www.AKTIO.comwww.AKTIO.com
www.AKTIO.com
Solución de Seguridad en dispositivosIBM Endpoint Manager
Enrique G. DutraEnterprise Security MVP – MCT - IBM Sales Spec.Auditor Lider ISO/IEC 27001:2005Punto Net Soluciones SRL
[email protected]: @egdutra @linenetsecurity
www.AKTIO.com
AGENDA
• Problemáticas actuales.
• IBM Endpoint Manager.
• Análisis de funcionalidades.
www.AKTIO.com
Problemáticas actuales
www.AKTIO.com
Problemáticas actuales
- Plataformas no están totalmente actualizadas
- Solo se actualizan algunas soluciones.
- No todas las soluciones están actualizadas y
presentan vulnerabilidades.
- Verificación de cumplimientos manuales.
- Poco conocimiento del estado de la plataforma.
- No hay revisión consolidada de las consolas de
las diferentes plataformas de seguridad.
www.AKTIO.com
Problemáticas actuales
- Falta de verificación de compliances.
- Ausencia de seguimiento de uso de
aplicaciones en los dispositivos.(Ej:
licenciamiento)
- Fuga de información.
- El despliegue de software no es homogéneo.
www.AKTIO.com
Quieren compartir algunas problemáticas con
nosotros?
¿Nos alcanza?
www.AKTIO.com
IBM Endpoint Manager 9.2.0
www.AKTIO.com
IBM Endpoint Manager
• Software empresarial para gestionar dispositivos
• Escalable hasta 250.000 dispositivos
• 1 única consola
• 1 solo agente
• 1 o varios retransmisores
• Reportes Web
www.AKTIO.com
Smartphones & Tablets
Mobile
Devices
Mobile
Apps
PC’s, Macs, POS, ATMsOn and off-network
ServersPhysical and Virtual
Patch
Management
Lifecycle
Management
Core
Protection
Security &
Compliance
Power
Management
SW Use
Analysis
Mobile
Management
Server
Automation
SaaS, On-premise, or MSP
Fastest time to compliance
Comprehensive Security
Lowest TCO
Unificación de la administración
www.AKTIO.com
Enterprise Mobility Management Suites Client Management ToolsSecurity Information & Event Management
IBM es el líder en administración de dispositivos
www.AKTIO.com
• Automates and manages continuous security configuration policy compliance.
• Easily and quickly assess endpoint security posture.
• Automatically patch and remediate non-compliant systems.
• Deploy, Update, and health check 3rd-party Antivirus solutions
• Identify, manage, and report on policy exceptions and deviations.
• Policy based quarantine of non-compliant systems
Library of 8,000+ compliance settings, including support for USGCB, DISA STIG, and CIS
Automatically and continuously enforce policy at the endpoint
• Asset Discovery
• Compliance Analytics
• Patch Management
• Security Configuration Management
• Vulnerability Management
• Multi-Vendor Endpoint Protection Management
IBM Endpoint Manager – Segurity & Compliance
www.AKTIO.com
Asset Discovery
Anti-Virus / Anti-Malware
Firewall Protection
File & Web Reputation
Data Loss Prevention
Asset discovery and reporting across heterogeneous operating systems
Provides anti-malware protection to Mac and Microsoft Windows endpoints.
Provides security for both fixed network-connected endpoints and roaming Internet-connected endpoints.
The web reputation feature automatically determines the safety of millions of dynamically rated websites.
Delivers integrated DLP capabilities using the same single console and single agent.
Provides near real-time protection from malware & other malicious threats through capabilities such as file & web reputation, personal firewall and behavior monitoring.
