2002-07-30-18:45:45 Cameron Humphries: > The two major concerns I had were its integration with RealSecure > (which involves selecting SNMP traps as your alert mechanism for > any signatures that you feel are worthy of being sent to Risk > Manager) and the issues surrounding the deployment of the Tivoli > framework within security infrastructure (repeat after me....swiss > cheese firewall).
I can't comment on the first one, the components we're expecting to integrate with RiskManager don't force us to use SNMP, but I was as ready as anybody to down-check RiskManager just because it's got the "Tivoli" epithet in its name. Turns out whatever corruption it picked up from Tivoli, it's at least confined in the analysis platform; you can use RiskManager without having to infest your security perimeter with Tivoli in any way. You do need to forward your log data and whatever else you want it to analyze to a platform where it can gnaw on it, but at least for the platforms we have, that can be done without letting the blecherous Tivoli infrastructure out of the IBM box. One of these days, IBM will figure out that calling a product Tivoli gives it an awful uphill battle to sell it anywhere. Or maybe they won't. -Bennett
msg04325/pgp00000.pgp
Description: PGP signature
