SlideShare une entreprise Scribd logo

IBM Security Identity and Access Management - Portfolio

IBM Sverige
IBM Sverige

IBM Security Identity and Access Management - Products updates and what is coming

Technologie
1  sur  29
Télécharger pour lire hors ligne
© 2014 IBM Corporation IBM Security Identity and Access Management Products updates and what is coming Sven-Erik Vestergaard Pan-IOT security architecht IBM Security svest@dk.ibm.com
© 2014 IBM Corporation IBM Security 2 Agenda  ISAM  ISIM  PIM  Z/Secure
© 2014 IBM Corporation IBM Security 3 IBM Security Access Manager
© 2014 IBM Corporation IBM Security 5 Federated Registry Support  Allow ISAM to address a federated registry space where different suffixes are distributed across LDAP servers  Current Registry becomes “Primary registry” – Management suffix (e.g. secAuthority=Default) is stored here • This is where all ISAM user/group/policy/GSO meta-data is stored – Users and groups can also be stored here  Can also define one or more “Federated Registries” – These only store User and Group objects – No schema changes required in these registries – Identified by the suffixes they contain
© 2014 IBM Corporation IBM Security 6 IBM Security Access Manager Native Kerberos Single Sign-On
© 2014 IBM Corporation IBM Security 7 Kerberos SSO  For Windows applications, Kerberos provides the best SSO – It is supported by Windows services without the need for plug-ins – It generally causes the least number of integration issues  Kerberos Delegation is required to support this in ISAM – Allows an intermediate server to request tickets on behalf of an end user  Kerberos Delegation is now supported by non-Windows Kerberos – Previously it required Windows APIs  ISAM Appliance includes a Kerberos client for native support – Federated Identity Manager is no longer required for this
© 2014 IBM Corporation IBM Security 8 IBM Security Access Manager Trusteer Pinpoint
© 2014 IBM Corporation IBM Security 9 Proposed Architecture WebSEAL Filter Framework Web Engine Snippet Filter Update Manager Trusteer Endpoint Servers Poll Snippet Delivery Endpoint Access Page Delivery Web Application Page Access Snippet Files  A new filter will be added to the WebSEAL filter framework;  An update manager which is embedded within the appliance will be used to monitor updates and retrieve these updates;  Configuration will be contained in: – WebSEAL configuration file; – Snippet files;
© 2014 IBM Corporation IBM Security 10 IBM Security Access Manager Appliance Monitoring
© 2014 IBM Corporation IBM Security 11 SNMP added for Appliance Monitoring  Systems monitoring is an important part of operations – Often we may overlook it in pre-sales but customers will not  Customer tools cannot be added to an appliance – So it needs to provide sufficient capability out-of-the-box  In ISAM 8.0.0.5 an SNMP daemon has been added – It monitors standard system parameters such as disk, cpu, memory, interfaces, processes etc.  Currently it doesn’t monitor ISAM-specific functions – syslog can provide integration for monitoring of this kind
© 2014 IBM Corporation IBM Security 12 ISAM Appliance shown in Tivoli Enterprise Monitoring
© 2014 IBM Corporation IBM Security 13 IBM Security Access Manager DataPower
© 2014 IBM Corporation IBM Security 14 Applications and Systems Silos of security are impeding business agility DEVELOPERSPARTNERS CONSUMERS EMPLOYEES WEBMOBILEB2B SOA APIS CONSUMERS EMPLOYEES PARTNERS CONSULTANTS DEVELOPERS API MANAGEMENT B2B GATEWAY SOA GATEWAY WEB ACCESS PROXY MOBILE GATEWAY Business Channels Users Security Solutions
© 2014 IBM Corporation IBM Security 15 MULTI-CHANNEL GATEWAY Reduce cost and improve security posture with a converged gateway Business Channels Users DEVELOPERSPARTNERS CONSUMERS EMPLOYEES WEBMOBILEB2B SOA APIS CONSUMERS EMPLOYEES PARTNERS CONSULTANTS DEVELOPERS Security Solutions Applications and Systems
© 2014 IBM Corporation IBM Security 16 Introducing IBM’s multi-channel gateway solution Leverage the combined capabilities of IBM DataPower Gateway and IBM Security Access Manager in a single, converged security and integration gateway solution IBM DataPower Gateway ISAM for DataPower Traffic control & optimization Message security User access security KeyBenefits Reduce Operating Costs Improve Business Agility Improve Edge Security Secure User Interactions Secure App Interactions Single gateway reduces hardware footprint and uses common set of management and operational skills Common security policy framework that can be shared across business channels Comprehensive security at the message-level, infrastructure-level, and user-level Safeguard mobile, cloud, and social access Protect applications at the message-level and provide optimized application delivery Message & transport bridging
© 2014 IBM Corporation IBM Security 17 ISAM for Mobile & FIM provide advanced authentication, authorization, & federation capabilities with out-of-the-box integrations  ISAM for Mobile: Addresses the needs for emerging web and mobile security requirements for strong and multi-factor authentication and dynamic, context based access policies from multiple data sources including Trusteer Mobile, Pinpoint and Fiberlink MaaS360  Federated Identity Manager: Provides a robust platform for centrally managing federated business partner relationships and access to SaaS applications Federated Identity Manager Federated single sign on Identity mediation Security token services ISAM for Mobile  Mobile single sign on  Strong auth & MFA  Context-based access  Device registration Policy Enforcement Point ISAM for DataPower
© 2014 IBM Corporation IBM Security 18 IBM Security Identity Manager
