Ironside Group Solutions

43  Download (0)

Full text

(1)

Ironside Group

Solutions

Your success is what drives us.

Dev Ops | Security | Reporting | Software Dev

DevOps Enterprise Architecture

(2)

2

IBM Endpoint Manager

Overview Presentation

(3)
(4)

4

Critical systems are globally distributed and in constant flux

Visibility is key in a constantly changing, distributed world

Find all assets on your network – NOW!

Deploy a software application worldwide in

days.

Patch hundreds of thousands of workstations, laptops and

servers in minutes.

Continuously enforce security configuration baselines, even on

mobile and off-network devices. Patch anywhere, anytime over any

(5)

5

AntiThreat

Desktop & Server Management

Patch Management NAC Security Config Management Vulnerability Assessment Data Leak Prevention OS Deployment Remote Desktop Software Inventory & Metering Asset Discovery Software

Distribution Power Management Patch Management

IT Policy Enforcement

BigFix Platform

See

Change

Enforce

Anti-spyware

Anti-virus Endpoint Firewall

Client Manager for AV

IEM Service Delivery Platform & Solutions

Client Manager for AV

(6)

6

Endpoint complexity continues to increase

Endpoint

device counts,

devices and

platforms

Compliance

requirements

to establish,

prove and

maintain

continuous

compliance

Speed,

severity and

complexity of

malware

attacks

Patch O/S and application

vulnerabilities with hours

Rapid, agile, automated

remediation is needed

Mobile/roaming endpoints

New form factors and

platforms

Employee-owned devices

Establish, prove and

maintain continuous

(7)

7

IBM Unified Device and Persona based Mgmt

Smartphones & Tablets

PC’s, Macs, POS, ATMs

On and off-network

Distributed Data Centers

Physical and Virtual

SaaS, On-premise, or MSP Integrated Reporting Comprehensive Security Lowest TCO Patch

Management Management Lifecycle Protection Core

Mobile Devices Security & Compliance Power Management SW Usage & Analysis Mobile Apps

Find and Fix problems in minutes across all enterprise computers and mobile devices

Datacenters Server

(8)

8

IBM Endpoint Manager

continuously monitors the health and

security of all enterprise computers in real-time via a single,

policy-driven agent

Endpoints

Common management agent

Unified management console

Common infrastructure

Single server

IBM Endpoint Manager

Patch Management Lifecycle Management Software Use Analysis Power Management Security and Compliance Core Protection

Desktop / laptop / server endpoint Purpose specific

Systems Management Security Management

Server Automation

(9)

9

IBM Endpoint Manager offers a unified

management platform

Desktop and Server Administration

Delivers patch, inventory, software distribution, OS deployment,

remote control capabilities and near real-time visibility into the

state of endpoints including advanced capabilities to support

server endpoints.

Software Asset Management

Track software usage patterns and trends across Windows,

UNIX and Linux endpoints with always on asset management

to enhance license compliance. Manages software assets from

procurement to retirement using control desk integration.

Endpoint Security, Protection & Compliance

Provides unified, real-time visibility and enforcement to protect

distributed environments against threats that target endpoints

and helps organizations to comply with regulatory standards on

security.

(10)

10

IBM Endpoint Manager elements

Single intelligent agent

Continuous self-assessment • Continuous policy enforcement

• Minimal system impact (<2% CPU, <10MB RAM)

Single server and console

• Highly secure, highly available

• Aggregates data, analyses and reports • Manages up to 250K endpoints per server

Flexible policy language (Fixlets)

• Thousands of out-of-the-box policies • Best practices for operations and security • Simple custom policy authoring

• Highly extensible/applicable across all platforms

Virtual infrastructure

Designate Endpoint Manager agents as a relay or discovery point in minutes

• Provides built-in redundancy

(11)

11

Single Server & Console

• Highly secure, highly scalable • Aggregates data, analyzes & reports • Pushes out pre-defined/custom policies

Cloud-based Content Delivery

• Highly extensible

• Automatic, on-demand functionality

Single Intelligent Agent

• Performs multiple functions

• Continuous self-assessment & policy enforcement • Minimal system impact (< 2% CPU)

Lightweight, Robust Infrastructure

• Use existing systems as Relays • Built-in redundancy

• Support/secure roaming endpoints

How it Works

Remote Offices

Manage roaming

devices

(12)

12

The Changing Nature of Endpoint Management

Datacenter Servers & Virtual Servers Security and Compliance Patch Management Lifecycle Management Distributed Devices Distributed Servers

Coordinated Server Builds ?

