© 2011 IBM Corporation

Endpoint Manager

Managed Service Providers

© 2011 IBM Corporation

Stores / Kiosks

WAN

MSP

56k

Client A

Remote offices

Client B

Internet

Cab

le/D

SL

WiFi

Airport

Hotel

Coffee shop

Home

T1 line T1 line

3G

WiFi

Une architecture de services mutualisable

Que ce soit un Mac connecté en WiFi à partir d’un hotel, un laptop Windows a 10km d’altitude ou un serveur Red Hat Linux Server dans votre data center, Tivoli Endpoint Manager y sera connecté. En

temps réel, qu’elle que soit le nombre de terminaux.

Satellite

Distribution de larges packages sans perturbation des applications critiques

Un seul serveur pour 250,000 endpoints

Unique, intelligent agent utilise <2% CPU, <10MB RAM

Service Cloud continue distribution new patchs et mises à jour de polices

Supporte une grande variété d’OS : Windows,

Mac, ect, mobiles

Pilotage complet et Control des terminaux

connectés à internetUtilise les postes existants comme relay pour minimiser le traffic réseau

TEM Content Update Service

© 2011 IBM Corporation

Tivoli Endpoint Manager, des besoins et des modules

3

Unifier les opérations IT et

la Sécurité Tivoli Endpoint Manager for Security and Compliance

Tivoli EndpointManager

IT Security Solutions

Tivoli Endpoint Manager for Patch Management

Tivoli EndpointManager

IT Operations Solutions

Tivoli Endpoint Manager for Lifecycle Management

Tivoli Endpoint Manager for Power Management

Tivoli Endpoint Manager for Core Protection

Tivoli Endpoint Manager for Mobile Device Management

Tivoli Endpoint Manager for Mobile Device Management

Tivoli Endpoint Manager for Software Use Analysis

Tivoli Endpoint Manager for Patch Management

© 2011 IBM Corporation

Tivoli Endpoint Manager for Lifecycle Management

IT Asset Management

IT Operations IT Security and Compliance

Green IT

1 console, 1 agent, 1 server, many OSs

Tivoli Endpoint Manager

Microsoft Windows • Mac OSX • IBM AIX • HP-UX • Solaris • VMWare ESX Server • 7 versions of Linux • iOS • Android • Symbian • Windows Mobile

• Network discovery• Managed endpoint

hardware inventory• Managed endpoint

software inventory

• Software use Analysis• PC software license

compliance analysis

• Patch management• Software distribution• OS deployment• Remote control• Server management

• Security configuration baselines

• Vulnerability assessment

• Network self-quarantine

• Personal firewall• Multi-vendor anti-

malware management• Third-party anti-

malware management• Web, file, email

reputation services

• Windows power management

• Mac power management

• Wake-on-LAN

© 2011 IBM Corporation

Tivoli Endpoint Manager for Security and Compliance

IT Asset Management

IT Operations IT Security and Compliance

Green IT

1 console, 1 agent, 1 server, many OSs

Tivoli Endpoint Manager

Microsoft Windows • Mac OSX • IBM AIX • HP-UX • Solaris • VMWare ESX Server • 7 versions of Linux • iOS • Android • Symbian • Windows Mobile

• Network discovery

• Managed endpoint hardware inventory

• Managed endpoint software inventory

• Software use Analysis• PC software license

compliance analysis

• Patch management

• Software distribution• OS deployment• Remote control• Server management

• Security configuration baselines

• Vulnerability assessment

• Network self-quarantine

• Personal firewall• Multi-vendor anti-

malware management

• Third-party anti-malware management

• Web, file, email reputation services

• Windows power management

• Mac power management

• Wake-on-LAN

© 2011 IBM Corporation

Tivoli Endpoint Manager for Core Protection

IT Asset Management

IT Operations IT Security and Compliance

Green IT

1 console, 1 agent, 1 server, many OSs

Tivoli Endpoint Manager

Microsoft Windows • Mac OSX • IBM AIX • HP-UX • Solaris • VMWare ESX Server • 7 versions of Linux • iOS • Android • Symbian • Windows Mobile

• Network discovery

• Managed endpoint hardware inventory

• Managed endpoint software inventory

• Software use Analysis• PC software license

compliance analysis

• Patch management• Software distribution• OS deployment• Remote control• Server management

• Security configuration baselines

• Vulnerability assessment

• Network self-quarantine

• Personal firewall

• Multi-vendor anti-malware management

• Third-party anti-malware management

• Web, file, email reputation services

• Windows power management

• Mac power management

• Wake-on-LAN

© 2011 IBM Corporation

Tivoli Endpoint Manager for Patch Management

IT Asset Management

IT Operations IT Security and Compliance

Green IT

1 console, 1 agent, 1 server, many OSs

Tivoli Endpoint Manager

Microsoft Windows • Mac OSX • IBM AIX • HP-UX • Solaris • VMWare ESX Server • 7 versions of Linux • iOS • Android • Symbian • Windows Mobile

• Network discovery

• Managed endpoint hardware inventory

• Managed endpoint software inventory

• Software use Analysis• PC software license

compliance analysis

• Patch management

• Software distribution• OS deployment• Remote control• Server management

• Security configuration baselines

• Vulnerability assessment

• Network self-quarantine

• Personal firewall• Multi-vendor anti-

malware management• Third-party anti-

malware management• Web, file, email

reputation services

• Windows power management

• Mac power management

• Wake-on-LAN

© 2011 IBM Corporation

Tivoli Endpoint Manager for Power Management

IT Asset Management

IT Operations IT Security and Compliance

Green IT

1 console, 1 agent, 1 server, many OSs

Tivoli Endpoint Manager

Microsoft Windows • Mac OSX • IBM AIX • HP-UX • Solaris • VMWare ESX Server • 7 versions of Linux • iOS • Android • Symbian • Windows Mobile

