View on demand webinar: http://event.on24.com/wcc/r/1064153/E59BB80AC2DB08E80C183ADB948A4899 If you’ve ever tried to reconcile the number of software licenses issued in your company against the number of licenses that are actually being used, you know it’s a jungle out there. In fact, one study uncovered that 85% of organizations are “accidental” software pirates, meaning they’re using more software than they paid for. In addition, many enterprises are facing unplanned and unbudgeted software license “true-up” bills from their vendors – that can cost millions of dollars. But you don’t have to. Join this webinar to get the facts and hack through the software licence jungle with IBM BigFix. We give you a consolidated, holistic view of the software you’ve deployed to help ensure audit compliance–and at the same time, help mitigate the threat of malicious software while effectively managing overall software spend. Join this live webinar to learn how to: - Discover all licensed and unlicensed software to pass more audits. - Decrease software license costs by reducing the amount of unused or redundant software. - Manage assets on hundreds -or hundreds of thousands- of Windows, Mac OS, Unix and Linux endpoints. - Mitigate risk from malicious software including whitelist/blacklist filtering of inventory data.

1. © 2015 IBM Corporation
Antonio Gallotti
Senior Product Manager
Cutting Through the Software
License Jungle: Stay Safe and
Control Costs

2. 2© 2015 IBM Corporation
License,
Contract,
Audit
Security,
Vulnerability,
Stability
Wherever there is a Software there is a Risk and a Cost

3. 3© 2015 IBM Corporation
You can’t protect what you can’t see
Software Compliance and Usage helps reducing risks and improve Incident response
to reduce the cost of a data breach
Software Control helps to know where to protect your environment
Lack of visibility and control contributes to security breaches and financial loss
*Source: 2015 Cost of a Data Breach Study: Global Analysis, Ponemon Institute, May 2015
“Major global bank compromised and
millions of depositor records stolen
due to missed server upgrade cycle”
?
global average cost
of a data breach*
$3.8M
üüü

4. 4© 2015 IBM Corporation
You can’t control what you can’t see
Software Compliance and Usage is the No. 1 factor to reduce the license cost and be
prepared for software audits
Software Control is key to avoid overspending
Lack of visibility and control contributes to unplanned license true-ups and fines
*Source: MarketWatch, April 2015
“most enterprises face frequent,
unbudgeted software license true-up bills
from their vendors -- often to the tune of
millions of dollars annually”
?
average cost of a
license true-up*
$1.0M
üüü

5. 5© 2015 IBM Corporation
IBM BigFix: Bridge the gap between Security and IT Ops
ENDPOINT
SECURITY
Discovery
and Patching
Lifecycle
Management
Software Compliance
and Usage
Continuous
Monitoring
Threat
Protection
Incident
Response
ENDPOINT
MANAGEMENT
IBM BigFix®
FIND IT. FIX IT. SECURE IT.
…FAST
Shared visibility and control
between IT Operations
and Security
IT OPERATIONS SECURITY
Reduce operational costs while improving your security posture

6. 6© 2015 IBM Corporation
Software compliance and usage – BigFix Inventory
Identify what software is installed and how it’s used
! Discover all licensed and unlicensed software
with in-depth granularity across operating systems
and devices
! Reduce license compliance exposure and associated fines
! Decrease software license costs by eliminating unused
or redundant software
! 8,000+ software publishers, 40,000+ software products, 50+
cross OS virtualizations
! Mitigate risk from unauthorized and malicious software
$
Saved $500K in unused software licenses while avoiding
$1M in non-compliance fines across 15,000+ endpoints
US Foods
SW Catalogue, ISO 19770 enabled

7. 7© 2015 IBM Corporation
Capabilities
IBM BigFix Inventory (AKA - Endpoint Manager for Software Use Analysis)
• Centralized Reporting Web Portal
• Health status and Reporting dashboards
• Virtualization and Cloud awareness
• Role based user access management
• REST API for easy integration
• IBM authorized tool for IBM Capacity
• Same as IBM License Metric Tool
Product highlights• So$ware
Catalogue
with
regular
updates
• ISO
19770
Tags
and
so$ware
signatures
• Catalogue
can
be
expanded
for
coverage
or
custom
applicaBons
• Supported
virtualizaBons
such
as
vSphere,
vCenter,
ESXi,
Hyper-­‐V,
IBM
AIX
LPAR
and
WPAR,
KVM
and
more
• SW
Asset
Inventory
• SW
Use
Metering
• SW
Use
ReporBng
• HW
Discovery,
Inventory
and
Monitoring
of
Capacity
Changes

