Front cover -- Contents -- Notices -- Trademarks -- Preface -- The team that wrote this redbook -- Become a published author -- Comments welcome -- Part 1 Architecture and design -- Chapter 1. Business context for security compliance management -- 1.1 Introduction to compliance management -- 1.2 Why compliance management? -- 1.3 Determining the how: influencing factors -- 1.4 General challenges -- 1.5 Conclusion -- Chapter 2. Tivoli Security Compliance Manager design and structure -- 2.1 Logical component architecture -- 2.1.1 Data collection components -- 2.1.2 Compliance evaluation components -- 2.1.3 Compliance report components -- 2.1.4 Security Compliance Manager server -- 2.1.5 Administration components -- 2.2 Physical component architecture -- 2.2.1 Communication port usage -- 2.2.2 Deployment on physical nodes -- 2.3 Security Compliance Manager walkthrough -- Chapter 3. Architecting a Security Compliance Management solution -- 3.1 Solution architectures, design, and methodologies -- 3.2 Design process -- 3.2.1 Typical context of Security Compliance Manager solutions -- 3.2.2 Phased project approach -- 3.2.3 Placing components in network zones -- 3.2.4 Deployment of Security Compliance Manager clients -- 3.2.5 Delegated administration -- 3.2.6 Implementation of Security Compliance Manager policies -- 3.2.7 Integration with access control management systems -- 3.2.8 Integration with Tivoli Risk Manager -- 3.3 Business processes and compliance management -- 3.3.1 A generic security compliance management business process -- 3.3.2 Security Compliance Manager business process support -- 3.3.3 Automated security compliance management -- Part 2 Customer environment -- Chapter 4. Armando Brothers Banking Corp. -- 4.1 Company profile -- 4.2 Current IT architecture -- 4.2.1 Existing security infrastructure -- 4.2.2 Existing middleware infrastructure.

4.3 Current security policies and standards -- 4.4 Emerging problems -- 4.5 Strategic objectives -- 4.6 Critical success factors for strategy implementation -- 4.7 Resulting business requirements -- 4.8 Requirements on project execution -- 4.9 ROI study and results -- Chapter 5. Security Compliance Manager design -- 5.1 Functional requirements -- 5.1.1 Phase I: Establishing a baseline -- 5.1.2 Phase II: Extend coverage -- 5.2 Design objectives -- 5.2.1 General and infrastructure objectives -- 5.2.2 Platform specific security concepts -- 5.3 Implementation architecture -- 5.3.1 Physical components -- 5.3.2 User roles and responsibilities -- 5.4 Project organization -- Chapter 6. Technical implementation -- 6.1 Deployment phase I -- 6.1.1 Planning and installing the server -- 6.1.2 DB2 maintenance tasks -- 6.1.3 Deploying clients -- 6.1.4 Installing the reporting server -- 6.1.5 Configuring operational reports -- 6.2 Deployment phase II -- 6.2.1 Tivoli Access Manager integration -- 6.2.2 Tivoli Risk Manager integration -- 6.2.3 Collector development -- 6.2.4 Report development -- 6.3 Conclusion -- Part 3 Appendixes -- Appendix A. Developing a custom collector -- Required method getReleaseNumber() -- Required method getCompatibleOS() -- Required method getDescription() -- Required method getParameters() -- Required method getTables() -- Required method executeV2() -- Appendix B. Introducing the Security Vulnerability Index -- So what is the IBM Global Services Vulnerability Index? -- How does it work? -- Appendix C. Additional material -- Locating the Web material -- Using the Web material -- How to use the Web material -- Glossary -- Related publications -- IBM Redbooks -- Other publications -- Online resources -- How to get IBM Redbooks -- Help from IBM -- Index -- Back cover.