• Network discovery

• Managed endpoint hardware inventory

• Managed endpoint software inventory

• Software use Analysis• PC software license

compliance analysis

• Patch management• Software distribution• OS deployment• Remote control• Server management

• Security configuration baselines

• Vulnerability assessment

• Network self-quarantine

• Personal firewall• Multi-vendor anti-

malware management

• Third-party anti-malware management

• Web, file, email reputation services

• Windows power management

• Mac power management

• Wake-on-LAN

© 2011 IBM Corporation

Tivoli Endpoint Manager for Software Use Analysis

IT Asset Management

IT Operations IT Security and Compliance

Green IT

1 console, 1 agent, 1 server, many OSs

Tivoli Endpoint Manager

Microsoft Windows • Mac OSX • IBM AIX • HP-UX • Solaris • VMWare ESX Server • 7 versions of Linux • iOS • Android • Symbian • Windows Mobile

• Network discovery• Managed endpoint

hardware inventory• Managed endpoint

software inventory• Software use Analysis• PC software license

compliance analysis

• Patch management• Software distribution• OS deployment• Remote control• Server management

• Security configuration baselines

• Vulnerability assessment

• Network self-quarantine

• Personal firewall• Multi-vendor anti-

malware management• Third-party anti-

malware management• Web, file, email

reputation services

• Windows power management

• Mac power management

• Wake-on-LAN

© 2011 IBM Corporation

Tivoli Endpoint Manager for Mobile Device Management

IT Asset Management

IT Operations IT Security and Compliance

Green IT

1 console, 1 agent, 1 server, many OSs

Tivoli Endpoint Manager

Microsoft Windows • Mac OSX • IBM AIX • HP-UX • Solaris • VMWare ESX Server • 7 versions of Linux • iOS • Android • Symbian • Windows Mobile

• Network discovery• Managed endpoint

hardware inventory• Managed endpoint

software inventory• Software use Analysis• PC software license

compliance analysis

• Patch management• Software distribution• OS deployment• Remote control• Server management

• Security configuration baselines

• Vulnerability assessment

• Network self-quarantine

• Personal firewall• Multi-vendor anti-

malware management

• Third-party anti-malware management

• Web, file, email reputation services

• Windows power management

• Mac power management

• Wake-on-LAN

© 2011 IBM Corporation

Les éléments de la plate-forme TEM

11

Un agent intelligent unique• Vérification en continu des politiques• Impact minimal sur le système (<2% CPU, <10MB

RAM)

Un seul serveur, une console unifiée• Sécurité et haute disponibilité• Agrégation des données, analyses et

rapports• Peut gérer plus de 250,000 terminaux

Un langage flexible• Des milliers de politiques• Possibilités de customisation• Evolutivité

Une infrastructure virtuelle• Désigner un agent TEM comme relais ne prend

que quelques minutes• Fournit une redondance en cas de panne• Permet d’utiliser l’infrastructure existante

© 2011 IBM Corporation

Le ROI / la valeur pour vos clients : Low TCO, real savingsEstimation 100 postes

12

AVANT AVEC TIVOLI ENDPOINT

Déploiement de 100 postes 2 JOURS 30 MINUTES

Nombre de serveurs 5 0 (Managed Services)

Inventaire des licences 3 SEMAINES ~20 MINUTES

Evaluation de vulnerabilité 3 MOIS ~20 MINUTES

Configuration de la sécurité 2 MOIS AVEC 2 EMPLOYES 1 SEMAINE AVEC 0 EMPLOYE (Managed Services)

© 2011 IBM Corporation

La valeur pour le client :Endpoint Manager and Endpoint Compliance

13

1. L’équipe sécurité developpe des polices de compliance

2. L’équipe sécurité utilise un outil d’évaluation (ou plusieurs) pour controler cette police

3. L’équipe de sécurité envoie les infos récoltées à l’équipe des opérations

4. Les operations font les corrections en plus de leur charge de travail, un éditeur à la fois, utilisant un outil pour chaque éditeur (Ce qui génère plusieurs réponses à la question “combien de terminaux avons nous?”)

5. Les utilisateurs modifient les parametres de leurs postes, ce qui cause de nouveaux problèmes de compliance

6. On recommence l’évaluation plusieurs fois

1. La Securité et les operations travaillent ensemble à la formulation des polices et des niveaux de services

2. Les operations implementent les fondements (patch, configuration, anti-virus, etc.) pour tous les terminaux de l’organisation

3. Les polices de compliance sont supervisées en permanence et imposées aux terminaux; les changements sont automatiquement communiqués

4. L’équipe sécurité peut vérifier à chaque instant l’état de sécurité ou de compliance de chaque terminal

5. La sécurité et les opérations travaillent ensemble pour continuellement renforcer la sécurité et ajuster celle ci aux évolutions requises.

Traditional compliance Continuous compliance

© 2011 IBM Corporation

Unified multi-platform, multi-application endpoint management

14

© 2011 IBM Corporation

Liens utiles

Documentation TEMhttp://publib.boulder.ibm.com/infocenter/tivihelp/v26r1/index.jsp?topic=/com.ibm.tem.doc/welcome.htm

Site BigFixhttp://www.bigfix.com/ redirigé vers http://www.bigfix.com/redirect.php?var=/

User Grouphttp://forum.bigfix.com/

Forumshttp://www.ibm.com/developerworks/forums/category.jspa?categoryID=506

Wiki TEM

https://www.ibm.com/developerworks/mydeveloperworks/wikis/home?lang=en#/wiki/Tivoli%20Endpoint%20Manager/page/Home