8. 8© 2015 IBM Corporation
BigFix Inventory – Control Software Costs
Compliant?
Buy more?
Detailed, real-time, current inventory and usage reports
to eliminate under used or unnecessary licenses and
reduce maintenance costs
Overspending?
Identify unlicensed computers. Associate SW inventory
with HW data to avoid software license exposures
Accurate inventory data in support of purchasing and
procurement tools and processes
You can’t control what you can’t see

9. 9© 2015 IBM Corporation
BigFix Inventory – Mitigate Security Risks
Needed?
Managed?
Whitelist/Backlist filtering of inventory data to identify
systems where unauthorized software is deployed or
unauthorized processes are running
Authorized?
Usage reports to identify systems where software can
be removed to reduce security exposures
Inventory data and newly discovered system reports to
verify if assets are properly managed or unauthorized
You can’t protect what you can’t see

10. 10© 2015 IBM Corporation
Inventory and status health Dashboards

11. 11© 2015 IBM Corporation
Extensive Hardware Inventory Report
Extensive
list
of
aUributes
and
configuraBon
data
Software Control and Security Risk mitigation use case sample
Which systems/computers are we managing and are they all authorized?

12. 12© 2015 IBM Corporation
what’s deployed and where? Inventory tracking
Software Control and Security Risk mitigation use case sample

13. 13© 2015 IBM Corporation
is the sw used and do I need to continue licensing it or can I optimize?
Is the sw used and needed or can I remove it to reduce security exposures?
Usage metering
Software Control and Security Risk mitigation use case sample

14. 14© 2015 IBM Corporation14
Software Control and Security Risk mitigation use case sample
Which processes are running on my systems?
How long and when was last time they were used?
Process Metering data
Data can be analyzed in order to apply security risk assessments or
blacklisting filter criteria to identify exposures

15. 15© 2015 IBM Corporation15
Software Control and Security Risk mitigation use case sample
Which are the binary files loaded on my systems?
Who they are and where are they located?
File System data
Data can be analyzed in order to apply security risk assessments or can be
feed to blacklist/whitelist security solutions

16. 16© 2015 IBM Corporation
Why is the SW still there and how was discovered?
Are there executables or other left overs that could cause security exposures?
Software Control and Security Risk mitigation use case sample

17. 17© 2015 IBM Corporation
Software Compliance Use case sample
! Entitled Computers: computers that are entitled to use the particular
software associated with the contract definition, by being a part of the
computer group specified in the contract.
! Licensed Computers: entitled computers where software is installed.
! The values in the columns are links to sub-reports that list the computers
what’s the License usage? License usage tracking

18. 18© 2015 IBM Corporation
Software Compliance use case sample
Enhanced Oracle Database features discovery
• Discovers Oracle DB editions (Standard/Enterprise) and used
database features
• Discovers Oracle DB instances & installation paths
• Leverages the original Oracle LMS (License Management Services)
auditing SQL script
• Relevant also for Processor-based metric
NEW

19. 19© 2015 IBM Corporation
" Flexible reporting time ranges
" No data locking (no report signing)
" Data export with digital signature
" Visibility of the PVU/RVU peak values
" Visibility of the PVU/RVU trends
" Report views accessible during
data processing
" Flexible report filtering
Trend line & peak value
IBM Capacity Licensing (PVU and RVU) Trend line & peak value
Software Compliance use case sample
Enhanced reporting for IBM
NEW

20. 20© 2015 IBM Corporation
Questions??

21. © Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any
kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor
shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use
of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or
capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product
or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or
both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your
enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on
others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM
systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other
systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE
IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.
THANK YOU
www.ibm.com/security