© 2014 IBM Corporation IBM Security 19 New Capabilities Across All Products  Identity Manager v6.0.0.4 and v7.0 – Simultaneous announcement: • Same functions, different delivery: V6.0.0.4 is software stack version for installed base; v7.0 is virtual appliance-only for new customers – Phase 3: Identity Service Center - business user interface – Platform/Middleware updates – Adapter updates including Oracle, Microsoft, UNIX/Linux platform updates – Customer-sponsored enhancements  Privileged Identity Manager v2.0 – Virtual appliance only delivery – PIM-SIM separation with integration – PIM for Applications option – User experience improvement – PIM administration in Service Center UI – SoftLayer administrative account management support  Identity Governance v5.1 – Virtual Appliance Delivery – Integration from SIG to SIM
© 2014 IBM Corporation IBM Security 20 Identity Service Center – Home screen - updated (Optional)
© 2014 IBM Corporation IBM Security 21 Introducing SIM Virtual Appliance  SIM is Virtual Appliance only starting with SIM v7 – Positioned as “fresh start” – Continued SIM 6.0.x software stack maintenance  Same platform as PIM and Access Manager (“Mesa”)  Offers customers a quick-to-deploy and easy-to-maintain IdM solution – Pre-installed components & middleware, configured through VA panels. • External data tier required (DB2 and LDAP) for storing operational data. • Uses existing, common admin/user web user interfaces • Supports HA clustering – Reduces time to value significantly • Reduces the skills requirements for IT admins. e.g. no WAS admin skills needed. • Reduces patch/upgrade effort via single “firmware” update - not individual component
© 2014 IBM Corporation IBM Security 22 SIM Virtual Appliance – cont.  Target for new Identity Manager installations  Key limitations to note: – DB2 and Oracle (non SSL) only – Simplification -> configurability streamlining – no access to WAS – console, middleware install hidden etc. • We support customization “best practices” and incorporate into VA console configuration, but will discourage customization that makes upgrades difficult – Role and Policy Modeler not included (transition to SIG/CrossIdeas)  Migration: Existing SIM 5.1 and 6.0 customers will need to migrate environments – no automated upgrade – Fresh start: opportunity to rethink customizations and clean up the deployment – Tech note describing customization supports/limits to be published – Migration assistance on 2015 Roadmap
© 2014 IBM Corporation IBM Security 23 SIM 6.0.0.4 SIM VA 7.0 OS / ESX AIX 6.1, 7.1 RHEL 5,6 SLES 10,11 Solaris 10 Windows 2008, 2012 VMware ESXi5.x DB DB2 9.5, 9.7, 10.1, 10.5 Oracle 10g, 11g , 12c DB2 10.1 Oracle 12c TDS SDS 6.2, 6.3, 6.3.1 Sun Directory 6.3, 7.0 ODS 11.1 SDS 6.3.1 SDI/TDI TDI 7.1, 7.1.1 SDI 7.2 TDI 7.1.1 WAS WAS 7.0 (Without ISC) WAS 8.5, WAS 8.5.5 -- (Inside VA) Reports Cognos 10.2.1 Cognos 10.2.1 Browser IE 9, 10, 11 Firefox 17 ESR, 24 ESR IE 11 Firefox 24 ESR Identity Manager Virtual Appliance – Component versions
© 2014 IBM Corporation IBM Security 24 PIM 2.0 is Appliance Only  PIM Appliance now includes less “Identity Manager” – Only what is required to support PIM use cases  It can integrate with an Identity Manager system – To provide full Enterprise Identity + PIM functionality  New PIM opportunities should be directed towards appliance offering – Existing software stack customers will continue to receive support and fixes but little to no new PIM functionality  PIM Licence still includes entitlement for SIM and ESSO – So can still deploy and integrate these to get more function • At the cost of additional deployment complexity 24
© 2014 IBM Corporation IBM Security 25 Authenticating applications without password ss OAuth 2.0 Token Authorization given by a PIM domain admin to an application instance. OAuth tokens are set to one-time use. ss Instance Fingerprint App instance host info, user info, network, binary hash and path, etc. Ensures that the instance is authentic. Token request and fingerprinting are done automatically during registration, using the App ID Toolkit.
© 2014 IBM Corporation IBM Security 26 IAM Deployment Option Road Map V. APPLIANCE PIM Greenfield Identity Greenfield Identity Appliance (direction) Meets requirements for PIM scenarios for greenfield customers Meets requirements for SIM, PIM or SIG greenfield customers. Independent VA deployment Full IAM suite from a single VA Enable SIM, PIM, SIG or any combo Migration for sw stack customers IAM Software Stack Update in parallel with VA to provide customers time to consider VA or cloud Lighthouse IAM Initial Cloud IAM release Lower cost and faster deployment CLOUD SOFTWARE Lighthouse (direction) Updated to latest IAM releases Provide IBM Service Center UI
© 2014 IBM Corporation IBM Security 27 IBM Security Z/Secure
© 2014 IBM Corporation IBM Security 28 zSecure products that enable integration with QRadar RACF CA ACF2 CA Top Secretz/OS CICS DB2 Event sources from System z . . .
© 2014 IBM Corporation IBM Security 29 New zSecure Adapters for QRadar SIEM product  Features  Collects and formats information from over 40 different IBM System z SMF record types - such as, z/OS, RACF, ACF2, Top Secret, DB2, and CICS events (customizable)  Additional SMF record types generated by IBM z/OS® and its sub-systems, for data set access, z/VM, PDS member updates and deletes, UNIX file activity, FTP, Telnet and other TCP/IP activity and many others.  Adds enriched descriptive audit information about the user and the resource from the security database and zSecure system snapshot information  Support for more frequent collection than once a day – job available for use with scheduling software  Benefits  Extend best practices and comply with regulatory/legal/compliance requirements  Provides a holistic, centralized approach for Security Monitoring and plugs a hole in the Enterprise Security Monitoring practice  Supports separation of duties – stop the legacy practice of self-policing!  Maximize QRadar capabilities for: Log management , Anomaly detection, Incident forensics, Configuration Management, Vulnerability Management, and Risk management
© 2014 IBM Corporation IBM Security 30 Stay Focused Stay Ahead Questions ?

