PlaSec Convergence

Convergence has many meanings. To PlaSec's, Convergence means the integration between PlaSec PACS Appliances and Logical, Identity & Access Management, and Security Information & Event Management systems. In certain cases, when customers have multiple PACS installed, a layer called Physical Security Integration Management (PSIM) may be inserted as a means to consolidate the physical layer of access control and other security systems.




Identity & Access Management (IAM) can be defined as an administrative process coupled with a technological solution that validates the identity of individuals and allows owners of data, applications, and systems to either maintain centrally or distribute responsibility for granting access to their respective resources to anyone participating within the IAM framework.
Examples of prominent IAM products include Oracle Identity Manager, IBM Tivoli, and Microsoft Active Directory & Forefront.


In the same way that IT uses IAM to provision trusted identification for employees and contractors with access to logical assets, PlaSec enables converged security departments to extend such logical provisioning to physical doors. This integration is accomplished through PlaSec's Collaboration Platform Software that supports native LDAP and all other common data exchange formats. Because PlaSec Appliances store data in an LDAP compliant directory, and since IAM provisioning is typically binded through a directory structure, integration through PlaSec is much easier to plan, configure, execute, and maintain, when compared to a typical PACS using a Relational Database Management System.


Security Information & Event Management (SIEM) gives organizations a prioritized view of the behavior and security status of key business assets. SIEM products gather the event logs and alerts from security products, such as firewalls, anti-virus, intrusion prevention and user authentication systems. Advanced solutions also correlate with security information from all enterprise systems. This security information includes: which users are accessing systems, from where they are accessing them, the computer they are using, the system features they are using, etc. A SIEM solution records the events, filters them to remove non-threatening alerts, and correlates them to see if threats are connected. It then displays the filtered, correlated information on a single security management console.
Examples of prominent SIEM products come from companies like ArcSight, Splunk, and RSA.


In environments where customers run a converged security operations practice, PlaSec Appliances can feed PACS events into the SIEM customer framework as added layers of data to truly provide a broader capability for correlation and real time and/or forensic threat analysis. Furthermore, through PlaSec's robust Collaboration Platform, entities that embrace the new ISO27001 standard for information security management systems (which includes a "Plan-Do-Check-Act" [PDCA]) methodology can easily add active controls for physical doors to their dashboards and thereby achieve real time remediation and risk mitigation.