Server Cluster Patching?

Custom tasks across related endpoints?

Multiple tools and differentiated skill sets (Silos) are required to manage distributed and

datacenter servers across all platforms increasing costs

Customers can’t move to cloud without the ability to automate the lifecycle of both physical

and virtual systems

How can I manage the Lifecycle of EVERY ENDPOINT?

Unified Device Management

Sequenced Server Build:

1. Right OS version? 2. IP addressing scheme? 3. DNS settings? 4. Hostname? 5. RAID settings? 6. Disk partitions? 7. Secured OS & Firewall

settings?

8. Supporting software (Corporate SW, Agents, etc)

Lifecycle management of Datacenter servers?

(13)

13 Stores / Kiosks WAN Data center 56k Headquarters Remote offices Distribution center Internet WiFi Airport Hotel Coffee shop Home T1 line T1 line 3G WiFi

Whether it’s a Mac connecting from hotel WiFi, a Windows laptop at 30K feet or a Red Hat Linux Server in your data center, IBM Endpoint Manager has it covered. In real time, at any scale.

Satellite

Network-friendly architecture delivers large packages without disrupting critical business applications

One management server per 250,000 endpoints Single, intelligent agent uses <2% CPU, <10MB RAM Cloud-based service continuously provides new patch, policy updates

Full command and control of Internet-connected devices Use existing computers

as Relays to minimize network traffic

Content Update Service

IBM Endpoint Manager, built on BigFix technology

Support for a wide variety of devices: iOS, Android, Blackberry, Windows, Mac, Unix, Linux, mobile

(14)

14

Closed Loop Speed is Our Advantage

Report Publish Evaluate

Traditional Solutions

TEM Software Policies

Evaluate Enforce

Publish Report

Challenge

Traditional client/server tools

TEM Platform

Complete the policy enforcement loop

Everything is controlled by the server, which is slow

A new way to do systems and security management

Increase the accuracy and speed of your knowledge

It can take days to accurately close the enforcement loop

Policy enforcement is accomplished and proven in minutes instead of days

Scalability cannot be attained without large infrastructure investments

Administrators are still managing tools instead of being productive

Distributed processing means scalability is unlimited

Adjust system policies depending on environment, location

Scan-based assessment, leading to stale data false sense of awareness

Real-time situational awareness Decide

Evaluate

Enforce Decide

(15)

15

Patch Management

IBM Cloud content delivery

service (operating systems and

3rd party applications)

Patch capabilities for multiple

platforms: Windows, Mac OS X,

Linux and UNIX

Intelligent agent

Reduction in patch and update times

from weeks and days to hours and

minutes

Increase first-pass success rates from

60-75% to 95-99+%

Real-time reporting

Automated self-assessment, no

centralised or remote scanning required

Benefits:

Services:

"We compressed our patch process from 6 weeks to 4 hours"

"We consolidated eight tools/infrastructures to one"

"We reduced our endpoint support issues by 78%"

(16)

16

Overview of Patch Management

Start with the Patch Management domain

The patches dashboard provides a

real-time view on Windows patches requirement across your environment See any New

Content here

Application vendor patches • Adobe Acrobat

• Adobe Reader • Apple iTunes • Apple QuickTime • Adobe Flash Player • Adobe Shockwave Player • Mozilla Firefox

• RealPlayer • Skype

• Oracle Java Runtime Environment • WinAmp

• WinZip …and operating

system patches

(17)

17

Patch Management for Windows now supports

non-security updates, specifically critical updates and

service packs for the Microsoft Windows product family

(18)

18

(19)

19

Lifecycle Management

Asset Discovery

Patch Management

Inventory Management

Software Distribution

OS Deployment

Remote Desktop Control

Dramatically reduced patch cycles and

increased first-pass success rates

Closed loop validation in real-time

Massive scalability and support for remote

and intermittently connected devices

Detection and resolution of corrupted

patches

Multi-platform support (Unix, Linux,

Windows, Mac OS X)