Recommandé

Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyNetwork Intelligence India
 
Threat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure SentinelThreat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure SentinelAshwin Patil, GCIH, GCIA, GCFE
 
Beginner's Guide to SIEM
Beginner's Guide to SIEM Beginner's Guide to SIEM
Beginner's Guide to SIEM AlienVault
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptxMoshe Ferber
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
Cloud Computing Using OpenStack
Cloud Computing Using OpenStack Cloud Computing Using OpenStack
Cloud Computing Using OpenStack Bangladesh Network Operators Group
 
IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Sverige
 

Recommandé

Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyNetwork Intelligence India
 
Threat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure SentinelThreat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure SentinelAshwin Patil, GCIH, GCIA, GCFE
 
Beginner's Guide to SIEM
Beginner's Guide to SIEM Beginner's Guide to SIEM
Beginner's Guide to SIEM AlienVault
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptxMoshe Ferber
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Identity and Access Management Introduction
Identity and Access Management IntroductionIdentity and Access Management Introduction
Identity and Access Management IntroductionAidy Tificate
 
Cloud Computing Using OpenStack
Cloud Computing Using OpenStack Cloud Computing Using OpenStack
Cloud Computing Using OpenStack Bangladesh Network Operators Group
 
IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Sverige
 
5. Identity and Access Management
5. Identity and Access Management5. Identity and Access Management
5. Identity and Access ManagementSam Bowne
 
AWS IAM Introduction
AWS IAM IntroductionAWS IAM Introduction
AWS IAM IntroductionAmazon Web Services
 
Cloud security
Cloud security Cloud security
Cloud security n|u - The Open Security Community
 
AWS DirectConnect 구성 가이드 (김용우) - 파트너 웨비나 시리즈
AWS DirectConnect 구성 가이드 (김용우) - 파트너 웨비나 시리즈AWS DirectConnect 구성 가이드 (김용우) - 파트너 웨비나 시리즈
AWS DirectConnect 구성 가이드 (김용우) - 파트너 웨비나 시리즈Amazon Web Services Korea
 
IBM Security QFlow & Vflow
IBM Security QFlow & VflowIBM Security QFlow & Vflow
IBM Security QFlow & VflowCamilo Fandiño Gómez
 
Siem ppt
Siem pptSiem ppt
Siem pptkmehul
 
AWS Tutorial | AWS Certified Solutions Architect | Amazon AWS | AWS Training ...
AWS Tutorial | AWS Certified Solutions Architect | Amazon AWS | AWS Training ...AWS Tutorial | AWS Certified Solutions Architect | Amazon AWS | AWS Training ...
AWS Tutorial | AWS Certified Solutions Architect | Amazon AWS | AWS Training ...Edureka!
 
Identity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling conceptsIdentity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling conceptsAlain Huet
 
basic concept of Cloud computing and its architecture
basic concept of Cloud computing and its architecturebasic concept of Cloud computing and its architecture
basic concept of Cloud computing and its architectureMohammad Ilyas Malik
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)Identacor
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)hardik soni
 
2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR
2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR
2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDRAPIsecure_ Official
 
Fundamental concepts and models
Fundamental concepts and modelsFundamental concepts and models
Fundamental concepts and modelsAsmaa Ibrahim
 
IAM Deep Dive - Custom IAM Policies with Conditions
IAM Deep Dive - Custom IAM Policies with ConditionsIAM Deep Dive - Custom IAM Policies with Conditions
IAM Deep Dive - Custom IAM Policies with ConditionsBryant Poush
 
IDS VS IPS.pptx
IDS VS IPS.pptxIDS VS IPS.pptx
IDS VS IPS.pptxTapan Khilar
 
Microsoft Azure
Microsoft AzureMicrosoft Azure
Microsoft AzureMohab El-Shishtawy
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYMaganathin Veeraragaloo
 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and PracticesPrabath Siriwardena
 
IAM Introduction and Best Practices
IAM Introduction and Best PracticesIAM Introduction and Best Practices
IAM Introduction and Best PracticesAmazon Web Services
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud ComputingFalgun Rathod
 
IBM i at the eart of cognitive solutions
IBM i at the eart of cognitive solutionsIBM i at the eart of cognitive solutions
IBM i at the eart of cognitive solutionsDavid Spurway
 
IBM Endpoint Manager for Server Automation presentation
IBM Endpoint Manager for Server Automation presentationIBM Endpoint Manager for Server Automation presentation
IBM Endpoint Manager for Server Automation presentationRMayo22
 

Contenu connexe

Tendances

5. Identity and Access Management
5. Identity and Access Management5. Identity and Access Management
5. Identity and Access ManagementSam Bowne
 
AWS DirectConnect 구성 가이드 (김용우) - 파트너 웨비나 시리즈
AWS DirectConnect 구성 가이드 (김용우) - 파트너 웨비나 시리즈AWS DirectConnect 구성 가이드 (김용우) - 파트너 웨비나 시리즈
AWS DirectConnect 구성 가이드 (김용우) - 파트너 웨비나 시리즈Amazon Web Services Korea
 
Siem ppt
Siem pptSiem ppt
Siem pptkmehul
 
AWS Tutorial | AWS Certified Solutions Architect | Amazon AWS | AWS Training ...
AWS Tutorial | AWS Certified Solutions Architect | Amazon AWS | AWS Training ...AWS Tutorial | AWS Certified Solutions Architect | Amazon AWS | AWS Training ...
AWS Tutorial | AWS Certified Solutions Architect | Amazon AWS | AWS Training ...Edureka!
 
