In this IBM Redbooks® publication, we discuss the business context of security audit and compliance software for organizations and describe the logical and physical components of IBM Tivoli Security Information and Event Manager. We also present a typical deployment within a business scenario.
This book is a valuable resource for security officers, administrators, and architects who want to understand and implement a centralized security audit and compliance solution.
With the current business, government, and institutional focus on security, organizations are scrambling to make their networks more secure. Although encryption is nothing new to Windows, recent advances in Microsoft® Windows 2003 and Microsoft® Windows XP have drastically simplified the support of encryption technologies in Windows environments. Delivered in Adobe PDF format for quick and easy access, Encryption in a Windows Environment: EFS File, 802.1x Wireless, IPSec Transport, and S/MIME Exchange, 1/e covers the installation and operation of EFS file encryption, IPSec communications encryption, 802.1x wireless encryption, L2TP mobile encryption, as well as the auto-enrollment of certificates that drastically simplifies the administration of encrypted communications. The encryption technologies addressed in this digital Short Cut are included in all copies of Microsoft® Windows 2003 and Microsoft® Windows XP.
Table of Contents
Section 1 What This Short Cut Will Cover
Section 2 Security the Manual Way
Section 3 Installing a Windows Certificate of Authority Server
Section 4 Implementing Encrypted File System (EFS)
Section 5 Implementing IPSec-Encrypted Transport Communications
Section 6 Implementing 802.1x Wireless Encryption
Section 7 Implementing Secured Email Communications with Exchange 2003
Section 8 Summary and Other Resources
The IBM® Security zSecure suite consists of multiple components designed to help you administer your mainframe security server, monitor for threats, audit usage and configurations, and enforce policy compliance. Administration, provisioning, and management components can significantly reduce administration, contributing to improved productivity, faster response time, and reduced training time needed for new administrators.
This IBM Redbooks® publication is a valuable resource for security officers, administrators, and architects who wish to better understand their mainframe security solutions.
The book is accompanied with a FREE COMPANION CD containing both commented and uncommented versions of the source code examples presented throughout the book. In addition to the book source code, the CD also contains a copy of the author-developed Hacker Code Library v1.0. The Hacker Code Library includes multiple attack classes and functions that can be utilized to quickly create security programs and scripts. These classes and functions simplify exploit and vulnerability tool development to an extent never before possible with publicly available software.Learn to quickly create security tools that ease the burden of software testing and network administrationFind out about key security issues regarding vulnerabilities, exploits, programming flaws, and secure code developmentDiscover the differences in numerous types of web-based attacks so that developers can create proper quality assurance testing procedures and toolsLearn to automate quality assurance, management, and development tasks and procedures for testing systems and applicationsLearn to write complex Snort rules based solely upon traffic generated by network tools and exploits
System administrators running Windows, Unix, and Linux networks manage anywhere from 1 to thousands of operating systems (Windows, Unix, etc.), Applications (Exchange, Snort, IIS, etc.), and hardware devices (firewalls, routers, etc.) that generate incredibly long and detailed log files of all activity on the particular application or device. This book will teach administrators how to use Microsoft's Log Parser to data mine all of the information available within these countless logs. The book teaches readers how all queries within Log Parser work (for example: a Log Parser query to an Exchange log may provide information on the origin of spam, viruses, etc.). Also, Log Parser is completely scriptable and customizable so the book will provide the reader with hundreds of original, working scripts that will automate these tasks and provide formatted charts and reports detailing the results of the queries.Written by Microsoft's sole developer of Log Parser, this is the first book available on the powerful yet completely undocumented product that ships with Microsoft's IIS, Windows Advanced Server 2003, and is available as a free download from the Microsoft Web siteThis book and accompanying scripts will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks