tivoli access manager for operating systems amos business partner sales presentation n.
Skip this Video
Download Presentation
Tivoli Access Manager for Operating Systems (AMOS) < Business Partner > Sales Presentation

Loading in 2 Seconds...

play fullscreen
1 / 24

Tivoli Access Manager for Operating Systems (AMOS) < Business Partner > Sales Presentation - PowerPoint PPT Presentation

  • Uploaded on

IBM Software Group. Tivoli Access Manager for Operating Systems (AMOS) < Business Partner > Sales Presentation. Agenda. Tivoli security Customer pains and fixes Product overview Competitive positioning. Business Impact Management. Configuration & Operations. Performance & Availability.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Tivoli Access Manager for Operating Systems (AMOS) < Business Partner > Sales Presentation' - wyman

Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
  • Tivoli security
  • Customer pains and fixes
  • Product overview
  • Competitive positioning
ibm tivoli software portfolio


Configuration& Operations

Performance & Availability

Core Services

Storage Management



IBM Tivoli Software Portfolio

Performance & Availability

Configuration & Operations

Storage Management

  • Security Management
    • Reduce overhead
    • Improve efficiency
    • Increase productivity
customers plagued by multiple security challenges
Customers Plagued by Multiple Security Challenges
  • “45% of accounts are invalid”

Provisioning Users

  • # 1 security threat results from inadequate controls on employees

Managing Access Control

  • “No systemic method of complying with customers’ privacy concerns”

Protecting Privacy

Synchronizing Information

  • “Large amounts of redundant, inaccurate, data clogs infrastructure”
Security Remains Key Priority in 2003Emerging recognition that OS is linchpin to bulletproof security

Top Priorities for Business

Top Priorities for IT

Source: VARBusiness, April 28, 2003

internal threats are the greatest threats

Case Study

Internal Threats are the Greatest Threats…

May 14, 2003


The computer hacker wasn't a devious competitor or some brainy teenager sitting at his home PC.

Instead, it was a Coca-Cola employee who slipped into the company's computer system without authorization and downloaded salary information and Social Security numbers of about 450 co-workers.

A recent computer scare at the world's largest soft-drink maker worried it enough to send an e-mail advising employees to check bank accounts and credit card balances…

Computer break-ins by insiders often do more damage than…remote hackers. "They know what to take; they know what is important." Gray said.

“The hacker who just stole your records is just as likely to be an insider as an outsider…

“There's the notoriety, bad press and Wall Street doesn't like it,’

“Some computer systems simply allow users too much freedom to roam.”

and identity theft is powerful incentive

Case Study

And Identity Theft is Powerful Incentive
  • Identity Theft ring stole $2.7M
    • Employees received $60 per report
    • 30,000 reports were stolen over three years
    • Identity Theft costs US $5B and is growing at over 100% annually
  • “A lot of companies have gone to a lot of effort to protect themselves from being hacked, but it’s a lot harder to stop a rogue employee.”
  • —James Vaules,
  • National Fraud Center
security threats and spending

% of

Security Spend

% of

Security Events

Core 25%

Perimeter 31%

Access Network 44%


Security Threats and Spending

The majority of abuse comes from within


what is access manager for operating systems
What is Access Manager for Operating Systems?
  • AMOS is a “firewall” for applications and the operating system
    • A highly secure authorization engine
    • Addresses the #1 security threat
    • Provides mainframe-class security
  • It secures a wide variety of platforms
    • UNIX—AIX, Solaris, HP-UX
    • Linux—SuSE, Red Hat
    • Hardware—x-, i-, p-, and zSeries; Sun; HP
  • Recent enhancements have made AMOS
    • Light weight and standalone
    • Easier to configure
    • More powerful
value proposition
Value Proposition
  • IBM Tivoli Access Manager for Operating Systems secures operating systems and applications against the #1 threat afflicting enterprises today: information theft by internal users.
  • Relying on an award-winning architecture and the industry’s leading access control engine, IBM Tivoli Access Manager for Operating Systems restricts access to files, resources and systems on a need-to-know basis. Both external hackers and internal users are prevented from accessing the sensitive information of customers, employees and business partners.
  • IBM Tivoli Access Manager for Operating Systems’ mainframe-class security permits administrators to efficiently demonstrate compliance with the increasing demands of auditors and regulators. This frees time for administrators to focus on the demands of the marketplace, and assures everyone that confidential and private information will remain confidential and private.
do you need amos
Do You Need AMOS?