Identity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling conceptsIdentity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling conceptsAlain Huet
 
basic concept of Cloud computing and its architecture
basic concept of Cloud computing and its architecturebasic concept of Cloud computing and its architecture
basic concept of Cloud computing and its architectureMohammad Ilyas Malik
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)Identacor
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)hardik soni
 
2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR
2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR
2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDRAPIsecure_ Official
 
Fundamental concepts and models
Fundamental concepts and modelsFundamental concepts and models
Fundamental concepts and modelsAsmaa Ibrahim
 
IAM Deep Dive - Custom IAM Policies with Conditions
IAM Deep Dive - Custom IAM Policies with ConditionsIAM Deep Dive - Custom IAM Policies with Conditions
IAM Deep Dive - Custom IAM Policies with ConditionsBryant Poush
 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and PracticesPrabath Siriwardena
 
IAM Introduction and Best Practices
IAM Introduction and Best PracticesIAM Introduction and Best Practices
IAM Introduction and Best PracticesAmazon Web Services
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud ComputingFalgun Rathod
 

Tendances (20)

5. Identity and Access Management
5. Identity and Access Management5. Identity and Access Management
5. Identity and Access Management
 
AWS IAM Introduction
AWS IAM IntroductionAWS IAM Introduction
AWS IAM Introduction
 
Cloud security
Cloud security Cloud security
Cloud security
 
AWS DirectConnect 구성 가이드 (김용우) - 파트너 웨비나 시리즈
AWS DirectConnect 구성 가이드 (김용우) - 파트너 웨비나 시리즈AWS DirectConnect 구성 가이드 (김용우) - 파트너 웨비나 시리즈
AWS DirectConnect 구성 가이드 (김용우) - 파트너 웨비나 시리즈
 
IBM Security QFlow & Vflow
IBM Security QFlow & VflowIBM Security QFlow & Vflow
IBM Security QFlow & Vflow
 
Siem ppt
Siem pptSiem ppt
Siem ppt
 
AWS Tutorial | AWS Certified Solutions Architect | Amazon AWS | AWS Training ...
AWS Tutorial | AWS Certified Solutions Architect | Amazon AWS | AWS Training ...AWS Tutorial | AWS Certified Solutions Architect | Amazon AWS | AWS Training ...
AWS Tutorial | AWS Certified Solutions Architect | Amazon AWS | AWS Training ...
 
Identity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling conceptsIdentity and Access Management - Data modeling concepts
Identity and Access Management - Data modeling concepts
 
basic concept of Cloud computing and its architecture
basic concept of Cloud computing and its architecturebasic concept of Cloud computing and its architecture
basic concept of Cloud computing and its architecture
 
Identity and Access Management (IAM)
Identity and Access Management (IAM)Identity and Access Management (IAM)
Identity and Access Management (IAM)
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
 
2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR
2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR
2022 APIsecure_Monitoring your APIs for Attacks Using SIEM versus XDR
 
Fundamental concepts and models
Fundamental concepts and modelsFundamental concepts and models
Fundamental concepts and models
 
IAM Deep Dive - Custom IAM Policies with Conditions
IAM Deep Dive - Custom IAM Policies with ConditionsIAM Deep Dive - Custom IAM Policies with Conditions
IAM Deep Dive - Custom IAM Policies with Conditions
 
IDS VS IPS.pptx
IDS VS IPS.pptxIDS VS IPS.pptx
IDS VS IPS.pptx
 
Microsoft Azure
Microsoft AzureMicrosoft Azure
Microsoft Azure
 
CLOUD NATIVE SECURITY
CLOUD NATIVE SECURITYCLOUD NATIVE SECURITY
CLOUD NATIVE SECURITY
 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and Practices
 
IAM Introduction and Best Practices
IAM Introduction and Best PracticesIAM Introduction and Best Practices
IAM Introduction and Best Practices
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
 

Similaire à IBM Security Identity and Access Management - Portfolio

IBM i at the eart of cognitive solutions
IBM i at the eart of cognitive solutionsIBM i at the eart of cognitive solutions
IBM i at the eart of cognitive solutionsDavid Spurway
 
IBM Endpoint Manager for Server Automation presentation
IBM Endpoint Manager for Server Automation presentationIBM Endpoint Manager for Server Automation presentation
IBM Endpoint Manager for Server Automation presentationRMayo22
 
IBM Endpoint Manager for Server Automation (Overview)
IBM Endpoint Manager for Server Automation (Overview)IBM Endpoint Manager for Server Automation (Overview)
IBM Endpoint Manager for Server Automation (Overview)Kimber Spradlin
 
59264945-Websphere-Security.pdf
59264945-Websphere-Security.pdf59264945-Websphere-Security.pdf
59264945-Websphere-Security.pdfDeepakAC3
 
Whats new in data power
Whats new in data powerWhats new in data power
Whats new in data powersflynn073
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud ApplicationsIBM Security
 
Ims keeping current for phoenix
Ims keeping current for phoenixIms keeping current for phoenix
Ims keeping current for phoenixJeff Pearce
 
IBM Private Modular Cloud
IBM Private Modular CloudIBM Private Modular Cloud
IBM Private Modular CloudHerb Hernandez
 
Avaya Network Management Overview
Avaya Network Management OverviewAvaya Network Management Overview
Avaya Network Management OverviewMotty Ben Atia
 
System Center 2012 Virtual Machine Manager
System Center 2012 Virtual Machine ManagerSystem Center 2012 Virtual Machine Manager
System Center 2012 Virtual Machine ManagerNorman Mayes
 
Pivotal Cloud Foundry 2.4: A First Look
Pivotal Cloud Foundry 2.4: A First LookPivotal Cloud Foundry 2.4: A First Look
Pivotal Cloud Foundry 2.4: A First LookVMware Tanzu
 
Tivoli Live – Nyckelfärdig molntjänst för dina behov inom Service Desk and Mo...
Tivoli Live – Nyckelfärdig molntjänst för dina behov inom Service Desk and Mo...Tivoli Live – Nyckelfärdig molntjänst för dina behov inom Service Desk and Mo...
Tivoli Live – Nyckelfärdig molntjänst för dina behov inom Service Desk and Mo...IBM Sverige
 
System Center Endpoint Protection 2012 R2
System Center Endpoint Protection 2012 R2System Center Endpoint Protection 2012 R2
System Center Endpoint Protection 2012 R2Norman Mayes
 
SaaS Introduction-May2014
SaaS Introduction-May2014SaaS Introduction-May2014
SaaS Introduction-May2014Nguyen Tung
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Sophos Benelux
 
WebSphere Integration User Group 13 July 2015 : DataPower session
WebSphere Integration User Group 13 July 2015 : DataPower sessionWebSphere Integration User Group 13 July 2015 : DataPower session
WebSphere Integration User Group 13 July 2015 : DataPower sessionHugh Everett
 
