IBM® Security Systems Division
Ready for IBM Security Intelligence
Validation requirements document for
IBM BigFix Family
Please visit the Ready for IBM Security Intelligence software validation site
for assistance, enablement support, and current copy of this document:
http://www.ibm.com/partnerworld/rfisi
Validated solution integrations and extensions can be found in the Ready for IBM Security Intelligence
Showcase
http://www.ibm.com/partnerworld/rfisisolutions
Send documents to [email protected], “Ready for IBM Security Intelligence” in subject line.
Document Version 1
Table of Contents
Introduction ........................................................................................................................ 3
Items required to complete validation ................................................................................ 4
Validation contact information .......................................................................................... 5
Solution to be validated ...................................................................................................... 6
Solution overview .................................................................................................................................. 6
Integration requirements .................................................................................................... 7
Architecture and overview ..................................................................................................................... 7
Solution integration details ................................................................................................ 9
Integration exceptions ...................................................................................................... 10
Resources.......................................................................................................................... 11
Validation Requirements Document
IBM Security AppScan Family
Page 2 of 11
Introduction
Ready for IBM Security Intelligence program validates partner integrations with IBM Security
software and represents the solution integrations in the IBM Security section of the Ready for IBM
Security Intelligence Showcase. This includes partners working to complete Industry Frameworks,
Solution Initiatives, and Specialties or other offerings with a dependency on validating integrations
with IBM Security Software.
This document provides the steps and validation requirements for demonstrating integrations with the
IBM BigFix family of products. A brief overview of the integration points are provided, along with the
testing, documentation and demonstration results needed to verify and validate the solution integration.
Reference the following resources for assistance. For further assistance contact our IBM BigFix
validation specialist Josh Stegall and Rich Caponigro, [email protected], [email protected].
Ready for IBM Security Intelligence Resources
Ready for IBM Security Intelligence Home
Getting Started with the Ready for
IBM Security Intelligence program
Ready for IBM Security Intelligence
integration points and resources
Ready for IBM Security Intelligence
DeveloperWorks Homepage
Ready for IBM Security Intelligence
Message Board
IBM PartnerWorld Contact Services
assistance getting started
Ready for IBM Security Intelligence
Showcase
Program Manager Contact
IBM Security Communities
best practices and scenarios
IBM Service Management Connect
IBM Software Access Catalog
download IBM Security software
IBM PartnerWorld option support
assistance with listed products
Validation Requirements Document
IBM Security AppScan Family
http://www.ibm.com/partnerworld/rfisi
https://www.ibm.com/partnerworld/wps/servlet/Content
Handler/isv_com_dvm_techval_security_start
https://www.ibm.com/partnerworld/wps/servlet/Content
Handler/isv_com_dvm_techval_security_integration
http://ibm.co/rfisi
https://www.ibm.com/developerworks/mydeveloperwork
s/groups/service/forum/topics?communityUuid=85cce0f
0-581e-4b9e-9da8-b57c4a257949&ps=10&page=0
US Number: 800-426-9990, 770-858-5052, e-mail:
[email protected], ask for Ready for IBM Security
Intelligence assistance.
http://www.ibm.com/partnerworld/rfisisolutions
Russ Warren, [email protected]
Other Resources
http://www.ibm.com/developerworks/security/communit
y.html
https://www.ibm.com/developerworks/servicemanageme
nt/srm/index.html
http://www.ibm.com/isv/welcome/softmall.html
Voice US Number: 800-426-9990, 770-858-5052,
Remote e-mail:
https://www.ibm.com/isv/tech/member/index.html
Page 3 of 11
Items required to complete validation
To validate your IBM BigFix family based integration and include the solution highlight in the Ready
for IBM Security Intelligence Showcase, the following items must be submitted to the validation lab at
[email protected]. Please consult the Ready for IBM Security Intelligence software validation Web
site for guidance and details concerning the validation process at
https://www.ibm.com/partnerworld/wps/servlet/ContentHandler/isv_com_dvm_techval_security
Items required for validation
Final validation Final version of this document representing the solution integration
requirements being validated Ready for IBM Security Intelligence. Need to
document document and identify the classes and interfaces used.
Test plan report Document containing use scenarios, data points, and information on the
solution integration with IBM BigFix will be used when reviewing test
results and files, performing the validation, and during the solution
integration demonstration.
Integration Setup Solution setup or administration documentation, or a portion of a
Information document providing information customers would use to setup or
configure the integration between your solution and IBM BigFix
should include any items in BigFix that need to be customized to make
the integration work.
Demonstration A remote demonstration or captured demo to walk through the
integration scenarios with IBM BigFix.
Ready for IBM Integration highlights (solution overview, requirements, contacts) used
Security Intelligence for the Ready for IBM Security Intelligence Showcase entry
Showcase (http://www.ibm.com/partnerworld/rfisisolutions). This should include
a company logo that can be used (Recommended size 100 x 50).
Web page To include your solution integration reference in the Ready for IBM
Security Intelligence Showcase
(http://www.ibm.com/partnerworld/rfisisolutions), you need to provide
a Web page link highlighting the solution integration. Also, encourage
using the Ready for IBM Security Intelligence logo mark on your Web
page, solution material, at conferences and on other marketing material.
Validation Requirements Document
IBM Security AppScan Family
Page 4 of 11
Validation contact information
Please complete ALL the fields below to provide the validation project contact information.
Submitted by:
Title/Position:
Company:
Address:
Telephone:
Fax:
E-mail:
IBM Security Product:
IBM BigFix Platform
Component
IBM BigFix Compliance
IBM BigFix Lifecycle
IBM BigFix Patch
IBM BigFix Security Compliance Analytics (SCA)
IBM BigFix Inventory
IBM BigFix Protection
IBM BigFix Server REST API
IBM BigFix TEMA (SCA) API
IBM BigFix SUA API
IBM BigFix Database Views/API
IBM BigFix WebReports Custom Reports
Your Solution Name and
Version:
Global Solution Directory
URL:
Current Date:
Anticipated Solution Start
Date:
Anticipated Solution
Completion Date:
Validation Requirements Document
IBM Security AppScan Family
201X/mm/dd
201X/mm/dd
201X/mm/dd
Page 5 of 11
Solution to be validated
Solution overview
Please fill in the auto-sizing text box below to provide the validation lab a technical overview of
the application or solution, the integration points and solution to be validated.
To be filled in.
Validation Requirements Document
IBM Security AppScan Family
Page 6 of 11
Integration requirements
This section provides an overview of the Ready for IBM Security Intelligence validation
requirements for each of the products in the IBM BigFix family. The next section “Integration
Options for Validation” will allow you to identify the configuration and pertinent platforms
used by your offering for validation.
Architecture and overview
For an overview of IBM BigFix please visit: http://www01.ibm.com/support/knowledgecenter/SS63NW_9.1.0/com.ibm.tivoli.tem.doc_9.1/Getting_Starte
d/c_ibm_endpoint_manager_introduct.html
The most common integration points for IBM BigFix include server side integrations to query the
IEM database for near real-time information about the systems being managed. This information
includes compliance status for patches, vulnerabilities, and configurations, as well as properties of a
system such as hardware make up, installed software, etc. The main IEM database provides a near
real-time view of system status. Integration with the main server can also be used to drive actions by
the IEM agent on a single system or a group of systems. Both query and action capability can be
accomplished through the REST API. This is the recommened path to query real-time information from
IEM and to drive action. The IEM database can also be queried through a published set of database
views however this is not the recommended path.
REST API Link:
https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli+Endpoint+
Manager/page/REST+API
Database Queries: http://www-01.ibm.com/support/docview.wss?uid=swg21505950
While IEM for Software Use Analysis (SUA) and Security Compliance Analytics (SCA) provides
historical data about software installations and usage and security configuration compliance
respectively. SUA and SCA are distinct databases and usually reside on a separate server than the main
IEM database.
Software Use Analysis (SUA) API Link: http://www01.ibm.com/support/knowledgecenter/SS63NW_9.1.0/com.ibm.tivoli.tem.doc_9.1/SUA_9.1/com.i
bm.license.mgmt.doc/integration/c_rest_api.html
Security Compliance Analytics (SCA) API (the legacy name is TEMA) Link:
https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoi
nt%20Manager/page/TEM%20Analytics%20API
It is also possible to develop custom dashboards and wizards within the IBM Console to integrate
command and control of other agent based technologies by passing commands to agents through the
IEM infrastrcture. An example would be to control an endpoint firewall agent through IEM.
IEM Console Dashboard API Link: http://www01.ibm.com/support/knowledgecenter/SS63NW_9.1.0/com.ibm.tivoli.tem.doc_9.1/Platform/API_
Reference/DashboardAPI/DashboardAPIIntro.html
Validation Requirements Document
IBM Security AppScan Family
Page 7 of 11
Other common integration points include custom report generation for the IEM WebReports
application. WebReports leverages a copy of the main IEM database but is on a 15 minute lag.
