Large Protection

IBM^® InfoSphere^® Guardium^® Data Activity Monitor prevents unauthorized data access, alerts on changes or leaks to help ensure data integrity, automates compliance controls and protects against internal and external threats.

Through continuous monitoring and real time security policies IBM Security Guardium Data Activity Monitor (DAM) protects data across the enterprise without changes to databases, applications or performance impacts.

IBM Security Guardium Data Activity Monitor can:

• Monitor and audit all data activity for all platforms and protocols.

• Enforce security policies in real time for all data access, change control and user activities.

• Create a centralized repository of audit data for enterprise compliance, reporting and forensics.

• Support heterogeneous environments all leading platforms, file shares and operating systems, including big data environments.

• Scalability  – Scales to monitor and protect tens of thousands of databases with a flexible and tiered approach including seamless load balancing and self monitoring

Vulnerabilities Visibility

Integration and Scalability

Most organizations have some security solutions in place today such as a security information and event management (SIEM) solution or application-level access controls. However, most existing security solutions can’t provide deep insight into database specific vulnerabilities. IBM® Security® Guardium® Vulnerability Assessment provides this insight while seamlessly integrating with existing security solutions.

IBM^® Security^® Guardium^® Vulnerability Assessment offers:

• Database infrastructure vulnerabilities analysis to identify security risks such as missing patches, weak passwords, incorrectly configured privileges and default vendor accounts
• Detailed report with suggested remediation - Database protection knowledgebase subscription – Gives a whole security vision for the verified environments and recommends real life actionable plans for vulnerability remediation

• Native Workflow for compliance – Support for Sarbanes-Oxley (SOX), PCI-DSS, HIPAA, Basel II and other regulations;

• Implementation with minimal performance impact – Compliance requirements are addressed and security strategies implemented without impacting performance.
• Integration with different databases – Completely transparent, no changes needed.

• Integration with security systems and standards - Adapt to changes automatically.

LEADCOMM SERVICES PORTFOLIO

Guardium Services – Overview

• GUARDIUM Implementation Packages:
• Four Package sizes, two kinds of install (EXPRESS and COMPREHENSIVE):
• SINGLE: 1 Appliance (for Guardium Express or regular version);
• SMALL: 2-9 Appliances (only 1 Aggregator/Central Manager);
• MEDIUM: 10-19 Appliances (2 Aggregators, 1 dedicated Central Manager);
• LARGE: 20-29 Appliances (3 Aggregators, 2 Central Manager - Failover);
• More than 29 Appliances: Special project required;
• GUARDIUM Advanced Features and Best Practices Package;

• GUARDIUM Training (up to 10 students on-site):
• QuickStart (8 hours);
• Advanced End-User (16 hours);
• Advanced Administration (16 hours);


• GUARDIUM Health Checks;


• LEADCOMM AVS – Accelerator Value Services Packages P, Managed-Services offers

GUARDIUM Express Install Package

• Installation & configuration planning;
• Image install on physical or virtual hardware;
• Basic Appliance setup for:
• Collectors;
• Aggregators;
• Central Manager;
• S-TAP Agent installation on database servers;
• Active Directory / LDAP integration;
• Archiving schedule and procedures;
• Purging schedule and procedures;
• Backup scheduling and procedures;
• Review and assure that IBM Guardium solution is configured and performing according to both IBM and LEADCOMM’s standards.

 

GUARDIUM Comprehensive Install Package

• Everything on GUARDIUM Express Install Package, plus:
• Policy and rules setup, according to customer audit requirements;
• Alerts setup, according to customer audit requirements;
• Basic workflow (audit process) setup;
• Data collection profiling;
• S-Tap and Appliances load balancing and failover;
• Custom reports creation, according to customer audit requirements;
• PCI, SOX or HIPPA accelerators setup;
• SIEM integration;

NOTE: Some activities may be executed exclusively remotely, as agreed between LEADCOMM and the end customer on a per-project basis.

GUARDIUM Advanced Features and Best Practices Pack

• Designed for Phase 2 typical projects
• Focused on implementing and setting a usage culture for features like:
• Discovery, classification, entitlement management
• Dynamic blocking and masking, alerts, and quarantine
• End-user-Identification
• Advanced Workflows and Compliance automation customization
• Bi-directional integration with QRADAR
• Best when coupled with LeadComm managed-services like offers to guarantee solution longevity / stability

 

GUARDIUM Training
Available Modules

LEADCOMM offers three different on-site training modules, IBM only has a single on-line training:

• Module I – QuickStart (8 hours):
• Designed for Guardium end-users (in general Auditors), addresses basic usage concepts;
• Module II – Advanced End-Users (16 hours):
• Designed for Guardium advanced end-users (in general people from I.T. Security), addresses advanced Guardium usage concepts, policy creation and administration, alerts & workflow;
• Module III – Advanced Administration (16 hours):
• Designed for Guardium administrators (in general people from I.T. infrastructure), addresses installation & maintenance of S-TAPS, collection profiling, archive, purge, backup and restore, SIEM and Active Directory / LDAP integration, appliances administration;

GUARDIUM Health Check

• Allows the usage of LEADCOMM’s expertise and proven best practices to assess, guide and validate a GUARDIUM customer deployment;
• Provides both up-front and on-going architect support for defining and validating technical and business objectives in addition to formal reviews at critical phases throughout the lifecycle of the solution implementation.
  
  Formal reviews include:
• Design Review – Up-front technical assessment of solution, growth planning advice, scope definition and technical design evaluation(s);
• Configuration Review – Mid-engagement development review(s);
• Deployment Review – Final assessment before deployment;
• Operational Review – “Point in time” technical monitoring after deployment;

NOTE: During each Health Check review, LEADCOMM generates a report of review findings that will include evaluations against technical and business requirements, potential risks, and recommendations.

 

LEADCOMM AVS – Accelerated Value Services

• Services offering that enhances the standard product support offered by IBM
• Based on LEADCOMM’s Guardium SPP Support Providing Partner) capabilities, designed to drive maximum value from Guardium investment with proven quantifiable results. It includes:
• Proactive and Expedited Support;
• Scheduled On-site support;
• Priority call handling:
• Problem root cause identification and mitigation;
• Priority for new features and patch requests;        
• Single Point of Contact;
• PMR (IBM Trouble Tickets) lifecycle managed by LEADCOMM professionals;