| ACF2 Administration | RACF Administration |
| OS/390 Auditing & Event Monitoring | Open Systems Event Monitoring |
| Other OS/390 Security | Security Matters |
Open systems event monitoring solutions on this page:
| WWW Links |
Later called Consul/eAudit, Consul InSight Security Manager, and now Tivoli Compliance Insight Manager.
Consul/Enterprise Audit provides an integrated solution for monitoring and managing audit trail data in your open system and e-business environments.
You are opening up your business to the world through your e-business initiatives, allowing more and more external users access to more and more trusted resources, bypassing the traditional middlemen. This greatly increases the efficiency of your business and makes you more competitive in your field. It also makes it imperative that you keep track of what your new customers are doing in the core of your IT environment.
With the diversity of components in the average IT department, each requiring its own specific technological expertise, it is difficult to ensure that all security issues are well handled. There is no single, integrated and consolidated view of the whole information technology space. The result is that your open systems, and especially your e-business solution, become inherently insecure over time, and that you don't even notice this. An insecure environment means that you and your company will be liable for security exposures or privacy issues related to the information that you manage. Even when no money is involved, bad press is easily created.
We have a solution that allows you to open your doors with confidence. Regardless of the structure of your e-business environment, Consul/Enterprise Audit provides a consolidated view and violations analysis based on the integration of the audit trail data from all the different components in your e- business arena. This way you can determine the need for preventative measures to internal and external fraud and reduce the cost of security management. It also addresses internal and external audit requirements and reduces the risk of exposure to liabilities.
Traditional security monitoring is the practice of reading audit logs. Most companies do not have the numbers of security staff or the technical competence to perform traditional security monitoring for an extended enterprise. It simply doesn't get done. Yet audit log monitoring is the final and ultimately reliable method for determining the level of security of an enterprise.
Consul/Enterprise Audit automatically collects the audit trail data for different platforms and creates a repository on a central server. Strong cryptography is used to ensure data integrity and confidentiality.
After translating this data into a common language (GEM: Generic Event Model), Consul/Enterprise Audit automatically analyses the data and reports on exactly those events that are in conflict with your current IT policy or that have been marked for special attention.
Your auditors and security officers see only the events that they need to, making the whole process of security monitoring easier and more efficient than ever before. Reports are presented via either MS Windows or Web-browser interfaces, GEMView and iView. The full audit trail data is also available for deeper analysis via these interfaces. In addition, system management information can be statistically evaluated to allow trend analysis.
Consul/Enterprise Audit translates all of the audit trail data it collects from the diverse platforms in your IT environment into the same format with a common vocabulary. The time-intensive task of manually deciphering and analysing data presented in different formats by different IT components is now a thing of the past. In addition, your monitoring staff will no longer need a high level of technical knowledge of all of the platforms and applications that comprise your enterprise: this expertise is built in when you configure Consul/Enterprise Audit and set up your rules base.
Consul/Enterprise Audit currently supports the following platforms and applications:
* available late 2000
No matter how secure your network may be today, there is no guarantee that it will stay that way tomorrow. That's why it's important to stay alert. By continually monitoring your entire system and automatically flagging anything out of the ordinary that it encounters, Consul/Enterprise Audit is a critical addition to any successful security program. Its cross-platform, common- language, policy-based approach to security monitoring finally provides your auditors and security officers with the information they need... to guarantee e-business with confidence.
For more information, see CONSUL's Web page [now IBM's].
A Guide to Understanding Audit in Trusted Systems [PDF]
This guide, published by the US government's National Computer Security Center, provides an in-depth summary of auditing.
"Audit trails maintain a record of system activity both by system and application processes and by user activity of systems and applications. In conjunction with appropriate tools and procedures, audit trails can assist in detecting security violations, performance problems, and flaws in applications. This bulletin focuses on audit trails as a technical control and discusses the benefits and objectives of audit trails, the types of audit trails, and some common implementation issues."
A NIST bulletin (March 1997). (NIST is the National Institute of Standards and Technology, an agency of the US Commerce Department's Technology Administration.)
Mirror of cover story from SecurityPortal.com, 8 May 2000, by Kurt Seifried.
Copyleft & Creative Commons (cc) 2000–2008 Ant: This XHTML encoding is dual-licensed under both ― |
||||
|
The GNU Free Documentation License |
|
A Creative Commons Attribution-Noncommercial-Share Alike 3.0 License |
|
|
http://homepage.mac.com/antallan/opensyst.html |
|
Last updated Friday 8 August 2008 |
|
 
|
|
 
|