Modern IT teams are turning to security and observability solutions to attain the ultimate visibility of their entire architecture. However, mission-critical systems like IBM i use complex data structures that make it incompatible with modern platforms, leaving a significant gap in your comprehensive IT resilience and observability posture. Watch this on-demand webinar to learn how easy it is to complete your security and observability strategy with the right tools.
What Are The Drone Anti-jamming Systems Technology?
Increase Security Observability with IBM i Machine Data
1. Ironstream®
The Full Stack
Increase Security Observability
with IBM i Machine Data
Ian Hartley | Senior Director, Product Management
Andrew Farley | Solutions Engineer
2. Housekeeping
Webinar Audio
• Today’s webcast audio is streamed through your
computer speakers
• If you need technical assistance with the web interface
or audio, please reach out to us using the Q&A box
Questions Welcome
• Submit your questions at any time during the
presentation using the Q&A box. If we don't get to your
question, we will follow-up via email
Recording and slides
• This webinar is being recorded. You will receive an email
following the webinar with a link to the recording and
slides
3. Themes
• Challenges around traditional
modernization approaches
• Impact to business
• Need for a comprehensive
Observability solution
• Demo of Ironstream for Security
Monitoring
4. Landscape of Digital
Modernization is complex
Robust security solutions needed
Increased threats to company data
More data across more apps
Migration to cloud and hybrid environments
5. IBM i delivers mission-critical value
Delivers ROI of
171%
Reduced system
downtime savings of
$530K
Reduced technical
support cost by over
$255K
Improved productivity
of employees by
$158.3K
70%+
of orgs state more than
half their business applications
run on IBM i
Source: Forrester “Total Economic Impact of IBM i”, 2021
6. Leading IT operations platforms
lack native IBM i integration
Distributed and
Cloud environments
IBM i Systems
Online
services
Storage
Online
Shopping
Cart
Servers
Desktops
Web
clickstreams
Security
Networks
Telecoms
Call detail
records
GPS
location
Messaging
Databases
RFID
Web
services
Packaged
applications
APP
Custom
apps
Energy
meters
Smartphones
and devices
On-
premises
Private
cloud
Public
cloud
IBM i
7. Impact of data silos on IT teams
No single view
of IT
infrastructure
Delayed SIEM
response
Increased
downtime
Operational
inefficiency
Trouble
maintaining
compliance
Lack of IT
resilience
9. What is SIEM?
• Real-time analysis of security
alerts generated by applications
and network hardware
• Holistic, unified view into
infrastructure, workflow, policy
compliance and log management
• Monitor and manage user and
service privileges as well as
external threat data
Log Collection
Log Analysis
Event Correlation
Log Forensics
IT Compliance
Application Log Monitoring
Object Access Auditing
Real-Time Alerting
User Activity Monitoring
Dashboards
Reporting
File Integrity Monitoring
System/Device Log Monitoring
Log Retention
Security Information and Event Management
9
SIEM
10. The SIEM market is growing
• $3.41 billion in 2020 to $4.10 billion in 2021
• 20% growth rate after 3.9% decline
• Maturing at a rapid pace but still competitive
Source: https://www.gartner.com/reviews/market/security-information-event-management
11. And security use cases are expanding
Threat detection Response Exposure Management Compliance
Source: https://www.gartner.com/reviews/market/security-information-event-management
Port workloads to less-expensive, strategic platforms
Talk Track:
And data silos can be a big deal. Organizations can feel the impact of these data silos in several different ways. The overall problem is the lack on a true 360-enterprise view of the IT infrastructure. There is no way for IT teams to see all of the aspects of their environment and how they interact with each other, which snowballs into several other problems that can affect the time, money, and reputation of the team if something goes wrong. The health and status of these legacy systems is unknown, so if an incident occurs that involves the mainframe or IBM i it can takes teams a long time to determine that. They may even need to get an IBM systems SME or consultant involved. Requiring this extra involvement from a 3rd party is a challenge in itself due to the fact that expertise around these systems is rapidly shrinking. Even after the experts get involved, teams still need to figure out what is wrong. This results in long MTTIs (mean time to identification) and long MTTRs (mean time to resolution). These are often a metric of success for IT ops teams, so if they are very high upper levels of management may need to get involved and the team could lose support from these executives. All of these factors culminate in a mismanagement of resources. There is so much time spent trying to understand what is happening with the mainframe and IBM i that it takes away from teams actual day jobs. Not to mention all of the extra money being spent on an IBM systems SME.
PURPOSE: The negative consequences of disconnection.
Patrick
SIEM technology aggregates and provides real-time analysis of security alerts using event data produced by security devices, network infrastructure components, systems, and applications. A primary function of SIEM is to analyze security event data in real-time for internal and external threat detection to prevent potential hacks and data loss. This typically includes user behavior analytics (UBA) – understanding user behavior and how it might impact security. SIEM technologies also collect, store, analyze and report on data needed for regulatory compliance to ensure that audit requirements are met as dictated.
Threat detection:
Real-time analytics
Batch analytics
Data science algorithms
User- and entity-based analytics
Response:
SOAR
Incident management
Collaboration
Exposure management:
Asset details (criticality, grouping, location, patch status, etc.)
User details (criticality, peer grouping, business unit, role, incident history, etc.)
Configuration posture (cloud asset configuration, GPO settings, etc.)
Poly-cloud visibility and unified exposure understanding
Threat detection framework alignment
Compliance:
Reporting
Continuous monitoring requirements
Audits
Security system of record
IT operations and security use cases can all be played across these tools and platforms. Even combinations of these many different use cases.
From simple visibility…to operational insights…finding issues and resolving them quickly before your customers are aware…to improving your security, compliance and audit posture.
These are all possible…at your own pace…and in-line with your common or even unique requirements.