IEM Custom Reports Link:
https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoi
nt%20Manager/page/BigFix%20Custom%20Reports
The IEM Client Compliance API enables compliance checks at the endpoint. This is a common
integration point for network access control (NAC) and other solutions that want to evaluate the
compliance state of an endpoint. Client Compliance API Link:
https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoi
nt%20Manager/page/Client%20Compliance%20API
This following diagram shows the overall architecture of the IBM BigFix Family
Validation Requirements Document
IBM Security AppScan Family
Page 8 of 11
Solution integration details
This section is used for you to describe the solution integration items and methods used with IBM
BigFix. The requested information is required and will be used as a “benchmark” to proceed with the
validation.
Check each integration type you will use to integrate your solution with IBM BigFix. Specify each
operating system platform the integration supports.
IEM Product / Integration Point
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Windows Server 2008 (x64) w/ SP2+
Windows Server 2008 R2 (x64)
Windows Server 2012 (x64)
Red Hat Enterprise Linux 6.3 (x64)
Red Hat Enterprise Linux 7 (x64)
SQL Server 2005
SQL Server 2008
SQL Server 2008 R2
SQL Server 2012
SQL Server 2012 R2
DB2 Workgroup Edition 10.1
IBM BigFix Server REST API
IBM BigFix TEMA (SCA) API
IBM BigFix SUA API
IBM BigFix Database Views/API
IBM BigFix WebReports Custom Reports
IBM BigFix Dashboard API
Server OS platforms
Server Database platforms
Use the following area to provide a functional overview of the integration with the proposed data flows
for the above selected interfaces and integration points. Highlight any high level business rules that are
applicable along with the communication/protocol format being used. Critical would be information
where the transaction or data exchanged meets specific compliance issues and concerns. It may be
beneficial to insert a data flow diagram (like a Visio or PowerPoint) showing the interchange of data
and the specific criteria that the interchange needs to address to work with the external system.
Sufficient information is needed to assess the flow of information through the interfaces.
Note: No need to duplicate information if some of this will be placed in the requested Integration
Guide.
Validation Requirements Document
IBM Security AppScan Family
Page 9 of 11
Integration exceptions
Use this section to note any exceptions to the Integration Requirements that should be considered for this
integration. Also List any additional considerations or system impact not explicitly stated previously.
May include, but not limited to: database changes, application functionality, or any task that affects the
integration but is outside the scope of this estimate. Information will be reviewed and discussed during
validation.
Validation Requirements Document
IBM Security AppScan Family
Page 10 of 11
Resources
Use the following information and resource links to assist with setting up and integrating with the IBM
Security AppScan family of products
IBM BigFix Homepage
IBM BigFix Standard Documentation
IBM BigFix Main API Page
IBM BigFix TEMA (SCA) API
Documentation
IBM BigFix SUA API Documentation
IBM BigFix Dashboard API
IBM BigFix Fixlet Authoring
Support Portal
DeveloperWorks Security Community
Ready for IBM Security Enablement
Resources
Validation Requirements Document
IBM Security AppScan Family
http://www-03.ibm.com/security/bigfix/
https://www.ibm.com/developerworks/community/wikis/home
?lang=en#!/wiki/Tivoli+Endpoint+Manager/page/Documentati
on+and+Resources
https://www.ibm.com/developerworks/community/wikis/home
?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Custo
mizations
https://www.ibm.com/developerworks/community/wikis/home
?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/TEM
%20Analytics%20API
http://www01.ibm.com/support/knowledgecenter/SS63NW_9.1.0/com.ibm
.tivoli.tem.doc_9.1/SUA_9.1/com.ibm.license.mgmt.doc/integra
tion/c_rest_api.html
http://www01.ibm.com/support/knowledgecenter/SS63NW_9.1.0/com.ibm
.tivoli.tem.doc_9.1/Platform/API_Reference/DashboardAPI/D
ashboardAPIIntro.html
https://www.ibm.com/developerworks/community/wikis/home
?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Fixlet
%20Authoring
https://www947.ibm.com/support/entry/portal/product/tivoli/ibm_endpoin
t_manager_family?productContext=371629988
http://www.ibm.com/developerworks/security/community.htm
l
https://www.ibm.com/partnerworld/page/isv_com_dvm_techv
al_security
Page 11 of 11