Tivoli exec tackles security

IBM's on-demand computing strategy incorporates intelligent hardware and smart software working in concert to automate the allocation and provisioning of IT resources. To do this, the company contends IT managers will have to start bridging the gaps between disparate systems, and Big Blue plans to help by putting security and systems management together to address identity, provisioning, configuration and compliance management. Arvind Krishna, vice president of provisioning and security development for Tivoli Software Group, spoke with Network World Senior Editor Denise Dubie about how IBM plans to bring security to its management wares.

What is your role at Tivoli?

There are two missions. There is the formal day job, which is define the strategy, make sure all the products come out on time, monitor quality and support customers. Then there is the real expectation, which is why provisioning and security are combined for my job that puts both sets of technology and products in one place. It was our intuition two years ago when we started down this path toward compliance and identity management. It's not enough to have two silos: one worried about managing people; the other worried about software delivery to machines. And there is another group just worried about putting together the infrastructure of a data center in terms of which server has what software connected to which piece of storage. There is a linkage between all these topics. And these processes need to cross each other so IT managers can know which user gets associated with which machines that has which piece of software.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

IBM's on-demand computing strategy incorporates intelligent hardware and smart software working in concert to automate the allocation and provisioning of IT resources. To do this, the company contends IT managers will have to start bridging the gaps between disparate systems, and Big Blue plans to help by putting security and systems management together to address identity, provisioning, configuration and compliance management. Arvind Krishna, vice president of provisioning and security development for Tivoli Software Group, spoke with Network World Senior Editor Denise Dubie about how IBM plans to bring security to its management wares.

Click to see: Arvind Krishna

There are two missions. There is the formal day job, which is define the strategy, make sure all the products come out on time, monitor quality and support customers. Then there is the real expectation, which is why provisioning and security are combined for my job that puts both sets of technology and products in one place. It was our intuition two years ago when we started down this path toward compliance and identity management. It's not enough to have two silos: one worried about managing people; the other worried about software delivery to machines. And there is another group just worried about putting together the infrastructure of a data center in terms of which server has what software connected to which piece of storage. There is a linkage between all these topics. And these processes need to cross each other so IT managers can know which user gets associated with which machines that has which piece of software.

What does IBM propose to do to help customers handle those processes?

IBM wants to give IT managers a place where they can go and look up that information. Our customers want to be able to find out who has access to which box and solve these problems in a way that is lighter weight and easier for an enterprise company or government agency to get this information. For example, we have a bunch of financial services customers and they have people that are completely obsessed and consumed by the identity management process. Customers also have Web services projects going on. If they are connecting their member institutions, in the financial services case, to their back-end applications, it would become a lot faster if those Web services were linked to the identity management processes. You need to solve all of these problems in concert; it can't be one by one because then the projects become sequential and disintegrated from each other, which really causes both the slowness and the complexity that we see today.

So in IBM's view, systems and security management will be linked going forward?

Absolutely, our recent announcements seemed more like systems management, but that was not actually our intent. We were saying that there are many processes, and identity management and security management are two of the processes amongst the 15 or 16 of those we identified as critical to enabling on-demand computing. Sometimes how those separate processes link into the others, which are equally important, is forgotten or ignored because we don't always say it explicitly.