Tivoli takes holistic view of the enterprise

General Manager Robert LeBlanc talks about the evolution of systems management

The third and fourth areas are new areas that are kind of becoming part of the systems management structure. One is security, where we separate out what we call operational security such as the firewall, anti-virus, and intrusion detection from security management. Within security management, we look at two different areas. One is threat management, which means I've got all of these anti-virus tools and firewall tools and they're all throwing up information. How do I co-relate that together? How do I predict that several events [are really] an attack on my systems or look [for] patterns that say I may be susceptible to something going on from either outside the business or even inside the business? We made a set of announcements in which more of the security vendors who provide that low-level information are plugging into our risk manager product, which is really a threat management platform which enables a single console view of the events. The other aspect of this is security management around authentication, authorization, and administration. This brings in the whole area of identity management and managing users so that I get a single view of the user. Finally, the fourth area that we're very much focused on is the whole area of storage, especially in the area of disaster recovery. Since the events of Sept. 11, that's become a thing that's top of mind for a lot of businesses because they understand the criticality of their IT systems. Their ability to recover will be the ability for them to continue with ongoing businesses.

Later this year we'll have a set of products around storage resource management. Companies today are spending almost as much money on storage as they do on servers. They have a good handle of their servers, they understand the capacity, they understand performance, they understand how to monitor systems. But when you move to the storage site, they really don't have a good handle of what they have and they want to manage storage like they would manage any other valuable resource.

InfoWorld: So on some level, IBM is not building security products, but rather products to manage the security products?

LeBlanc: That's exactly the role we see ourselves playing. I'm not going to be in the firewall business or the intrusion detection business. I really want to be at the management layer that allows customers to plug in whatever tool they're using that's providing them with information, and then give [them] the ability to do that co-relation of event and messages to give them a view of their business and allow them to write business processes against a certain set of events that matches the business policies or security policies of an organization. We published a set of APIs that they can hook into, and that allows us to pull in all of these third-party vendor products.

InfoWorld: What is the underlying infrastructure for all this integration?