IBM® Security Access Manager is a modular, integrated access management appliance that helps secure access to web, mobile, and cloud workloads. It is offered both as a physical appliance and as a virtual appliance image that runs on several popular hypervisors. The integrated appliance form factor enables easier and more flexible deployment and maintenance. This IBM RedpaperTM publication describes the different Security Access Manager Appliance V9.0 deployment patterns and uses hands-on examples to demonstrate how to initially configure systems in those deployments. It also describes various deployment considerations, such as networking, high-availability, performance, disaster recovery, and scalability. All of these deployment patterns are covered within the context of realistic business scenarios. This paper is especially helpful to Security Access Manager architects and deployment specialists.

IBM® InfoSphere® Guardium® provides the simplest, most robust solution for data security and data privacy by assuring the integrity of trusted information in your data center. InfoSphere Guardium helps you reduce support costs by automating the entire compliance auditing process across heterogeneous environments. InfoSphere Guardium offers a flexible and scalable solution to support varying customer architecture requirements. This IBM Redbooks® publication provides a guide for deploying the Guardium solutions. This book also provides a roadmap process for implementing an InfoSphere Guardium solution that is based on years of experience and best practices that were collected from various Guardium experts. We describe planning, installation, configuration, monitoring, and administrating an InfoSphere Guardium environment. We also describe use cases and how InfoSphere Guardium integrates with other IBM products. The guidance can help you successfully deploy and manage an IBM InfoSphere Guardium system. This book is intended for the system administrators and support staff who are responsible for deploying or supporting an InfoSphere Guardium environment.

IBM® Workload Deployer provides a solution to creating, deploying, and managing workloads in an on-premise or private cloud. It is rich in features that allow you to quickly build and deploy virtual systems from base images, to extend those images, and to customize them for future use as repeatable deployable units. IBM Workload Deployer also provides an application-centric capability enabling rapid deployment of business applications. By using either of these deployment models, an organization can quickly instantiate a complete application platform for development, test, or production. The IBM Workload Deployer uses the concept of patterns to describe the logical configuration of both the physical and virtual assets that comprise a particular solution. The use of patterns allows an organization to construct a deployable solution one time, and then dispense the final product on demand. patterns are composed of an operating system and IBM software solutions, such as IBM WebSphere® Application Server and IBM WebSphere Virtual Enterprise. patterns are constructed to support a single application workload. The IBM Workload Deployer is shipped with a set of pre-loaded virtual images and virtual patterns. These images and patterns can be used to create comprehensive and flexible middleware solutions. They can also be cloned and customized to suit your specific needs. This IBM Redbooks® publication looks at two different aspects of customizing virtual systems for deployment into the cloud. First, it explores the capabilities of IBM Image Construction and Composition Tool to build and provide highly customized virtual images for use in virtual system patterns on the IBM Workload Deployer. Next, it looks at the virtual application capabilities of the IBM Workload Deployer, including those capabilities that allow you to deploy enterprise applications and database services to the cloud. It also introduces the IBM Workload Deployer Plugin Development Kit, which allows you to further extend the capabilities of the virtual application patterns.

This IBM® Redbooks® publication focuses on operational and managerial aspects for DataPower® appliance deployments. DataPower appliances provide functionality that crosses both functional and organizational boundaries, which introduces unique management and operational challenges. For example, a DataPower appliance can provide network functionality, such as load balancing, and at the same time, provide enterprise service bus (ESB) capabilities, such as transformation and intelligent content-based routing. This IBM Redbooks publication provides guidance at both a general and technical level for individuals who are responsible for planning, installation, development, and deployment. It is not intended to be a "how-to" guide, but rather to help educate you about the various options and methodologies that apply to DataPower appliances. In addition, many chapters provide a list of suggestions.