IBM SmartCloud Orchestration
IBM SmartCloud OrchestrationIBM SmartCloud Orchestration
IBM SmartCloud OrchestrationIBM Danmark
 

Similaire à IBM Security Identity and Access Management - Portfolio (20)

IBM i at the eart of cognitive solutions
IBM i at the eart of cognitive solutionsIBM i at the eart of cognitive solutions
IBM i at the eart of cognitive solutions
 
IBM Endpoint Manager for Server Automation presentation
IBM Endpoint Manager for Server Automation presentationIBM Endpoint Manager for Server Automation presentation
IBM Endpoint Manager for Server Automation presentation
 
IBM Endpoint Manager for Server Automation (Overview)
IBM Endpoint Manager for Server Automation (Overview)IBM Endpoint Manager for Server Automation (Overview)
IBM Endpoint Manager for Server Automation (Overview)
 
59264945-Websphere-Security.pdf
59264945-Websphere-Security.pdf59264945-Websphere-Security.pdf
59264945-Websphere-Security.pdf
 
Whats new in data power
Whats new in data powerWhats new in data power
Whats new in data power
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud Applications
 
Ims keeping current for phoenix
Ims keeping current for phoenixIms keeping current for phoenix
Ims keeping current for phoenix
 
IBM Private Modular Cloud
IBM Private Modular CloudIBM Private Modular Cloud
IBM Private Modular Cloud
 
Avaya Network Management Overview
Avaya Network Management OverviewAvaya Network Management Overview
Avaya Network Management Overview
 
System Center 2012 Virtual Machine Manager
System Center 2012 Virtual Machine ManagerSystem Center 2012 Virtual Machine Manager
System Center 2012 Virtual Machine Manager
 
Password Express - Data Sheet
Password Express - Data SheetPassword Express - Data Sheet
Password Express - Data Sheet
 
Datapower Steven Cawn
Datapower Steven CawnDatapower Steven Cawn
Datapower Steven Cawn
 
Pivotal Cloud Foundry 2.4: A First Look
Pivotal Cloud Foundry 2.4: A First LookPivotal Cloud Foundry 2.4: A First Look
Pivotal Cloud Foundry 2.4: A First Look
 
Tivoli Live – Nyckelfärdig molntjänst för dina behov inom Service Desk and Mo...
Tivoli Live – Nyckelfärdig molntjänst för dina behov inom Service Desk and Mo...Tivoli Live – Nyckelfärdig molntjänst för dina behov inom Service Desk and Mo...
Tivoli Live – Nyckelfärdig molntjänst för dina behov inom Service Desk and Mo...
 
System Center Endpoint Protection 2012 R2
System Center Endpoint Protection 2012 R2System Center Endpoint Protection 2012 R2
System Center Endpoint Protection 2012 R2
 
SaaS Introduction-May2014
SaaS Introduction-May2014SaaS Introduction-May2014
SaaS Introduction-May2014
 
Bsm mw10
Bsm mw10Bsm mw10
Bsm mw10
 
Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014Securing with Sophos - Sophos Day Belux 2014
Securing with Sophos - Sophos Day Belux 2014
 
WebSphere Integration User Group 13 July 2015 : DataPower session
WebSphere Integration User Group 13 July 2015 : DataPower sessionWebSphere Integration User Group 13 July 2015 : DataPower session
WebSphere Integration User Group 13 July 2015 : DataPower session
 
IBM SmartCloud Orchestration
IBM SmartCloud OrchestrationIBM SmartCloud Orchestration
IBM SmartCloud Orchestration
 

Plus de IBM Sverige

Trender, inspirationer och visioner - Mikael Haglund #ibmbpsse18
Trender, inspirationer och visioner - Mikael Haglund #ibmbpsse18Trender, inspirationer och visioner - Mikael Haglund #ibmbpsse18
Trender, inspirationer och visioner - Mikael Haglund #ibmbpsse18IBM Sverige
 
AI – hur långt har vi kommit? – Oskar Malmström, IBM #ibmbpsse18
AI – hur långt har vi kommit? – Oskar Malmström, IBM #ibmbpsse18AI – hur långt har vi kommit? – Oskar Malmström, IBM #ibmbpsse18
AI – hur långt har vi kommit? – Oskar Malmström, IBM #ibmbpsse18IBM Sverige
 
#ibmbpsse18 - The journey to AI - Mikko Hörkkö, Elinar

#ibmbpsse18 - The journey to AI - Mikko Hörkkö, Elinar
#ibmbpsse18 - The journey to AI - Mikko Hörkkö, Elinar

#ibmbpsse18 - The journey to AI - Mikko Hörkkö, Elinar
IBM Sverige
 
#ibmbpsse18 - Koppla säkert & redundant till IBM Cloud - Magnus Huss, Interexion
#ibmbpsse18 - Koppla säkert & redundant till IBM Cloud - Magnus Huss, Interexion#ibmbpsse18 - Koppla säkert & redundant till IBM Cloud - Magnus Huss, Interexion
#ibmbpsse18 - Koppla säkert & redundant till IBM Cloud - Magnus Huss, InterexionIBM Sverige
 
#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBM
#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBM#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBM
#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBMIBM Sverige
 
Multiresursplanering - Karolinska Universitetssjukhuset
Multiresursplanering - Karolinska UniversitetssjukhusetMultiresursplanering - Karolinska Universitetssjukhuset
Multiresursplanering - Karolinska UniversitetssjukhusetIBM Sverige
 
Solving Challenges With 'Huge Data'
Solving Challenges With 'Huge Data'Solving Challenges With 'Huge Data'
Solving Challenges With 'Huge Data'IBM Sverige
 
Blockchain explored
Blockchain explored Blockchain explored
Blockchain explored IBM Sverige
 
Blockchain architected
Blockchain architectedBlockchain architected
Blockchain architectedIBM Sverige
 
Blockchain explained
Blockchain explainedBlockchain explained
Blockchain explainedIBM Sverige
 
