TDi DEFENSE FOUNDATION

TDi Defense Foundation The Defense Foundation from TDi Technologies® is an integrated platform that

helps secure the organization from the Insider Threat (and outsiders who breach

perimeter defenses).

The Defense Foundation starts with the component layer of IT infrastructure in or-

der to secure IT infrastructure at its very foundation by establishing connection and control over privi-

leged component interfaces that are used to configure, repair, and maintain the systems layer of the ar-

chitecture regardless of the operation mode of the component. This means that even while systems and

components are “off the corporate network” the security model is still in place.

Business Challenges

The Defense Foundation helps organi-

zations:

1. Protect their infrastructure

from the Insider Threat

2. Secure privileged interfaces

3. Create a forensic record of

what did, and did not, happen

Key Features

Key features are:

1. Secures, controls and logs

privileged interfaces

2. Provides role-based, authenticated security to privileged interfaces

3. Supports event and threat condition detection and creates matter-of-record forensic logs

(legal, audit, regulatory)

4. Provides remote, secure access anywhere an internet connection exists.

Technology Differentiators

Key technology differentiators are:

1. Creates persistent connections, detecting events as they actually occur (milliseconds)

2. Retains monitoring and control in all operating modes.

3. Employs advanced pattern-matching for early warning and Threat remediation.

4. Brokers one-click-by-event opening of component consoles for fast response

5. Creates forensic logs of all events that occur and actions that are taken.

TDi DEFENSE FOUNDATION

Foundation Management Server The Foundation Management Server provides information flow processing, business rule

execution, pattern-matching execution,

role-based security, and log file genera-

tion for all modules. The Foundation

Management Server handles all input

and output for the foundation, serving

this data up to Foundation modules as

needed.

The Foundation Management Server is a

rigorously optimized processing engine

specifically designed to handle extremely

high volume I/O traffic. This gives TDi

Foundation Management products the ability to “sense and respond” to events in real-time

measured in milliseconds.

Foundation Protocol Manager The Foundation Protocol Manager establishes and maintains connections to information

flows that are generated by hardware, software and other intelligent devices. The Founda-

tion Protocol Manager serves as the bridge between the many different types of communi-

cation channels that exist in the I.T. Infrastructure and the Foundation Management Server.

The Protocol Manager supports connections to hardware and software interfaces over a

variety of digital communication proto-

cols including:

SNMP

SSH

SSL

Syslog

Telnet

IPMI

WMI-CIM

and even custom serial interfaces.

The flexibility of the Foundation Protocol Manager enables it to connect streams of informa-

tion from virtually any point in the IT architecture to the Foundation Management Server.

For bidirectional interfaces, the Foundation Protocol Manager connects outbound informa-

tion flows to interfaces to perform remediation, maintenance and repair actions based on

automated business rules and user-entered actions.

TDi DEFENSE FOUNDATION

Defense Module The Defense Module helps protect organizations from the Insider Threat with respect

to:

Gaining access to, altering or destroying sensitive data

Inappropriate actions that can compromise the privacy of private records

Insertion of malicious code

Disruption of critical services from improper configuration of components or sys-

tems

Features and Functions

The Defense Module includes the following features and functions:

1. Configure and deploy the role-based

security model

2. Monitor privileged interface events

along with other infrastructure events

3. Log definition of events and actions

to be recorded

4. Creation and assignment of business

rules against events and event pat-

terns.

5. Creation and assignment of auto-

mated notifications against events

and event patterns

6. Generation of reports and dashboard elements for inclusion in the Graphical User

Interface (ConsoleWorks).

Virtualization Module

In addition to the Defense Module, the Virtualization Module can be used to extend the

defense strategy to virtualization technologies. The Virtualization Module creates this

extension to the Defense Foundation by including virtualization technologies in the De-

fense strategy with support for hypervisors and Virtual Machines (XEN, VMware).

TDi DEFENSE FOUNDATION

Intelligent Event Modules Intelligent Event Modules (IEMs) associate de-

scriptive text directly from the respective vendor,

industry recognized resources or product experts

to the cryptic event codes generated by devices,

operating systems and other IT components to

expedite incident diagnosis. Where available,

IEMs also associate recommended actions that

help further collapse the incident lifecycle and fur-

ther improve IT operations efficiency.

TDi offers more than 70 Intelligent Event Modules for the Foundation Management Suite

including IEMs for:

Operating Systems

Network Components

Hardware

Storage

Applications

and Industry-specific use

cases.

Embedded Domain

Knowledge

Intelligent Event Modules

serve as “on demand domain

knowledge” for Foundation Services Modules. Each Foundation Service Module has access

to installed IEMs through the Foundation Management Server so that descriptive event in-

formation can be immediately presented to users for fast, accurate incident diagnosis.

Adaptive Domain Knowledge

In addition, IEMs can have additional information added to them during run-time to record

remediation actions or other dispensation instructions when an incident is resolved. In this

way, IEMs serve as a means to continually embed value-added domain knowledge directly

into the Foundation.

MESSAGE: “GMS_001”

IEM DESCRIPTION:

Both DLM ENABLED and

GMS_ENABLED entries cannot be set

to YES at the same time. Change one

of them to NO.

TDi DEFENSE FOUNDATION

Graphical User Interface ConsoleWorks is the authenticated and secured graphical user

interface to the Defense Foundation and is delivered as a web UI

that provides access anywhere an internet connection is available.

This is particularly important for situations where users are not

physically present at the location of the IT assets being managed

as with: an IT outsourcing model; centralized support dept.; or flex

(home office) working arrangements.

Business Intelligence

The Defense Foundation also

provides comprehensive Busi-

ness Intelligence capabilities by

presenting graphical Dashboards

and Reports to users in Console-

Works.

Dashboards and reports are gen-

erated from the data captured by

the Foundation Management

Server and the profile developed

in the Defense Foundation Mod-

ule.

Learn More

To learn more about Foundation Management from TDi Technologies® please visit us

on the web at www.TDiTechnologies.com or contact us directly through our:

Contact form: www.TDiTechnologies.com/contact

Phone - Toll Free: 800.695.1258 International: 972.881.1553

By email: sales@TDiTechnologies.com

TDi Technologies®

TDi Foundation for Healthcare

Your Business is Built on IT

CONSOLEWORKS

Secure, Remote access

Spans distributed infrastructure

Addresses outsourcing needs

Works with Central Support

Supports Flex-work policies