Benefits:

Services:

Dramatically reduced

patch cycles and

increased first-pass

success rates

Multi-platform support

(Unix, Linux, Windows,

(20)

20

Lifecycle Management

Windows 7 Operating System Deployment (OSD)

Streamlined deployment

process with centralised

control and automation

User profiles are saved,

migrated to Windows 7

and restored in order to

retain valuable data, all

in one easy step

Scheduled migration

Bandwidth throttling

IBM Endpoint Manager provides a graphical view of Windows 7 operating systems migration. Its unified console enables management of source images from a single location

(21)

21

Lifecycle Management

Software Distribution via IBM Endpoint Manager

IEM Console

IEM Relay

2. Admin imports

library, customizes

packages, and

initiates policies

4. Eligible IEM agents act

on the policy, installing

prerequisites and offering

installations to users

5. Completed actions are

immediately reported to

the IEM Server

Existing

Software Library

IEM Server

1. Admin imports

library from network

storage

3. IEM Server and Relays

manage and cache

downloads for

workstations

(22)

22

For Windows Servers and PCs

Unix/Linux Servers

Software Asset Discovery

Software Use Metering

Software Use Reporting

Near real time software inventory

Near real time software usage

reporting

Search, browse, and edit the

Endpoint Manager software

identification catalogue, which

contains over 105,000 signatures

out of the box

Periodic catalogue updates are

released regularly

Easily customize the software

identification catalogue to include

tracking of home-grown and

proprietary applications

Benefits:

Services:

Software Usage Analysis

Software publishers

8000+

Software products

(23)

23

Asset Discovery

Identification of

network

assets

– including

devices such as routers,

printers, switches,

wireless access points,

or anything with an IP

address

Identification of

unmanaged and rogue

computers

Defined Nmap scanners

(24)

24

(25)

25

The bank saved $175,000 off

its power bill within 12

months and avoid 2190

tonnes of carbon emissions

by using the advanced

power management

features of IBM Endpoint

Manager

See -

http://bit.ly/xQxUdd

Bendigo Bank

For Windows and Mac OS X

Comprehensive executive

reports

Client-side dashboard option

to create personalized reports

Customize power

consumption information to

match corporate

environments

Scheduled wake-on-LAN to

wake up endpoints

Auto-save open files before

shutdown/restart

Cost savings through reduction in

energy usage and utility rebates

where applicable

Obtain max power savings while

avoiding disruption to IT system

management

Project potential savings using

“what-if” scenario calculator

Single tool to identify

misconfiguration and automatic

remediation

Benefits:

Services:

(26)

26

Power Consumption Summary

Total Power Consumption for all devices is summarised on

this dashboard

Which includes your Total Current Power Usage (kWh, Cost and Green

House)

Potential savings are also identified

The breakdown of power usage for workdays and weekends is now

(27)

27

Prevents viruses, Trojans, worms, and other new malware

Available for Windows and Mac

Deep-cleans malware with Trend Micro SysClean

Catches and cleans spyware, rootkits and remnants completely

Includes an enterprise client firewall for network safety

Blocks users and applications from malicious web content

Integrates Web Reputation and File Reputation services powered

by the Trend Micro Smart Protection Network

Add-On: Data Loss Prevention and Advanced Device Control

Services:

Core Protection

Single Console

Cloud-based

Protection

Anti-virus

Anti-malware

Personal

Firewall

Data Protection

(28)

28

What is IBM Endpoint Manager – Core Protection

?

IBM Endpoint Manager

Server and Console

Endpoints

Relay Fail-Over

+ IEM-CP

SmartScan Server(s)

(29)

29

Data Loss Prevention

Protect privacy

Secure

Intellectual

Property

Comply with

regulations

Limit removable devices by make/model/serial

Limit applications that can use devices

Control behaviour of removable media (USB drives)

Real-time content scanning of sensitive data

Protection of structured data

Multi-channel monitoring and enforcement

Minimal incremental impact on client performance

Prevent Data Loss at the Endpoint

Place limits on user devices

“Best-of-breed content-aware DLP solutions have a deserved reputation for being expensive, difficult to implement and generally possessing capabilities exceeding most companies‘ requirements. .. the majority of organizations (approximately 70%) may be able to deploy "good enough" DLP capabilities in evolving non-E-DLP solutions.”

(30)

30

Patterns - Regular Expressions

( credit card, social insurance, account numbers)

Keywords – Lists of terms

(confidential, internal, project/product names…)

File Attributes – File Name, File Size, File Type

(threshold of acceptable use)

(31)

31

Services:

Task Sequencing

Advanced Server Patching support

Coordinated Server Builds (OS through

Middleware)

Middleware Management

Server Automation

Reduce costs

through higher

levels of

automation

Reduce human

errors and

accelerate server

updates by

extending

automation to

groups of related

servers

Benefits:

Reduce tools required to manage

distributed and datacenter servers

Automate lifecycle management of

both physical and virtual servers.

Enables users to perform advanced

automation tasks across servers -

without the need for programming

skills

Out of the box automation and

simple customization

(32)

32

Lifecycle Management with Server Automation

Lifecycle Management

Lifecycle Manager with Server Automation

OS Deployment

Windows PLUS Server OS* (Windows & Linux)

Hardware & Software Inventory

Physical PLUS Virtual

Patch Management

Simple Patching (e.g. Individual and groups of endpoints)

PLUS Advanced Patching (e.g. Patch a server cluster)

Software Distribution

Simple Software (e.g. email client, browser, pdf reader, msft office, etc)

PLUS Complex Software*

(Web/app/db software like WAS, DB2, MS SQL)

Custom Task Automation

Simple Automation (On individual

endpoints)

PLUS Complex Software (Across groups of related endpoints)

(33)

33

Asset Discovery and Visibility

Patch Management

Security Configuration Management

Continuous

enforcement of

security policies,

regardless of network

connection status

Host-based

vulnerability

assessment with

severity scoring and a

99.9% accuracy rate

Define and assess

client compliance to

security

configuration

baselines

SCAP certified for

FDCC

Windows, UNIX, Linux,

and Mac OS X

Security and Compliance

Local Video File (9:58)

Multi-Vendor Anti-Malware Management

Vulnerability Management

(34)

34

Security and Compliance

Vulnerability Management

Enables vulnerability discovery, assessment and remediation before endpoints are affected.

Assesses systems against standardised OVAL vulnerability definitions and reports on noncompliant

policies in real time.

(35)

35

Security and Compliance

(36)

36

Security and Compliance

Client Manager for Endpoint Protection

Manages the “health” of a variety of endpoint protection products from

McAfee, Symantec, Trend Micro, Sophos, Microsoft

Deployment overview for endpoint protection products

CMEP Open Framework - Designed allow external users to add reporting

capabilities for any AV product

(37)

37

IBM’s experience using IBM Endpoint Manager

Before

After

Patch availability typically 3-14+ days

Patch availability within 24 hours

92% compliance within 5 days (ACPM only)

98% within 48 hours

EZUpdate sometimes misses application of

patches on required machines

Detected about 35% of participants missing

at least one previous patch

Compliance model, completely reliant on

user

90% of Windows requirements can be

automatically remediated

Exceptions at machine level

Exceptions at setting level

IBM gained real-time visibility into endpoints, and automatically remediates issues across over

500,000 endpoints and supports multiple policies based on employee role and data access

(38)

38

Summary

IBM Endpoint Manager enables unified management of all

enterprise devices –

desktops

,

laptops

, servers,

smartphones

,

and tablets

Real-time/proactive endpoint management: Patch

management, anti-virus/malware, power management and

device location information

Continuous compliance reduces costs and risk

Power management

(39)

39

(40)

40

(41)

41

IEM provides detailed asset management reporting

Hardware and Software information across a range of server and workstation platforms: Windows, AIX,

HP-UX, Linux, Mac, Solaris and Mobile devices!

(42)

42

IBM Endpoint Manager delivers a number

services for Windows 7 migration

Asset Discovery

Windows 7 Migration Assessment

Software Usage Analysis

Operating System Deployment

Software Distribution

Patch Management

Patch Management

Security and Compliance

(43)

43

Leaders Quadrant- Client Management Solutions

IBM Confidential

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose

Figure

Updating...

References

Related subjects :