BeneficiosServicios
IBM Endpoint Manager – Core Protection
www.AKTIO.com
For organizations of various business verticals such as healthcare,
finance, manufacturing, retail, services, education and public sector
and of various size from SMB to Fortune 500
IBM Endpoint Manger is: Easy to use with simplified patching process,
Easy to scale from 10 to 250,000 devices and
Responsive with automation to detect and remediate vulnerabilities
Extensible to 90+ OS and Windows apps
Who need to: Assess the state of IT assets (E.g. Inventory),
Deploy OS patches and application updates,
Manage IT compliance and policy enforcementTHE end-to-end software
patch management solution
Coordinate and patch all
systems with one tool
Provides VISIBILITY, AUTOMATION and CONTINUOUS COMPLIANCE across 90+ Operating Systems
IBM Endpoint Manager – Patch Management
www.AKTIO.com
Services
• Asset Discovery
• Patch Management
• Inventory Management
• Software Distribution
• OS Deployment
• Remote Desktop Control
Benefits
• Role based software deployment and user self-provisioning
• Hardware independent OS imaging and driver management
• Dramatically reduced patch cycles and increased first-pass success rates
• Closed loop validation in real time
• Multi-platform support from a single console (Unix, Linux, Windows, Mac OS X)
Dramatically reduced patch
cycles and increased first-
pass success rates
Multi-platform support (Unix,
Linux, Windows, Mac OS X)
Discover, Control, and Automate with a single integrated solution
IBM provides a comprehensive set of content out of the box, ready to deploy. The IEM Platform is flexible and powerful when it comes to custom content and ad-hoc policy creation.
Patch Management
• Easily and quietly deploy patches across Windows, Mac OS X, Linux, Unix
• Enable advanced policies that automatically reapply patches if they are removed
IBM
Provided
Content
Custom
Content
Software Distribution
• Cross-platform management of software packages
• Web based self-service portal, provides as-needed enablement to end users
OS Deployment
• Solves bare metal and migration scenarios
• Easily combine with patch activities to create “true-up” baselines post-install
Asset Discovery SW & HW Inventory Remote Control
Community Ecosystem
• Take advantage of a growing library of custom Fixlets created by the user community
Ad-Hoc Tasks
• Respond quickly to new challenges by making simple modifications to any of the 100,000+ Fixlets IBM provides
IBM Endpoint Manager – Lifecycle Management
www.AKTIO.com
Granular power tracking to allow breakdown of weekly power consumption and idle time
Historical web reports to reflect the weekly power tracking data
Power profile wizard to allow creation of 'multiple power profile policy‘
Client side dashboard to show the projected impact of applying a single power profile offer
BES Server Plug-in Service enhanced to use encrypted passwords
Benefits
IBM Endpoint Manager – Power Management
www.AKTIO.com
• For Windows Servers and PCs
• Unix/Linux Servers
• Software Asset Discovery
• Software Use Metering
• Software Use Reporting
• Software identification catalogue, which contains over 105,000 signatures out of the box and updates are released regularly
• Easily customize the software identification catalogue to include tracking of home-grown and proprietary applications
Software publishers
8000+
Software products
40,000+
Services
• Centralized visibility & reporting of all sw assets
• Assess software inventory to help identify what is deployed in readiness for software audits
• Meters software usage to identify unused software
• Reports software usage and deployments to help measure compliance
Benefits
IBM Endpoint Manager – Software use Analysis
www.AKTIO.com
DEMO
www.AKTIO.com
Resumiendo IBM Endpoint Manager
Mobile Devices
Security & Compliance
Patch Management
Lifecycle Management
Power Management
Core Protection
Software Use Analysis
Middleware Management
Physical & Virtual Server Management
Advanced Server Management & Task Automation
Server Automation
(add-on)
Software Distribution
OS Deployment
Remote Control
Patch Management
Basic HW & SW Inventory
Vulnerability Assessment
Compliance Analytics
3rd Party Endpoint Protection Mgmnt
Patch Management
Security Config Mgmnt
Anti-Malware
Firewall
Data Loss Prevention &Device Control (Data Protection add-on)
Available as“Starter Kit”
Software Catalog Correlation
Software Usage Reporting
Software Inventory
Offline Patching
Application Patching
OS Patching
Compliance
App Mgmt
Mobile Device Mgmt
TPM evolution
TADd / ILMT convergence
Available as“Starter Kit”
Self-Quarantine
Windows & Macs
Carbon, cost reduction reports
End-user Dashboard
Datacenters
OS & App Patching
Software Distribution
OS Deployment
Remote Control
Basic HW & SW Inventory
Vulnerability Assessment
Compliance Analytics
3rd Party Endpoint Protection Mgmnt
Security Config Mgmnt
Self-Quarantine
www.AKTIO.com
Mantenerse actualizado
IBM Punto Net Soluciones@IBMSecurity @Linenetsecurity
@egdutra
/secintelligence /PuntoNetSolucionesSRL
/line.net.71
http://seguridadit.blogspot.com.ar/
http://www-03.ibm.com/software/products/en/appscan-standard
www.AKTIO.com
Muchas GraciasMuito ObrigadoThank You