Tivoli Access Manager for Operating Systems (AMOS) < Business Partner > Sales Presentation

1. IBM Software Group Tivoli Access Manager for Operating Systems (AMOS)<Business Partner> Sales Presentation

2. Agenda • Tivoli security • Customer pains and fixes • Product overview • Competitive positioning

3. BusinessImpactManagement Configuration& Operations Performance & Availability Core Services Storage Management Security Management IBM Tivoli Software Portfolio Performance & Availability Configuration & Operations Storage Management • Security Management • Reduce overhead • Improve efficiency • Increase productivity

4. Customers Plagued by Multiple Security Challenges • “45% of accounts are invalid” Provisioning Users • # 1 security threat results from inadequate controls on employees Managing Access Control • “No systemic method of complying with customers’ privacy concerns” Protecting Privacy Synchronizing Information • “Large amounts of redundant, inaccurate, data clogs infrastructure”

5. Security Remains Key Priority in 2003Emerging recognition that OS is linchpin to bulletproof security Top Priorities for Business Top Priorities for IT Source: VARBusiness, April 28, 2003

6. Customer Pains…and Fixes

7. Case Study Internal Threats are the Greatest Threats… May 14, 2003 HACKER MAY SIT IN NEXT CUBICLE by BILL HUSTED The computer hacker wasn't a devious competitor or some brainy teenager sitting at his home PC. Instead, it was a Coca-Cola employee who slipped into the company's computer system without authorization and downloaded salary information and Social Security numbers of about 450 co-workers. A recent computer scare at the world's largest soft-drink maker worried it enough to send an e-mail advising employees to check bank accounts and credit card balances… Computer break-ins by insiders often do more damage than…remote hackers. "They know what to take; they know what is important." Gray said. “The hacker who just stole your records is just as likely to be an insider as an outsider… “There's the notoriety, bad press and Wall Street doesn't like it,’ “Some computer systems simply allow users too much freedom to roam.”

8. Case Study And Identity Theft is Powerful Incentive • Identity Theft ring stole $2.7M • Employees received $60 per report • 30,000 reports were stolen over three years • Identity Theft costs US $5B and is growing at over 100% annually • “A lot of companies have gone to a lot of effort to protect themselves from being hacked, but it’s a lot harder to stop a rogue employee.” • —James Vaules, • National Fraud Center

9. % of Security Spend % of Security Events Core 25% Perimeter 31% Access Network 44% 55% Security Threats and Spending The majority of abuse comes from within 45%

10. Customer Scenario—Fortune 300 BankRapid deployment. Passed audit.

11. Customer Scenario—Large TelecommHighly customized security policy

12. IBM TivoliAccess Manager for Operating Systems

13. What is Access Manager for Operating Systems? • AMOS is a “firewall” for applications and the operating system • A highly secure authorization engine • Addresses the #1 security threat • Provides mainframe-class security • It secures a wide variety of platforms • UNIX—AIX, Solaris, HP-UX • Linux—SuSE, Red Hat • Hardware—x-, i-, p-, and zSeries; Sun; HP • Recent enhancements have made AMOS • Light weight and standalone • Easier to configure • More powerful

14. Value Proposition • IBM Tivoli Access Manager for Operating Systems secures operating systems and applications against the #1 threat afflicting enterprises today: information theft by internal users. • Relying on an award-winning architecture and the industry’s leading access control engine, IBM Tivoli Access Manager for Operating Systems restricts access to files, resources and systems on a need-to-know basis. Both external hackers and internal users are prevented from accessing the sensitive information of customers, employees and business partners. • IBM Tivoli Access Manager for Operating Systems’ mainframe-class security permits administrators to efficiently demonstrate compliance with the increasing demands of auditors and regulators. This frees time for administrators to focus on the demands of the marketplace, and assures everyone that confidential and private information will remain confidential and private.

15. Do You Need AMOS? Typical Pains How many UNIX boxes do you have? • How many different types of UNIX? Do you have one security policy, or multiple policies? • Is it easily enforceable and manageable across your system? How many people officially have the ‘Root’ password? • How many people have it ‘unofficially’ ? Can users delete files or audit logs? • How do you audit ‘root’ access? • Do you run business critical applications? • Do you operate in a security sensitive industry? • Do you have extensive partner networks or e-business applications? • Are you being audited by corporate, partner, or government auditors? Typical Customer

16. Customer Concerns AMOS Value AMOS Addresses Several Customer Concerns • “Delegation of Root access is ‘necessary evil’” • “My UNIX systems always fail security audits” • “Managing one security policy across multiple systems is just too difficult” • “There’s no RACF for zLinux” Secures application environment Protects data Meets auditing requirements Reduces administration costs Runs on zLinux

17. Access Manager Management Server • Centralized server containing • Policy database • User IDs Management Server maintains policy Security Agent enforces policy AMOS Relies on Simple Architecture SSL connection • Security Agent • Intercepts system call • Make access decision • Writes audit record Security Agent

18. In AMOS Action In UNIX AMOS Kernel Interceptor Intervention Point • joe UID 1032 open pdos_open pdos_open() real_open setuid pdos_setuid brk real_brk • joe UID 1032 • Writes to • audit log real_open() UNIX Kernel • Access = R, W • Resource = /etc/passwd • joe UID 1032 • Writes to audit log • Tracks original login ID • Audits at all times • Applies control to each action General Scenario: Joe Administrator Joe logs in joe UID 1032 su to root root UID 0 vi/etc/passwd INTERCEPTED!!!

19. AMOS Security Policy is Robust Compulsory Control Customizable Policy AMOS Persistent Auditing Omnipresent Operation Threat Environment

20. Competitive Positioning

21. Access Control Decision Making Performance—on Solaris 201 4 • Slow Performance • Slows down applications • Prevents auditing • Requires shut down during system back up 9 KEY IBM Processors Leading Competitor 103 1 7 AMOS is the market’s only multi-threaded solution 0 100 200 300 Test Runs per Hour Speed and Performance is a Key Differentiator AMOS leads the UNIX/Linux market in scalability 22X 15X Source: IBM internal performance benchmarking

22. Competitive Comparisons • Products which modify the OS are of limited use • Positioned as a super secure server products • Tend to focus on niche segments • More complex to implement – significant level of kernel modification • Impacts standard applications • Products which rely on single-threaded, decentralized architectures perform poorly • Performance impact to the OS stated as averaging 5-10% • AMOS is significantly better • Prevents auditing • Decentralized policy management increases administrative overhead

23. Summary of Competitive Differences

24. Where to Find More Information • Tivoli Web site – security page • http://www-3.ibm.com/software/tivoli/products/access-mgr-operating-sys/ • Tivoli Knowledge Center • http://www3.ibm.com/software/tivoli/partners/public.jsp?tab=comarket&content=index&rightnav=security • PartnerWorld for Software • http://www-100.ibm.com/partnerworld/software/pwswzone.nsf/web/ASOA-5JMLJB?opendocument&s=3&cat=mr&subcat=marketingmaterials