Privileged Access Management for Secure Storage Administration: IBM Spectrum Scale with IBM Security Verify Privilege Vault PDF Download

Author: Vincent Hsu
Publisher: IBM Redbooks
ISBN: 0738459313
Category : Computers
Languages : en
Pages : 32

View

Book Description
There is a growing insider security risk to organizations. Human error, privilege misuse, and cyberespionage are considered the top insider threats. One of the most dangerous internal security threats is the privileged user with access to critical data, which is the "crown jewels" of the organization. This data is on storage, so storage administration has critical privilege access that can cause major security breaches and jeopardize the safety of sensitive assets. Organizations must maintain tight control over whom they grant privileged identity status to for storage administration. Extra storage administration access must be shared with support and services teams when required. There also is a need to audit critical resource access that is required by compliance to standards and regulations. IBM® SecurityTM Verify Privilege Vault On-Premises (Verify Privilege Vault), formerly known as IBM SecurityTM Secret Server, is the next-generation privileged account management that integrates with IBM Storage to ensure that access to IBM Storage administration sessions is secure and monitored in real time with required recording for audit and compliance. Privilege access to storage administration sessions is centrally managed, and each session can be timebound with remote monitoring. You also can use remote termination and an approval workflow for the session. In this IBM Redpaper, we demonstrate the integration of IBM Spectrum® Scale and IBM Elastic Storage® Server (IBM ESS) with Verify Privilege Vault, and show how to use privileged access management (PAM) for secure storage administration. This paper is targeted at storage and security administrators, storage and security architects, and chief information security officers.

Author: Lydia Parziale
Publisher: IBM Redbooks
ISBN: 0738457949
Category : Computers
Languages : en
Pages : 274

View

Book Description
As workloads are being offloaded to IBM® LinuxONE based cloud environments, it is important to ensure that these workloads and environments are secure. This IBM Redbooks® publication describes the necessary steps to secure your environment from the hardware level through all of the components that are involved in a LinuxONE cloud infrastructure that use Linux and IBM z/VM®. The audience for this book is IT architects, IT Specialists, and those users who plan to use LinuxONE for their cloud environments.

Author: Karen Orlando
Publisher: IBM Redbooks
ISBN: 0738441694
Category : Computers
Languages : en
Pages : 512

View

Book Description
This IBM® Redbooks® publication provides best practice guidance for planning, installing, configuring, and employing the IBM TS7600 ProtecTIER® family of products. It provides the latest best practices for the practical application of ProtecTIER Software Version 3.4. This latest release introduces the new ProtecTIER Enterprise Edition TS7650G DD6 model high performance server. This book also includes information about the revolutionary and patented IBM HyperFactor® deduplication engine, along with other data storage efficiency techniques, such as compression and defragmentation. The IBM System Storage® TS7650G ProtecTIER Deduplication Gateway and the IBM System Storage TS7620 ProtecTIER Deduplication Appliance Express are disk-based data storage systems: The Virtual Tape Library (VTL) interface is the foundation of ProtecTIER and emulates traditional automated tape libraries. For your existing ProtecTIER solution, this guide provides best practices and suggestions to boost the performance and the effectiveness of data deduplication with regards to your application platforms for your VTL and FSI (systems prior to version 3.4). When you build a ProtecTIER data deduplication environment, this guide can help IT architects and solution designers plan for the best option and scenario for data deduplication for their environments. This book can help you optimize your deduplication ratio, while reducing the hardware, power and cooling, and management costs. This Redbooks publication provides expertise that was gained from an IBM ProtecTIER System Client Technical Specialist (CTS), Development, and Quality Assurance teams. This planning should be done by the Sales Representative or IBM Business Partner, with the help of an IBM System CTS or IBM Solution Architect.

Author: Felipe Knop
Publisher: IBM Redbooks
ISBN: 0738457167
Category : Computers
Languages : en
Pages : 116

View

Book Description
Storage systems must provide reliable and convenient data access to all authorized users while simultaneously preventing threats coming from outside or even inside the enterprise. Security threats come in many forms, from unauthorized access to data, data tampering, denial of service, and obtaining privileged access to systems. According to the Storage Network Industry Association (SNIA), data security in the context of storage systems is responsible for safeguarding the data against theft, prevention of unauthorized disclosure of data, prevention of data tampering, and accidental corruption. This process ensures accountability, authenticity, business continuity, and regulatory compliance. Security for storage systems can be classified as follows: Data storage (data at rest, which includes data durability and immutability) Access to data Movement of data (data in flight) Management of data IBM® Spectrum Scale is a software-defined storage system for high performance, large-scale workloads on-premises or in the cloud. IBM SpectrumTM Scale addresses all four aspects of security by securing data at rest (protecting data at rest with snapshots, and backups and immutability features) and securing data in flight (providing secure management of data, and secure access to data by using authentication and authorization across multiple supported access protocols). These protocols include POSIX, NFS, SMB, Hadoop, and Object (REST). For automated data management, it is equipped with powerful information lifecycle management (ILM) tools that can help administer unstructured data by providing the correct security for the correct data. This IBM RedpaperTM publication details the various aspects of security in IBM Spectrum ScaleTM, including the following items: Security of data in transit Security of data at rest Authentication Authorization Hadoop security Immutability Secure administration Audit logging Security for transparent cloud tiering (TCT) Security for OpenStack drivers Unless stated otherwise, the functions that are mentioned in this paper are available in IBM Spectrum Scale V4.2.1 or later releases.

Author: Ahmed Azraq
Publisher: IBM Redbooks
ISBN: 0738457639
Category : Computers
Languages : en
Pages : 390

View

Book Description
IBM® Cloud Private is an application platform for developing and managing containerized applications across hybrid cloud environments, on-premises and public clouds. It is an integrated environment for managing containers that includes the container orchestrator Kubernetes, a private image registry, a management console, and monitoring frameworks. This IBM Redbooks covers tasks performed by IBM Cloud Private system administrators such as installation for high availability, configuration, backup and restore, using persistent volumes, networking, security, logging and monitoring. Istio integration, troubleshooting and so on. As part of this project we also developed several code examples and you can download those from the IBM Redbooks GitHub location: https://github.com/IBMRedbooks. The authors team has many years of experience in implementing IBM Cloud Private and other cloud solutions in production environments, so throughout this document we took the approach of providing you the recommended practices in those areas. If you are an IBM Cloud Private system administrator, this book is for you. If you are developing applications on IBM Cloud Private, you can see the IBM Redbooks publication IBM Cloud Private Application Developer's Guide, SG24-8441.

Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738486655
Category : Computers
Languages : en
Pages : 502

View

Book Description
Securing access to information is important to any business. Security becomes even more critical for implementations structured according to Service-Oriented Architecture (SOA) principles, due to loose coupling of services and applications, and their possible operations across trust boundaries. To enable a business so that its processes and applications are flexible, you must start by expecting changes – both to process and application logic, as well as to the policies associated with them. Merely securing the perimeter is not sufficient for a flexible on demand business. In this IBM Redbooks publication, security is factored into the SOA life cycle reflecting the fact that security is a business requirement, and not just a technology attribute. We discuss an SOA security model that captures the essence of security services and securing services. These approaches to SOA security are discussed in the context of some scenarios, and observed patterns. We also discuss a reference model to address the requirements, patterns of deployment, and usage, and an approach to an integrated security management for SOA. This book is a valuable resource to senior security officers, architects, and security administrators.

Author: Fay Chuck
Publisher: IBM Redbooks
ISBN: 073843812X
Category : Computers
Languages : en
Pages : 496

View

Book Description
IBM® FileNet® Content Manager Version 5.2 provides full content lifecycle and extensive document management capabilities for digital content. IBM FileNet Content Manager is tightly integrated with the family of IBM FileNet products based on the IBM FileNet P8 technical platform. IBM FileNet Content Manager serves as the core content management, security management, and storage management engine for the products. This IBM Redbooks® publication covers the implementation best practices and recommendations for solutions that use IBM FileNet Content Manager. It introduces the functions and features of IBM FileNet Content Manager, common use cases of the product, and a design methodology that provides implementation guidance from requirements analysis through production use of the solution. We address administrative topics of an IBM FileNet Content Manager solution, including deployment, system administration and maintenance, and troubleshooting. Implementation topics include system architecture design with various options for scaling an IBM FileNet Content Manager system, capacity planning, and design of repository design logical structure, security practices, and application design. An important implementation topic is business continuity. We define business continuity, high availability, and disaster recovery concepts and describe options for those when implementing IBM FileNet Content Manager solutions. Many solutions are essentially a combination of information input (ingestion), storage, information processing, and presentation and delivery. We discuss some solution building blocks that designers can combine to build an IBM FileNet Content Manager solution. This book is intended to be used in conjunction with product manuals and online help to provide guidance to architects and designers about implementing IBM FileNet Content Manager solutions. Many of the features and practices described in the book also apply to previous versions of IBM FileNet Content Manager.

Author: Tom Szuba
Publisher:
ISBN:
Category : Computer networks
Languages : en
Pages : 160

View

Book Description

Author: Tim Mather
Publisher: "O'Reilly Media, Inc."
ISBN: 1449379516
Category : Computers
Languages : en
Pages : 338

View

Book Description
You may regard cloud computing as an ideal way for your company to control IT costs, but do you know how private and secure this service really is? Not many people do. With Cloud Security and Privacy, you'll learn what's at stake when you trust your data to the cloud, and what you can do to keep your virtual infrastructure and web applications secure. Ideal for IT staffers, information security and privacy practitioners, business managers, service providers, and investors alike, this book offers you sound advice from three well-known authorities in the tech security world. You'll learn detailed information on cloud computing security that-until now-has been sorely lacking. Review the current state of data security and storage in the cloud, including confidentiality, integrity, and availability Learn about the identity and access management (IAM) practice for authentication, authorization, and auditing of the users accessing cloud services Discover which security management frameworks and standards are relevant for the cloud Understand the privacy aspects you need to consider in the cloud, including how they compare with traditional computing models Learn the importance of audit and compliance functions within the cloud, and the various standards and frameworks to consider Examine security delivered as a service-a different facet of cloud security

Author: Subhajit Maitra
Publisher: IBM Redbooks
ISBN: 0738459054
Category : Computers
Languages : en
Pages : 110

View

Book Description
This IBM® Redpaper publication provides all the necessary steps to successfully install Red Hat OpenShift 4.4 on IBM Z® or LinuxONE servers. It also provides an introduction to OpenShift nodes, Red Hat Enterprise Linux CoreOS, and Ansible. The steps that are described in this paper are taken from the official pages of the Red Hat website. This IBM Redpaper publication was written for IT architects, IT specialists, and others who are interested in installing Red Hat OpenShift on IBM Z.