In a growing number of organizations, policies are the key mechanism by which the capabilities and requirements of services are expressed and made available to other entities. The goals established and driven by the business need to be consistently implemented, managed and enforced by the service-oriented infrastructure; expressing these goals as policy and effectively managing this policy is fundamental to the success of any IT and application transformation. First, a flexible policy management framework must be in place to achieve alignment with business goals and consistent security implementation. Second, common re-usable security services are foundational building blocks for SOA environments, providing the ability to secure data and applications. Consistent IT Security Services that can be used by different components of an SOA run time are required. Point solutions are not scalable, and cannot capture and express enterprise-wide policy to ensure consistency and compliance. In this IBM® Redbooks® publication, we discuss an IBM Security policy management solution, which is composed of both policy management and enforcement using IT security services. We discuss how this standards-based unified policy management and enforcement solution can address authentication, identity propagation, and authorization requirements, and thereby help organizations demonstrate compliance, secure their services, and minimize the risk of data loss. This book is a valuable resource for security officers, consultants, and architects who want to understand and implement a centralized security policy management and entitlement solution.

Throughout the history of the IT industry, integration has been an important part of most projects. Whether it is integration of transactions, data, or processes, each has challenges and associated patterns and antipatterns. In an age of mobile devices, social networks, and cloud services, and big data analytics, integration is more important than ever, but the scope of the challenge for IT projects has changed. Partner APIs, social networks, physical sensors and devices, all of these and more are important sources of capability or insight. It is no longer sufficient to integrate resources under control of the enterprise, because many important resources are in the ecosystem beyond enterprise boundaries. With this as the basic tenet, we address these questions: What are the current integration patterns that help enterprises become and remain competitive? How do you choose when to use which pattern? What is the topology for a "composable business"? And how do you accelerate the process of implementation through intelligent choice of supporting integration middleware? This IBM® Redbooks® publication guides integration practitioners and architects in choosing integration patterns and technologies.

This IBM® Redbooks® publication describes IBM PureApplicationTM System preferred practices that are based on IBM client and Business Partner experience. It explains how PureApplication System enables industries to consolidate workloads, increase efficiency, automate routine processes, reduce costs, and become more agile to respond to continually changing business needs. This book is particularly useful to solution specialists, system or software architects, and the IT teams who implement PureApplication System cloud services.

With the advances of technology and the reoccurrence of data leaks, cyber security is a bigger challenge than ever before. Cyber attacks evolve as quickly as the technology itself, and hackers are finding more innovative ways to break security controls to access confidential data and to interrupt services. Hackers reinvent themselves using new technology features as a tool to expose companies and individuals. Therefore, cyber security cannot be reactive but must go a step further by implementing proactive security controls that protect one of the most important assets of every organization: the company's information. This IBM® Redbooks® publication provides information about implementing IBM QRadar® for Security Intelligence and Event Monitoring (SIEM) and protecting an organization's networks through a sophisticated technology, which permits a proactive security posture. It is divided in to the following major sections to facilitate the integration of QRadar with any network architecture: Chapter 2, "Before the installation" on page 3 provides a review of important requirements before the installation of the product. Chapter 3, "Installing IBM QRadar V7.3" on page 57 provides step-by-step procedures to guide you through the installation process. Chapter 4, "After the installation" on page 77 helps you to configure additional features and perform checks after the product is installed. QRadar is an IBM Security prime product that is designed to be integrated with corporate network devices to keep a real-time monitoring of security events through a centralized console. Through this book, any network or security administrator can understand the product's features and benefits.

Threats come from a variety of sources. Insider threats, as well as malicious hackers, are not only difficult to detect and prevent, but many times the authors of these threats are using resources without anybody being aware that those threats are there. Threats would not be harmful if there were no vulnerabilities that could be exploited. With IT environments becoming more complex every day, the challenges to keep an eye on all potential weaknesses are skyrocketing. Smart methods to detect threats and vulnerabilities, as well as highly efficient approaches to analysis, mitigation, and remediation, become necessary to counter a growing number of attacks against networks, servers, and endpoints in every organization. In this IBM® Redbooks® publication, we examine the aspects of the holistic Threat and Vulnerability Management component in the Network, Server and Endpoint domain of the IBM Security Framework. We explain the comprehensive solution approach, identify business drivers and issues, and derive corresponding functional and technical requirements, which enables us to choose and create matching security solutions. We discuss IBM Security Solutions for Network, Server and Endpoint to effectively counter threats and attacks using a range of protection technologies and service offerings. Using two customer scenarios, we apply the solution design approach and show how to address the customer requirements by identifying the corresponding IBM service and software products.