For more information on LEM, visit: http://www.solarwinds.com/log-event-manager.aspx
Watch this webcast: http://www.solarwinds.com/resources/videos/townsend-webcast.html
Successful log & event data analysis and correlation is predicated on the ability to collect data from all your network devices, systems and applications and the IBM i is no exception. Unfortunately, the IBM i does not log information like other systems making it that much more difficult to analyze valuable log data and reduce the risk of a security breach.
Join SolarWinds and Townsend Security and learn how the combination of SolarWinds Log & Event Manager and Townsend's Alliance LogAgent provide complete log and event monitoring and management for the IBM i.
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Log & Event Management on the IBM® i: Solarwinds® Log & Event Manager™and Townsend® Security Alliance Log Agent™
1. Log Management on the IBM
iSeries® with SolarWinds® Log &
Event Manager™ and Townsend
Security Alliance LogAgent™
March 21, 2012
2. Logging Is Now Essential
PCI Section 10 Requires Logging
» Requirement 10: Track and monitor all access to
network resources and cardholder data
GLBA/FFIEC Data Security
» Log Transmission, Normalization, Storage, and
Protection
HIPAA/HITECH Act
» Log-In Monitoring & Access Controls
3. Broad Leading IBM Participating
experience in iSeries Log Organization
data security Collection PCI Security
and data Solution Standards Council
communication
Over 2000 NIST Certified AES
Leadership customers Encryption
averages over worldwide
30 years IT FIPS 140-2 Certified
experience Strong Key Management
presence in the
Fortune 500
4. The State of Logging on the IBM iSeries
The state of logging on most IBM iSeries is not good
» There is a ton(!) of valuable information stored on your
IBM iSeries
» The IBM iSeries doesn‘t log information like other
systems
» IBM iSeries security logs are often an enclave inside the
IT organization
The essence of good reporting is externalizing the
logs
There is a requirement to remove the risk of
tampering
Compliance regulations recognize the need to watch
all users – including the most powerful users
IBM iSeries image courtesy of International Business Machines Corporation.
- Slide 4 -
Unauthorized use not permitted.
5. The State of Logging on the IBM iSeries
(continued)
End result? Only the IBM iSeries admins know
what is happening
» All that valuable logging information is sequestered
on the IBM iSeries
» Network originated threats to the IBM iSeries are
often not noticed or responded to by security
professionals
» Other IT professionals (especially the security
team) remain unaware about the strengths and
weaknesses of this machine
» What they don’t know can scare them
6. Logging on the IBM iSeries Today
Not monitoring your IBM iSeries is a big
problem
» It can lead to a finding of non-compliance
» It can leave a breach undetected
A large national retailer lost over 45 million
credit card numbers over a three-year period
through poor security and inattention
» Proper logging and review could have caught
this
- Slide 6 -
7. Townsend Security & Logging on the IBM iSeries
Alliance LogAgent™ from Townsend Security
» Creates logs that SolarWinds Log & Event Manager (LEM) can
read
» Forwards important information to LEM
» Uses SSL/TLS encryption to secure delivery
SolarWinds Log
QSYSOPR & Event Manager
Encrypted
QAUDJRN QHST
IBM iSeries Image courtesy of International Business Machines Corporation.
Unauthorized use not permitted. - Slide 7 -
11. Data Collection With SolarWinds Log & Event
Manager
Industry leading log and event
management technology
Real-time, in memory analytics
utilizing intelligent correlation.
Active Responses for immediate
remediation
High speed, high compression
database for long term retention.
Point, Click and Search historical
analytics
Turn Key, Virtual Appliance
12. LEM & Compliance
More than 300 "audit-proven "
compliance reports
Comply with PCI DSS, GLBA,
SOX, NERC CIP, HIPAA,
and more
Use the built-in compliance
reporting console to easily
create reports for internal requirements
Easily store the massive amounts of data required for compliance
Prevent policy violations and enforce critical compliance
requirements in real-time
- Slide 12 -
14. Why LEM
Ease of deployment
» Virtual appliance, simplicity of deployment, ease of use
Pricing
» Generally less expensive than competition, and more fully featured
» Simplicity of node pricing (vs. size, events)
Correlation AND Search
» Most products have a disproportionate focus in one or the other
» Real-time correlation and monitoring PLUS IT search capabilities
Built from the ground up for midmarket IT
» Most products are enterprise focused
» This is not Log & Event Manager Lite
- Slide 14 -
15. Summary
Logging is a now compliance mandate
Externalizing logs from the IBM iSeries can be difficult
SolarWinds LEM
» Award winning log & event management solution
» Live by lunch, easy-to-use
Alliance LogAgent easily captures and forwards logs to LEM
You can download Alliance LogAgent now and have it
running in 30 minutes
- Slide 15 -