| Tool Mentor: ITIM - Monitor, Assess, Audit and Report Security |
 |
 |
|
| Related Elements |
|---|
ContextTool mentors explain how a tool can perform tasks, which are part of ITUP processes and activities. The tasks are listed as Related Elements in the Relationships section. You can see the details of how processes and activities are supported by this tool mentor, by clicking the links next to the icons: DetailsThe IBM® Tivoli® Identity Manager product manages user accounts through role-based provisioning or user self-service. By defining a set of provisioning policies, the Tivoli Identity Manager server will enforce those policies by the creation, updating, marking, or removal of user accounts on one or more endpoints. Through a reconciliation procedure, the server can detect account changes that are made on an endpoint machine and correct those changes if they conflict with the established policy. The Tivoli Identity Manager system has a robust auditing system that captures system events such as user management, account management (including workflow approvals and subprocesses), and password policy enforcement. The Tivoli Identity Manager product stores provisioning action information in a relational database when the actions are scheduled or enacted. The system updates the action item statuses as they are acted upon, which allows fine-grain reporting of system events. The Tivoli Identity Manager interface allows administrators and auditors to view transaction-level status and generate reports by querying the relational database. The system includes several built-in reports such as operation, service, user, rejected, reconciliation, dormant, and account reports. Custom reports can be created to query the relational database through the management interface and to generate a customized view. In addition to the management interface, the system has a comprehensive API that can be leveraged for managing these reports. See Chapter 31: Reports in the IBM Tivoli Identity Manager Policy and Organization Administration Guide version 4.5.1, which covers the different pre-defined reports that are available and includes information on how to create custom reports. The system records all user management actions that come through such as the creation, modification, or deletion of a user either through a manual method or an automated process like a DSML feed. All account changes (creation, modification, deletion, suspension, correction, and so on) are logged by the system and reports can be generated showing any slice of the data. With these reports you can view at a glance all account modifications that are occurring in your environment, even if they occur outside the Tivoli Identity Manager server. In addition to user and account management, the Tivoli Identity Manager product also manages account passwords through Password Policies. These Password Policies allow companies to restrict user passwords to strings that fit their corporate security guidelines by enforcing length, character, dictionary, and historical password restrictions. All passwords changes are logged by the system and reports can be created to display password events that occur. See Chapter 21: Password Policies in the IBM Tivoli Identity Manager Policy and Organization Administration Guide version 4.5.1 for additional information. For More InformationFor more information about this tool, click on the link for this tool at the top of this page. |
©Copyright IBM Corp. 2005, 2008. All Rights Reserved. |