Grow smarter project kista watson summit 2018_tommy auoja-1
Grow smarter project kista watson summit 2018_tommy auoja-1Grow smarter project kista watson summit 2018_tommy auoja-1
Grow smarter project kista watson summit 2018_tommy auoja-1IBM Sverige
 
Bemanningsplanering axfood och houston final
Bemanningsplanering axfood och houston finalBemanningsplanering axfood och houston final
Bemanningsplanering axfood och houston finalIBM Sverige
 
Power ai nordics dcm
Power ai nordics dcmPower ai nordics dcm
Power ai nordics dcmIBM Sverige
 
Nvidia and ibm presentation feb18
Nvidia and ibm presentation feb18Nvidia and ibm presentation feb18
Nvidia and ibm presentation feb18IBM Sverige
 
Hwx introduction to_ibm_ai
Hwx introduction to_ibm_aiHwx introduction to_ibm_ai
Hwx introduction to_ibm_aiIBM Sverige
 
Ac922 watson 180208 v1
Ac922 watson 180208 v1Ac922 watson 180208 v1
Ac922 watson 180208 v1IBM Sverige
 
Watson kista summit 2018 box
Watson kista summit 2018 box Watson kista summit 2018 box
Watson kista summit 2018 box IBM Sverige
 
Watson kista summit 2018 en bättre arbetsdag för de många människorna
Watson kista summit 2018 en bättre arbetsdag för de många människornaWatson kista summit 2018 en bättre arbetsdag för de många människorna
Watson kista summit 2018 en bättre arbetsdag för de många människornaIBM Sverige
 
Iwcs and cisco watson kista summit 2018 v2
Iwcs and cisco watson kista summit 2018 v2Iwcs and cisco watson kista summit 2018 v2
Iwcs and cisco watson kista summit 2018 v2IBM Sverige
 
Ibm intro (watson summit) bkacke
Ibm intro (watson summit) bkackeIbm intro (watson summit) bkacke
Ibm intro (watson summit) bkackeIBM Sverige
 

Plus de IBM Sverige (20)

Trender, inspirationer och visioner - Mikael Haglund #ibmbpsse18
Trender, inspirationer och visioner - Mikael Haglund #ibmbpsse18Trender, inspirationer och visioner - Mikael Haglund #ibmbpsse18
Trender, inspirationer och visioner - Mikael Haglund #ibmbpsse18
 
AI – hur långt har vi kommit? – Oskar Malmström, IBM #ibmbpsse18
AI – hur långt har vi kommit? – Oskar Malmström, IBM #ibmbpsse18AI – hur långt har vi kommit? – Oskar Malmström, IBM #ibmbpsse18
AI – hur långt har vi kommit? – Oskar Malmström, IBM #ibmbpsse18
 
#ibmbpsse18 - The journey to AI - Mikko Hörkkö, Elinar

#ibmbpsse18 - The journey to AI - Mikko Hörkkö, Elinar
#ibmbpsse18 - The journey to AI - Mikko Hörkkö, Elinar

#ibmbpsse18 - The journey to AI - Mikko Hörkkö, Elinar

 
#ibmbpsse18 - Koppla säkert & redundant till IBM Cloud - Magnus Huss, Interexion
#ibmbpsse18 - Koppla säkert & redundant till IBM Cloud - Magnus Huss, Interexion#ibmbpsse18 - Koppla säkert & redundant till IBM Cloud - Magnus Huss, Interexion
#ibmbpsse18 - Koppla säkert & redundant till IBM Cloud - Magnus Huss, Interexion
 
#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBM
#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBM#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBM
#ibmbpsse18 - Den svenska marknaden, Andreas Lundgren, CMO, IBM
 
Multiresursplanering - Karolinska Universitetssjukhuset
Multiresursplanering - Karolinska UniversitetssjukhusetMultiresursplanering - Karolinska Universitetssjukhuset
Multiresursplanering - Karolinska Universitetssjukhuset
 
Solving Challenges With 'Huge Data'
Solving Challenges With 'Huge Data'Solving Challenges With 'Huge Data'
Solving Challenges With 'Huge Data'
 
Blockchain explored
Blockchain explored Blockchain explored
Blockchain explored
 
Blockchain architected
Blockchain architectedBlockchain architected
Blockchain architected
 
Blockchain explained
Blockchain explainedBlockchain explained
Blockchain explained
 
Grow smarter project kista watson summit 2018_tommy auoja-1
Grow smarter project kista watson summit 2018_tommy auoja-1Grow smarter project kista watson summit 2018_tommy auoja-1
Grow smarter project kista watson summit 2018_tommy auoja-1
 
Bemanningsplanering axfood och houston final
Bemanningsplanering axfood och houston finalBemanningsplanering axfood och houston final
Bemanningsplanering axfood och houston final
 
Power ai nordics dcm
Power ai nordics dcmPower ai nordics dcm
Power ai nordics dcm
 
Nvidia and ibm presentation feb18
Nvidia and ibm presentation feb18Nvidia and ibm presentation feb18
Nvidia and ibm presentation feb18
 
Hwx introduction to_ibm_ai
Hwx introduction to_ibm_aiHwx introduction to_ibm_ai
Hwx introduction to_ibm_ai
 
Ac922 watson 180208 v1
Ac922 watson 180208 v1Ac922 watson 180208 v1
Ac922 watson 180208 v1
 
Watson kista summit 2018 box
Watson kista summit 2018 box Watson kista summit 2018 box
Watson kista summit 2018 box
 
Watson kista summit 2018 en bättre arbetsdag för de många människorna
Watson kista summit 2018 en bättre arbetsdag för de många människornaWatson kista summit 2018 en bättre arbetsdag för de många människorna
Watson kista summit 2018 en bättre arbetsdag för de många människorna
 
Iwcs and cisco watson kista summit 2018 v2
Iwcs and cisco watson kista summit 2018 v2Iwcs and cisco watson kista summit 2018 v2
Iwcs and cisco watson kista summit 2018 v2
 
