
trators must be able to monitor whether users are current
with available patches and fixes — and prove to auditors that
security breaches are detected and managed.
A vulnerability management solution can help you centrally
assess security exposures and better understand the root
causes of these problems. With this increased insight,
you can proactively act to correct vulnerabilities before
breaches occur. If a security incident does occur, you can
automatically respond to it, which can help you minimize the
threat of widespread damage.
The vulnerability management solution you select should:
• Quickly confirm that all of your IT resources are configured
correctly relative to corporate policies.
• Automate scans of servers and desktop systems to help reduce
the cost and time associated with manual security checks.
• Prioritize the risks you want to mitigate against by leveraging
data about vulnerabilities in — and threats to — your various
types of assets.
• Monitor your systems for compliance, vulnerabilities and
threats — and use that information to refine your desired-state
security configurations, adjust the priority of the risks you
guard against and optimize best practices for responding
to problems.
• Centrally detect and assess attacks, threats and exposures in
real time by correlating security information and risk alerts
from firewalls, routers, networks, host- and application-
based intrusion detection systems, desktops and vulnerability
scanning tools.
Establish and enforce corporate security policies
Today’s organizations must be able to show auditors that
only valid users have access to protected applications
and servers — and that your policies are universally enforced.
To meet these requirements, organizations should employ
proactive security policies to protect data integrity and make
compliance management a pervasive and integrated part
of day-to-day business management. The policies should
seamlessly integrate with other business processes to
maintain consistent applications.
Far from being a burden, establishing an effective compliance
policy can help provide greater visibility across your current
infrastructure and business capabilities. As a result, you can
develop an infrastructure that addresses both compliance
and business initiatives — enabling you to respond swiftly to
market changes and regulatory mandates alike.
Look for an IT compliance management solution that enables
you to:
• Track everyone who has access to your systems.
• Properly align the access you grant with your business
priorities and needs.
• Provide a comprehensive, centralized control to enable
consistent execution of your security policies across the
breadth of your organization and across multiple applications,
heterogeneous IT resources and users.
• Apply common rules to control the release of data, including a
single, centralized log of all data disclosure activity.
• Maintain accurate records of access rights changes for audit
enforcement.
• Determine at a glance whether systems comply and instantly
inform those not in compliance.
11
Superior integration enables IBM security software to support your
long-term security strategy
When you begin to evaluate vendors for whichever security
management starting point you prioritize, you’ll find that IBM
offers not only a best-of-breed solution in that area, but also
unsurpassed breadth and integration across its security
solutions. When you’re ready to expand into other areas
of security management, IBM can support your long-term
security goals.
IBM’s leadership in integration is manifested in the way that
its solutions work together seamlessly and are built from
reusable components. When you deploy a new solution that
shares underlying functionality with your already-installed
solution, you don’t need to run two instances of the same
component.
Identity and access management
IBM software for user management and provisioning includes
the following offerings:
• IBM Tivoli® Identity Manager provides a security-rich,
automated and policy-based solution that helps effectively
manage user accounts and passwords from creation to
termination across heterogeneous environments. Tivoli Identity
Manager helps you increase user and IT efficiency, lower costs
and address audit needs.
• IBM Tivoli Directory Integrator provides real-time
synchronization among heterogeneous identity data sources,
allows you to establish an authoritative, up-to-date identity
data infrastructure and helps you make the most of your
existing investment in directory products.
• IBM Tivoli Directory Server provides a powerful LDAP
identity infrastructure that is the foundation for deploying
comprehensive identity management applications and
advanced software architectures.
You can also use IBM software to help you implement
federated identity management:
• IBM Tivoli Federated Identity Manager extends security man-
agement to both the identity provider and the service provider
infrastructure, enabling you to exchange user identification
and attributed information with trusted entities that share an
open standards–based authentication framework.
To help with access control, IBM Tivoli Access Manager
software provides consistent identity-driven control from a
single administration console, enabling single-policy access
management across a broad range of resources. The Tivoli
Access Manager family includes:
• IBM Tivoli Access Manager for e-business, which provides
end-to-end security for e-business, including single sign-on,
URL and application-level authorization, distributed Web-
based administration and policy-driven security.
• IBM Tivoli Access Manager for Operating Systems, which
protects individual application and operating system resources
by establishing rules that fine-tune access for all UNIX and
Linux accounts, including super-user and root accounts.
• IBM Tivoli Access Manager for Business Integration, which
enhances the native security services of WebSphere MQ to
provide end-to-end integrity and privacy of message data, and
centralized management of both data protection and access
control policy.
IBM offers powerful solutions across the security management cycle.
© Copyright IBM Corporation 2005
IBM Corporation Software Group Route 100 Somers, NY 10589 U.S.A.
Produced in the United States of America 07-05 All Rights Reserved
AIX, IBM, the IBM logo, the On Demand Business logo, Tivoli and WebSphere are trademarks of International Business Machines Corporation in the United States, other countries or both.
Linux is a trademark of Linus Torvalds in the United States, other countries or both.
Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries or both.
UNIX is a registered trademark of The Open Group in the United States and other countries.
Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries or both.
Other company, product and service names may be trademarks or service marks of others.
Customers are responsible for ensuring their own compliance with various laws such as the Sarbanes-Oxley Act. It is the customer’s sole responsibility to obtain the advice of competent legal counsel as to the identification and interpretation of any and all relevant laws that may affect the customer’s business and any actions the customer may need to take to comply with such laws. IBM does not provide legal, accounting or auditing advice or represent or warrant that its products or services will ensure that customer is in compliance with any law.
G507-1117-00
Vulnerability management
For a vulnerability management solution, IBM offers:
• IBM Tivoli Security Compliance Manager, which can help you detect security risks
quickly and deal with them proactively. Tivoli Security Compliance Manager scans
servers and workstations to verify whether security controls are in place.
• IBM Tivoli Risk Manager, which can help you centrally assess and monitor
vulnerabilities and threats, to efficiently respond to security events.
IT compliance management
For IT compliance management, IBM offers:
• IBM Tivoli Identity Manager, which provides a security-rich, automated and
policy-based solution that helps effectively manage user accounts and passwords
from creation to termination across heterogeneous environments. Tivoli Identity
Manager helps you increase user and IT efficiency, lower costs, and address
compliance and audit needs.
• IBM Tivoli Federated Identity Manager, which extends security management to
both the identity provider and the service provider infrastructure, enabling you to
exchange user identification and attributed information with trusted entities that
share an open standards–based authentication framework.
• IBM Tivoli Access Manager family, which provides consistent identity-driven
control from a single administration console, enabling single-policy access
management across a broad range of resources. The Tivoli Access Manager family
includes IBM Tivoli Access Manager for e-business, IBM Tivoli Access Manager for
Operating Systems and IBM Tivoli Access Manager for Business Integration.
• IBM Tivoli Security Compliance Manager, which scans servers and workstations to
verify whether IT security controls are in place and that the systems comply with
your security policy.
For more information
To learn more about which security management solution is the right
starting place for your company and to discuss the benefits of IBM security
management software for your organization, contact your IBM representative or
IBM Business Partner, or visit ibm.com/tivoli/solutions/security