✔ Xavier Ashe

The advent of ransomware worms such as WannaCry and NotPetya has fundamentally changed the approach to cyber security. No longer can we trust in authentication alone as an effective perimeter, especially with the most business critical assets. With 0-day vulnerabilities in protocols being bought and sold on the black market, we must shift our thinking to limiting the impact of a breach through segmentation. Just as forest managers builds firebreaks to limit the impact of a wildfire, so too… Show more

The advent of ransomware worms such as WannaCry and NotPetya has fundamentally changed the approach to cyber security. No longer can we trust in authentication alone as an effective perimeter, especially with the most business critical assets. With 0-day vulnerabilities in protocols being bought and sold on the black market, we must shift our thinking to limiting the impact of a breach through segmentation. Just as forest managers builds firebreaks to limit the impact of a wildfire, so too must we turn to segmentation and “plan for the breach”.

Segmentation can take many forms. Network segmentation is what most often comes to mind. However, the concepts of segmentation can be applied to other domains such as data and identity. The true power of segmentation is when it spans multiple domains. In the end, segmentation should do two things: reduce the attack surface and limit the impact of an attack. Show less

IBM Tivoli Security Operations Manager (TSOM) was developed as a tool for automating activities in a Security Operations Center. In 2011, IBM acquired Q1 Labs with the industry-leading security intelligence solution to enhance the offerings. Many of the concepts map easily from Tivoli Security Operations Manager to QRadar. This guide should help to not only transition, but to also learn how to use QRadar to meet business requirements. We suggest using this opportunity to review the current… Show more

IBM Tivoli Security Operations Manager (TSOM) was developed as a tool for automating activities in a Security Operations Center. In 2011, IBM acquired Q1 Labs with the industry-leading security intelligence solution to enhance the offerings. Many of the concepts map easily from Tivoli Security Operations Manager to QRadar. This guide should help to not only transition, but to also learn how to use QRadar to meet business requirements. We suggest using this opportunity to review the current business requirements and upcoming changes to requirements to incorporate them into the conversion from TSOM to QRadar. Show less

Solution architects called to customer sites to pitch and bid SWG products are constrained by time, resource, and scope.

Solution architects gather information concerning the customer’s environment, business, objectives, and skills. They utilize that information to identify customer requirements. They combine these requirements and accumulated knowledge to configure products to best function in the customer’s environment. However, Solution architects are often expected to cover a… Show more

Solution architects called to customer sites to pitch and bid SWG products are constrained by time, resource, and scope.

Solution architects gather information concerning the customer’s environment, business, objectives, and skills. They utilize that information to identify customer requirements. They combine these requirements and accumulated knowledge to configure products to best function in the customer’s environment. However, Solution architects are often expected to cover a large variety of products and may not have the experience or specific, detailed product knowledge to select an optimal deployment approach

Experienced Solution architects typically understand the best manner to deploy products in particular environments and generally start with consistent approaches. This Guide is intended to document the knowledge, best practices, and architectural approaches employed by experienced Solution architects and field personnel. It is for use by technical and Solution personnel who may not be as intimate with the nuances and intricacies of installing and configuring our products.

This Guide is not a comprehensive security architecture guide. It is not a de facto product manual. It is a guide by and for Solution architects and other deployers that imparts information needed to begin successful deployments. Show less

This IBM Redpaper publication takes a close look at the enterprise IT network perimeter, which has been diluted from a well-defined set of ingress and egress points to a mesh of undetectable flows from devices capable of accessing and penetrating corporate resources. The days of keeping the bad guys out by building a well-defined wall are definitely over. Businesses and organizations require collaboration with internal and external business partners, customers, and employees, which further… Show more

This IBM Redpaper publication takes a close look at the enterprise IT network perimeter, which has been diluted from a well-defined set of ingress and egress points to a mesh of undetectable flows from devices capable of accessing and penetrating corporate resources. The days of keeping the bad guys out by building a well-defined wall are definitely over. Businesses and organizations require collaboration with internal and external business partners, customers, and employees, which further removes walls and protective barriers.

In this paper, we discuss how the variety of endpoints that were once considered to be have now become the perimeter itself. With this idea in mind, we investigate how you can build a strong security solution to protect the valuable assets accessible through the IT infrastructure.

The target audience for this paper is IT architects, IT specialists, and security administrators. Show less

The telecommunications industry is currently under pressure arising from deregulation, competition and rapid technology change. These factors together with the vision of Next Generation Networks (NGN) pose significant challenges to an appropriate architecture for operation, administration and maintenance of future networks and services. This new architecture introduces security risks that previously have not been present in telecommunications networks. Threats range from the nuisance of spam to… Show more

The telecommunications industry is currently under pressure arising from deregulation, competition and rapid technology change. These factors together with the vision of Next Generation Networks (NGN) pose significant challenges to an appropriate architecture for operation, administration and maintenance of future networks and services. This new architecture introduces security risks that previously have not been present in telecommunications networks. Threats range from the nuisance of spam to the propagation of viruses and more serious forms of identity theft and intellectual property rights violations. Invariably, new threats are introduced by the various service providers and consumers who use the NGN platform, but the burden of this increased risk is borne by the operators. Since NGN operators serve as the focal access and delivery point for communications, the design of a comprehensive security framework is critical to their business and ongoing relationships with their subscribers, service providers, and partners. The main elements to be addressed are access control, authentication, non-repudiation, data confidentiality, communication security, data integrity, availability, and privacy. Show less

This IBM® Redpaper provides information on migrating from IBM Tivoli® Risk Manager to
IBM Tivoli Security Operations Manager 3.1. It highlights the concepts used in Risk Manager
and maps them to Security Operations Manager. We also describe the steps required to
migrate from an existing Risk Manager environment to a new Security Operations Manager
installation.