Ibm intro (watson summit) bkacke
Ibm intro (watson summit) bkackeIbm intro (watson summit) bkacke
Ibm intro (watson summit) bkacke
 

Dernier

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 

Dernier (20)

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 

IBM Security Identity and Access Management - Portfolio

  • 1. © 2014 IBM Corporation IBM Security Identity and Access Management Products updates and what is coming Sven-Erik Vestergaard Pan-IOT security architecht IBM Security svest@dk.ibm.com
  • 2. © 2014 IBM Corporation IBM Security 2 Agenda  ISAM  ISIM  PIM  Z/Secure
  • 3. © 2014 IBM Corporation IBM Security 3 IBM Security Access Manager
  • 4. © 2014 IBM Corporation IBM Security 5 Federated Registry Support  Allow ISAM to address a federated registry space where different suffixes are distributed across LDAP servers  Current Registry becomes “Primary registry” – Management suffix (e.g. secAuthority=Default) is stored here • This is where all ISAM user/group/policy/GSO meta-data is stored – Users and groups can also be stored here  Can also define one or more “Federated Registries” – These only store User and Group objects – No schema changes required in these registries – Identified by the suffixes they contain
  • 5. © 2014 IBM Corporation IBM Security 6 IBM Security Access Manager Native Kerberos Single Sign-On
  • 6. © 2014 IBM Corporation IBM Security 7 Kerberos SSO  For Windows applications, Kerberos provides the best SSO – It is supported by Windows services without the need for plug-ins – It generally causes the least number of integration issues  Kerberos Delegation is required to support this in ISAM – Allows an intermediate server to request tickets on behalf of an end user  Kerberos Delegation is now supported by non-Windows Kerberos – Previously it required Windows APIs  ISAM Appliance includes a Kerberos client for native support – Federated Identity Manager is no longer required for this
  • 7. © 2014 IBM Corporation IBM Security 8 IBM Security Access Manager Trusteer Pinpoint
  • 8. © 2014 IBM Corporation IBM Security 9 Proposed Architecture WebSEAL Filter Framework Web Engine Snippet Filter Update Manager Trusteer Endpoint Servers Poll Snippet Delivery Endpoint Access Page Delivery Web Application Page Access Snippet Files  A new filter will be added to the WebSEAL filter framework;  An update manager which is embedded within the appliance will be used to monitor updates and retrieve these updates;  Configuration will be contained in: – WebSEAL configuration file; – Snippet files;
  • 9. © 2014 IBM Corporation IBM Security 10 IBM Security Access Manager Appliance Monitoring
  • 10. © 2014 IBM Corporation IBM Security 11 SNMP added for Appliance Monitoring  Systems monitoring is an important part of operations – Often we may overlook it in pre-sales but customers will not  Customer tools cannot be added to an appliance – So it needs to provide sufficient capability out-of-the-box  In ISAM 8.0.0.5 an SNMP daemon has been added – It monitors standard system parameters such as disk, cpu, memory, interfaces, processes etc.  Currently it doesn’t monitor ISAM-specific functions – syslog can provide integration for monitoring of this kind
  • 11. © 2014 IBM Corporation IBM Security 12 ISAM Appliance shown in Tivoli Enterprise Monitoring
  • 12. © 2014 IBM Corporation IBM Security 13 IBM Security Access Manager DataPower
  • 13. © 2014 IBM Corporation IBM Security 14 Applications and Systems Silos of security are impeding business agility DEVELOPERSPARTNERS CONSUMERS EMPLOYEES WEBMOBILEB2B SOA APIS CONSUMERS EMPLOYEES PARTNERS CONSULTANTS DEVELOPERS API MANAGEMENT B2B GATEWAY SOA GATEWAY WEB ACCESS PROXY MOBILE GATEWAY Business Channels Users Security Solutions
  • 14. © 2014 IBM Corporation IBM Security 15 MULTI-CHANNEL GATEWAY Reduce cost and improve security posture with a converged gateway Business Channels Users DEVELOPERSPARTNERS CONSUMERS EMPLOYEES WEBMOBILEB2B SOA APIS CONSUMERS EMPLOYEES PARTNERS CONSULTANTS DEVELOPERS Security Solutions Applications and Systems
  • 15. © 2014 IBM Corporation IBM Security 16 Introducing IBM’s multi-channel gateway solution Leverage the combined capabilities of IBM DataPower Gateway and IBM Security Access Manager in a single, converged security and integration gateway solution IBM DataPower Gateway ISAM for DataPower Traffic control & optimization Message security User access security KeyBenefits Reduce Operating Costs Improve Business Agility Improve Edge Security Secure User Interactions Secure App Interactions Single gateway reduces hardware footprint and uses common set of management and operational skills Common security policy framework that can be shared across business channels Comprehensive security at the message-level, infrastructure-level, and user-level Safeguard mobile, cloud, and social access Protect applications at the message-level and provide optimized application delivery Message & transport bridging
  • 16. © 2014 IBM Corporation IBM Security 17 ISAM for Mobile & FIM provide advanced authentication, authorization, & federation capabilities with out-of-the-box integrations  ISAM for Mobile: Addresses the needs for emerging web and mobile security requirements for strong and multi-factor authentication and dynamic, context based access policies from multiple data sources including Trusteer Mobile, Pinpoint and Fiberlink MaaS360  Federated Identity Manager: Provides a robust platform for centrally managing federated business partner relationships and access to SaaS applications Federated Identity Manager Federated single sign on Identity mediation Security token services ISAM for Mobile  Mobile single sign on  Strong auth & MFA  Context-based access  Device registration Policy Enforcement Point ISAM for DataPower
  • 17. © 2014 IBM Corporation IBM Security 18 IBM Security Identity Manager
