Updated Tivoli Risk Manager Locks Down Databases

Software can scout for risks "autonomically”

IBM upgraded its IBM Tivoli Risk Manager 4.1 to include support for IBM DB2 Universal Database, Microsoft SQL Server, and Oracle Database. IBM bills the product as the first “autonomic” security management software. It helps enterprises automatically monitor and protect databases from security threats, including malicious insiders and a range of other vulnerabilities that can compromise database integrity, performance, and availability.

The new integration with IBM, Microsoft, and Oracle databases will help security managers better assess threats across the enterprise. The product also responds to a number of security events automatically, freeing administrators to focus on other things. “Automating security processes gives customers a strong advantage in combating internal and external threats and enforcing security policies consistently across a network,” notes Arvind Krishna, vice president of security products for Tivoli.

Experts likewise point to automation as a way to better reduce human error and arrest common attacks. In addition, it lets security administrators spend less time investigating possible threats, and focus instead on constantly improving the security infrastructure.

By tying into other products—a total of 60 security and network products are supported, including such names as Apache, Check Point and NFR Security—the software can correlate database security events with other events on the organization’s network. Such a view helps administrators distinguish real threats from false alarms, saving time. In addition, the software can respond automatically when it detects certain types of attacks, preventing them in advance.

Administrators get access to all information and alerts through a security dashboard. Through correlation with other products, the software can help administrators discern whether incidents are isolated or part of a larger attack.

In addition, the software can partially self-configure itself, then constantly monitor for security threats (such as server reconfiguration, patch deployments, or account revocation). If a certain class of database entries was flagged as important, for example, and someone attempts to alter or delete information, it could trigger an alert in Tivoli Risk Manager.

Current customers can upgrade their IBM Tivoli Risk Manager products to support the three new platforms for free.

About the Author

Mathew Schwartz is a Contributing Editor for Enterprise Systems and is its Security Strategies column, as well as being a long-time contributor to the company's print publications. Mr. Schwartz is also a security and technology freelance writer.