IBM Corp is said to be working to extend the reach of its autonomic computing, self-healing technology initiative with a version of its Tivoli Risk Manager event management system that will monitor, administer and control remotely devices running Check Point’s Software Technologies Ltd’s VPN-1/Firewall-1 Next Generation software.
IBM Tivoli Risk Manager can manage large quantities of security threats, attacks and exposures and a wide variety of security devices and applications across the network. Version 4.1 of the product has been certified as OPSEC-compliant (Check Point Open Platform for Security) and can now also be used to remotely administer Check Point’s software.
A Risk Manager adapter for Check Point FireWall-1 uses the OPSEC Log Export API to receive firewall events, and an in-built Suspicious Activity Monitor controls the firewall from the Tivoli Enterprise Console. Although Tivoli Risk Manager can be set up already to monitor the state of devices running the FireWall-1 software and correlate event information provided by those devices, it has not until now been able to remotely administer Check Point’s software.
The company has been working on the autonomic initiative, which is designed to introduce more automation to hardware and software products, since April 2001. New products that incorporate self-healing features are in development across the WebSphere application server, Tivoli systems management, DB2 database and storage systems groups at IBM.
The Tivoli systems management product unit has already rolled out some self-healing functionality in its security and storage management products, amongst others, while the storage systems group is also lining up more announcements about the use of autonomic capabilities in its Shark enterprise storage server.