  • 18. © 2014 IBM Corporation IBM Security 19 New Capabilities Across All Products  Identity Manager v6.0.0.4 and v7.0 – Simultaneous announcement: • Same functions, different delivery: V6.0.0.4 is software stack version for installed base; v7.0 is virtual appliance-only for new customers – Phase 3: Identity Service Center - business user interface – Platform/Middleware updates – Adapter updates including Oracle, Microsoft, UNIX/Linux platform updates – Customer-sponsored enhancements  Privileged Identity Manager v2.0 – Virtual appliance only delivery – PIM-SIM separation with integration – PIM for Applications option – User experience improvement – PIM administration in Service Center UI – SoftLayer administrative account management support  Identity Governance v5.1 – Virtual Appliance Delivery – Integration from SIG to SIM
  • 19. © 2014 IBM Corporation IBM Security 20 Identity Service Center – Home screen - updated (Optional)
  • 20. © 2014 IBM Corporation IBM Security 21 Introducing SIM Virtual Appliance  SIM is Virtual Appliance only starting with SIM v7 – Positioned as “fresh start” – Continued SIM 6.0.x software stack maintenance  Same platform as PIM and Access Manager (“Mesa”)  Offers customers a quick-to-deploy and easy-to-maintain IdM solution – Pre-installed components & middleware, configured through VA panels. • External data tier required (DB2 and LDAP) for storing operational data. • Uses existing, common admin/user web user interfaces • Supports HA clustering – Reduces time to value significantly • Reduces the skills requirements for IT admins. e.g. no WAS admin skills needed. • Reduces patch/upgrade effort via single “firmware” update - not individual component
  • 21. © 2014 IBM Corporation IBM Security 22 SIM Virtual Appliance – cont.  Target for new Identity Manager installations  Key limitations to note: – DB2 and Oracle (non SSL) only – Simplification -> configurability streamlining – no access to WAS – console, middleware install hidden etc. • We support customization “best practices” and incorporate into VA console configuration, but will discourage customization that makes upgrades difficult – Role and Policy Modeler not included (transition to SIG/CrossIdeas)  Migration: Existing SIM 5.1 and 6.0 customers will need to migrate environments – no automated upgrade – Fresh start: opportunity to rethink customizations and clean up the deployment – Tech note describing customization supports/limits to be published – Migration assistance on 2015 Roadmap
  • 22. © 2014 IBM Corporation IBM Security 23 SIM 6.0.0.4 SIM VA 7.0 OS / ESX AIX 6.1, 7.1 RHEL 5,6 SLES 10,11 Solaris 10 Windows 2008, 2012 VMware ESXi5.x DB DB2 9.5, 9.7, 10.1, 10.5 Oracle 10g, 11g , 12c DB2 10.1 Oracle 12c TDS SDS 6.2, 6.3, 6.3.1 Sun Directory 6.3, 7.0 ODS 11.1 SDS 6.3.1 SDI/TDI TDI 7.1, 7.1.1 SDI 7.2 TDI 7.1.1 WAS WAS 7.0 (Without ISC) WAS 8.5, WAS 8.5.5 -- (Inside VA) Reports Cognos 10.2.1 Cognos 10.2.1 Browser IE 9, 10, 11 Firefox 17 ESR, 24 ESR IE 11 Firefox 24 ESR Identity Manager Virtual Appliance – Component versions
  • 23. © 2014 IBM Corporation IBM Security 24 PIM 2.0 is Appliance Only  PIM Appliance now includes less “Identity Manager” – Only what is required to support PIM use cases  It can integrate with an Identity Manager system – To provide full Enterprise Identity + PIM functionality  New PIM opportunities should be directed towards appliance offering – Existing software stack customers will continue to receive support and fixes but little to no new PIM functionality  PIM Licence still includes entitlement for SIM and ESSO – So can still deploy and integrate these to get more function • At the cost of additional deployment complexity 24
  • 24. © 2014 IBM Corporation IBM Security 25 Authenticating applications without password ss OAuth 2.0 Token Authorization given by a PIM domain admin to an application instance. OAuth tokens are set to one-time use. ss Instance Fingerprint App instance host info, user info, network, binary hash and path, etc. Ensures that the instance is authentic. Token request and fingerprinting are done automatically during registration, using the App ID Toolkit.
  • 25. © 2014 IBM Corporation IBM Security 26 IAM Deployment Option Road Map V. APPLIANCE PIM Greenfield Identity Greenfield Identity Appliance (direction) Meets requirements for PIM scenarios for greenfield customers Meets requirements for SIM, PIM or SIG greenfield customers. Independent VA deployment Full IAM suite from a single VA Enable SIM, PIM, SIG or any combo Migration for sw stack customers IAM Software Stack Update in parallel with VA to provide customers time to consider VA or cloud Lighthouse IAM Initial Cloud IAM release Lower cost and faster deployment CLOUD SOFTWARE Lighthouse (direction) Updated to latest IAM releases Provide IBM Service Center UI
  • 26. © 2014 IBM Corporation IBM Security 27 IBM Security Z/Secure
  • 27. © 2014 IBM Corporation IBM Security 28 zSecure products that enable integration with QRadar RACF CA ACF2 CA Top Secretz/OS CICS DB2 Event sources from System z . . .
  • 28. © 2014 IBM Corporation IBM Security 29 New zSecure Adapters for QRadar SIEM product  Features  Collects and formats information from over 40 different IBM System z SMF record types - such as, z/OS, RACF, ACF2, Top Secret, DB2, and CICS events (customizable)  Additional SMF record types generated by IBM z/OS® and its sub-systems, for data set access, z/VM, PDS member updates and deletes, UNIX file activity, FTP, Telnet and other TCP/IP activity and many others.  Adds enriched descriptive audit information about the user and the resource from the security database and zSecure system snapshot information  Support for more frequent collection than once a day – job available for use with scheduling software  Benefits  Extend best practices and comply with regulatory/legal/compliance requirements  Provides a holistic, centralized approach for Security Monitoring and plugs a hole in the Enterprise Security Monitoring practice  Supports separation of duties – stop the legacy practice of self-policing!  Maximize QRadar capabilities for: Log management , Anomaly detection, Incident forensics, Configuration Management, Vulnerability Management, and Risk management
  • 29. © 2014 IBM Corporation IBM Security 30 Stay Focused Stay Ahead Questions ?