Typical Pains

How many UNIX boxes do you have?

  • How many different types of UNIX?

Do you have one security policy, or multiple policies?

  • Is it easily enforceable and manageable across your system?

How many people officially have the ‘Root’ password?

  • How many people have it ‘unofficially’ ?

Can users delete files or audit logs?

  • How do you audit ‘root’ access?
  • Do you run business critical applications?
  • Do you operate in a security sensitive industry?
  • Do you have extensive partner networks or e-business applications?
  • Are you being audited by corporate, partner, or government auditors?

Typical Customer

amos addresses several customer concerns

Customer Concerns

AMOS Value

AMOS Addresses Several Customer Concerns
  • “Delegation of Root access is ‘necessary evil’”
  • “My UNIX systems always fail security audits”
  • “Managing one security policy across multiple systems is just too difficult”
  • “There’s no RACF for zLinux”

Secures application environment

Protects data

Meets auditing requirements

Reduces administration costs

Runs on zLinux

amos relies on simple architecture

Access Manager

Management Server

  • Centralized server containing
    • Policy database
    • User IDs

Management Server maintains policy

Security Agent enforces policy

AMOS Relies on Simple Architecture

SSL connection

  • Security Agent
    • Intercepts system call
    • Make access decision
    • Writes audit record

Security Agent

general scenario joe administrator




AMOS Kernel


Intervention Point

  • joe UID 1032









  • joe UID 1032
  • Writes to
  • audit log


UNIX Kernel

  • Access = R, W
  • Resource = /etc/passwd
  • joe UID 1032
  • Writes to audit log
  • Tracks original login ID
  • Audits at all times
  • Applies control to each action
General Scenario: Joe Administrator

Joe logs in

joe UID 1032

su to root

root UID 0



amos security policy is robust
AMOS Security Policy is Robust

Compulsory Control

Customizable Policy


Persistent Auditing

Omnipresent Operation

Threat Environment

speed and performance is a key differentiator

Access Control Decision Making Performance—on Solaris



  • Slow Performance
    • Slows down applications
    • Prevents auditing
    • Requires shut down during system back up





Leading Competitor




AMOS is the market’s only multi-threaded solution





Test Runs per Hour

Speed and Performance is a Key Differentiator

AMOS leads the UNIX/Linux market in scalability



Source: IBM internal performance benchmarking

competitive comparisons
Competitive Comparisons
  • Products which modify the OS are of limited use
    • Positioned as a super secure server products
      • Tend to focus on niche segments
    • More complex to implement – significant level of kernel modification
    • Impacts standard applications
  • Products which rely on single-threaded, decentralized architectures perform poorly
    • Performance impact to the OS stated as averaging 5-10%
      • AMOS is significantly better
      • Prevents auditing
    • Decentralized policy management increases administrative overhead
where to find more information
Where to Find More Information
  • Tivoli Web site – security page
  • http://www-3.ibm.com/software/tivoli/products/access-mgr-operating-sys/
  • Tivoli Knowledge Center
  • http://www3.ibm.com/software/tivoli/partners/public.jsp?tab=comarket&content=index&rightnav=security
  • PartnerWorld for Software
  • http://www-100.ibm.com/partnerworld/software/pwswzone.nsf/web/ASOA-5JMLJB?opendocument&s=3&cat=mr&subcat=marketingmaterials