Cargando…
Cyber resiliency with Splunk Enterprise and IBM FlashSystem Storage Safeguarded Copy with IBM Copy Services Manager /
The focus of this document is to highlight early threat detection by using Splunk Enterprise and proactively start a cyber resilience workflow in response to a cyberattack or malicious user action. The workflow uses IBM® Copy Services Manager (CSM) as orchestration software to invoke the IBM FlashSy...
| Clasificación: | Libro Electrónico |
|---|---|
| Autores principales: | , |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
[Poughkeepsie, New York] :
IBM Redbooks,
[2022]
|
| Edición: | [First edition]. |
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a22000007i 4500 | ||
|---|---|---|---|
| 001 | OR_on1355547246 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr cnu|||unuuu | ||
| 008 | 221220s2022 nyua o 000 0 eng d | ||
| 040 | |a ORMDA |b eng |e rda |e pn |c ORMDA |d OCLCF | ||
| 020 | |a 9780738460970 |q (electronic bk.) | ||
| 020 | |a 0738460974 |q (electronic bk.) | ||
| 029 | 1 | |a AU@ |b 000073244356 | |
| 035 | |a (OCoLC)1355547246 | ||
| 037 | |a 9780738460970 |b O'Reilly Media | ||
| 050 | 4 | |a HD30.213 | |
| 082 | 0 | 4 | |a 658.4/038011 |2 23/eng/20221220 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Kantak, Hemant, |e author. | |
| 245 | 1 | 0 | |a Cyber resiliency with Splunk Enterprise and IBM FlashSystem Storage Safeguarded Copy with IBM Copy Services Manager / |c by Hemant Kantak, Shashank Shingornikar. |
| 250 | |a [First edition]. | ||
| 264 | 1 | |a [Poughkeepsie, New York] : |b IBM Redbooks, |c [2022] | |
| 300 | |a 1 online resource (42 pages) : |b illustrations | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 520 | |a The focus of this document is to highlight early threat detection by using Splunk Enterprise and proactively start a cyber resilience workflow in response to a cyberattack or malicious user action. The workflow uses IBM® Copy Services Manager (CSM) as orchestration software to invoke the IBM FlashSystem® storage Safeguarded Copy function, which creates an immutable copy of the data in an air-gapped form on the same IBM FlashSystem Storage for isolation and eventual quick recovery. This document explains the steps that are required to enable and forward IBM FlashSystem audit logs and set a Splunk forwarder configuration to forward local event logs to Splunk Enterprise. This document also describes how to create various alerts in Splunk Enterprise to determine a threat, and configure and invoke an appropriate response to the detected threat in Splunk Enterprise. This document explains the lab setup configuration steps that are involved in configuring various components like Splunk Enterprise, Splunk Enterprise config files for custom apps, IBM CSM, and IBM FlashSystem Storage. The last steps in the lab setup section demonstrate the automated Safeguarded Copy creation and validation steps. This document also describes brief steps for configuring various components and integrating them. This document demonstrates a use case for protecting a Microsoft SQL database (DB) volume that is created on IBM FlashSystem Storage. When a threat is detected on the Microsoft SQL DB volume, Safeguarded Copy starts on an IBM FlashSystem Storage volume. The Safeguarded Copy creates an immutable copy of the data, and the same data volume can be recovered or restored by using IBM CSM. This publication does not describe the installation procedures for Splunk Enterprise, Splunk Forwarder for IBM CSM, th Microsoft SQL server, or the IBM FlashSystem Storage setup. It is assumed that the reader of the book has a basic understanding of system, Windows, and DB administration; storage administration; and has access to the required software and documentation that is used in this document. | ||
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Enterprise resource planning. | |
| 650 | 0 | |a Management information systems. | |
| 650 | 0 | |a Electronic data processing. | |
| 650 | 0 | |a Data mining. | |
| 650 | 0 | |a Big data. | |
| 650 | 7 | |a Big data. |2 fast |0 (OCoLC)fst01892965 | |
| 650 | 7 | |a Data mining. |2 fast |0 (OCoLC)fst00887946 | |
| 650 | 7 | |a Electronic data processing. |2 fast |0 (OCoLC)fst00906956 | |
| 650 | 7 | |a Enterprise resource planning. |2 fast |0 (OCoLC)fst01781448 | |
| 650 | 7 | |a Management information systems. |2 fast |0 (OCoLC)fst01007271 | |
| 700 | 1 | |a Shingornikar, Shashank, |e author. | |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9780738460970/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 994 | |a 92 |b IZTAP | ||