Cyber Resiliency with Splunk Enterprise and IBM FlashSystem Storage Safeguarded Copy with IBM Copy Services Manager

Cyber Resiliency with Splunk Enterprise and IBM FlashSystem Storage Safeguarded Copy with IBM Copy Services Manager
Author :
Publisher : IBM Redbooks
Total Pages : 42
Release :
ISBN-10 : 9780738460970
ISBN-13 : 0738460974
Rating : 4/5 (974 Downloads)

Book Synopsis Cyber Resiliency with Splunk Enterprise and IBM FlashSystem Storage Safeguarded Copy with IBM Copy Services Manager by : Hemant Kantak

Download or read book Cyber Resiliency with Splunk Enterprise and IBM FlashSystem Storage Safeguarded Copy with IBM Copy Services Manager written by Hemant Kantak and published by IBM Redbooks. This book was released on 2022-12-12 with total page 42 pages. Available in PDF, EPUB and Kindle. Book excerpt: The focus of this document is to highlight early threat detection by using Splunk Enterprise and proactively start a cyber resilience workflow in response to a cyberattack or malicious user action. The workflow uses IBM® Copy Services Manager (CSM) as orchestration software to invoke the IBM FlashSystem® storage Safeguarded Copy function, which creates an immutable copy of the data in an air-gapped form on the same IBM FlashSystem Storage for isolation and eventual quick recovery. This document explains the steps that are required to enable and forward IBM FlashSystem audit logs and set a Splunk forwarder configuration to forward local event logs to Splunk Enterprise. This document also describes how to create various alerts in Splunk Enterprise to determine a threat, and configure and invoke an appropriate response to the detected threat in Splunk Enterprise. This document explains the lab setup configuration steps that are involved in configuring various components like Splunk Enterprise, Splunk Enterprise config files for custom apps, IBM CSM, and IBM FlashSystem Storage. The last steps in the lab setup section demonstrate the automated Safeguarded Copy creation and validation steps. This document also describes brief steps for configuring various components and integrating them. This document demonstrates a use case for protecting a Microsoft SQL database (DB) volume that is created on IBM FlashSystem Storage. When a threat is detected on the Microsoft SQL DB volume, Safeguarded Copy starts on an IBM FlashSystem Storage volume. The Safeguarded Copy creates an immutable copy of the data, and the same data volume can be recovered or restored by using IBM CSM. This publication does not describe the installation procedures for Splunk Enterprise, Splunk Forwarder for IBM CSM, th Microsoft SQL server, or the IBM FlashSystem Storage setup. It is assumed that the reader of the book has a basic understanding of system, Windows, and DB administration; storage administration; and has access to the required software and documentation that is used in this document.


Cyber Resiliency with Splunk Enterprise and IBM FlashSystem Storage Safeguarded Copy with IBM Copy Services Manager Related Books

Cyber Resiliency with Splunk Enterprise and IBM FlashSystem Storage Safeguarded Copy with IBM Copy Services Manager
Language: en
Pages: 42
Authors: Hemant Kantak
Categories: Computers
Type: BOOK - Published: 2022-12-12 - Publisher: IBM Redbooks

GET EBOOK

The focus of this document is to highlight early threat detection by using Splunk Enterprise and proactively start a cyber resilience workflow in response to a
Cyber Resiliency with IBM QRadar and IBM Spectrum Virtualize for Public Cloud on Azure with IBM Copy Services Manager for Safeguarded Copy
Language: en
Pages: 58
Authors: IBM
Categories: Computers
Type: BOOK - Published: 2022-07-11 - Publisher: IBM Redbooks

GET EBOOK

The focus of this Blueprint publication is to highlight the early threat detection capabilities of IBM® QRadar® and to show how to proactively start a cyber-r
Performance and Capacity Implications for Big Data
Language: en
Pages: 48
Authors: Dave Jewell
Categories: Computers
Type: BOOK - Published: 2014-02-07 - Publisher: IBM Redbooks

GET EBOOK

Big data solutions enable us to change how we do business by exploiting previously unused sources of information in ways that were not possible just a few years
A Hybrid Cloud Cyber Security Solution using IBM Spectrum Virtualize for Public Cloud on Azure and IBM Spectrum Virtualize Safeguarded Copy
Language: en
Pages: 48
Authors: IBM Storage
Categories: Computers
Type: BOOK - Published: 2022-01-31 - Publisher: IBM Redbooks

GET EBOOK

The document describes the configuration and end-to-end architecture for configuring the logical air-gap solution for cyber resiliency using IBM® Spectrum Virt
Proactive Early Threat Detection and Securing Oracle Database with IBM QRadar, IBM Security Guardium Database Protection, and IBM Copy Services Manager by using IBM FlashSystem Safeguarded Copy
Language: en
Pages: 48
Authors: Shashank Shingornikar
Categories: Computers
Type: BOOK - Published: 2023-03-10 - Publisher: IBM Redbooks

GET EBOOK

This IBM® blueprint publication focuses on early threat detection within a database environment by using IBM Security® Guardium® Data Protection and IBM QRad