System Security Audit Module

PRODUCT DESCRIPTION

iSecurity Audit provides real-time monitoring of system related activities and initiates responses to potential threats. This system security audit tool can respond to threats in real-time by triggering alerts and taking immediate corrective action. iSecurity Audit gives organizations the flexibility to audit only the critical events they deem necessary, eliminating the fear of DASD usage. iSecurity Audit’s powerful query and report generator provides the data you need in real-time or scheduled through the built in scheduling tool. Audit is available in the native “green-screen” interface or a state-of-the-art GUI version.

THE as400 AUDIT SOLUTION

Recent regulations concerning business transparency have placed security auditing as a key component of any organization's IT security program. Simply creating a security policy and purchasing security software tools is not enough. Management must ensure that security policies and procedures are properly implemented and enforced. In addition, managers must be able to evaluate and test the effectiveness of these policies on a continuing basis.

iSecurity Audit solves that problem and more. iSecurity Audit is a system security audit module that enhances native System i auditing by adding several robust new features, and providing a user-friendly interface for working with the large, often complex, number of system values and parameters. Audit is the only iSeries security auditing product available that is designed from the ground up for ease-of-use by non-technical personnel, such as outside auditors and managers. The user interface provides clear explanations for all audit types, parameters, fields and field values.

Audit employs real-time detection to identify security events as they occur and record details in a history log. This log enables you to exploit the powerful query and reporting features that are included with the product. More importantly, real-time detection triggers alerts and/or takes immediate corrective action. Our system security audit module offers the most powerful and flexible as400 audit reporting features available today. It includes more than eighty ready-to-run queries and reports.

View specific system audit log information	Graphically analyze and report on system audit data

The powerful Query Wizard allows users to quickly and easily create audit reports without programming. Queries employ robust selection criteria such as AND/OR, equal/not equal, greater/less than, like/not like, included in list, etc. Only the information that you really need is included. Report formats are fully customizable. In addition, Audit logs display security audit data in a standard message format with the actual data embedded in the message.

User Profile & System Value Replication

The recent trend of consolidating servers has led to the increasing prevalence of multi-system and multi-LPAR shops. Companies have found it mandatory that system administrators and users alike synchronize user profile definitions, user passwords and system values between the different systems, allowing for exceptions as needed in Production, Test or Development systems. Such synchronization should be accomplished with minimum overhead to both the actual systems and the personnel mandated with managing user profile information.

User Profile Replication Features

• Flexible user-defined replication rules for defining user profiles, passwords and parameters to be replicated
• Easily define "source" and "target" systems, including groups of target systems
• Bulk updates of user profiles
• Setting of System Values to optimal value or site-defined baseline values
• Replication of all, group or individual system values
• Collection & display of network-wide replication results
• Revival of deleted users, with an option to modify parameters
• Can be initiated from any system in the environment and does not require special commands
• Intercepts CRTUSRPR, CHGUSRPR, DLTUSRPRF and CHGPWD commands

System Value Replication Features

• Handles system values - One at a time, By Type, *ALL
• Set to:
• A value
• *BASELINE
• *OPTIMAL
• Apply to target system: *CURRENT, *Group, *ALL
• Double confirmation for system *Group, *ALL
• If set to *BASELINE (site snapshot of all system values), uses the baseline saved in each system
• If set to *OPTIMAL (best vales as defined in Compliance Evaluator), uses the values set in the "source" system, taking into account exceptions defined in each "target" system

Native Object Security

The challenge of securing native OS/400 objects is the basis for Power i security due to the unique object-based architecture of the operating system and the fact that user-rights for accessing objects are checked for all operations, whether batch, interactive or over-the-web.

And, since OS/400 requires very technical definitions per each object in the system, this activity is cumbersome, error-prone and hard to maintain.

The Native Object Security solution enables system administrators to easily define target security levels per object and object type, and to check for inconsistencies between actual and planned object security settings. The product also enables using generic object names, and includes full reporting features.

Native Object Security Features

• Full control of all related parameters and resources: Owners, Authorization lists, User authorities, Primary Groups and more...
• Native object security plans are based upon object type and generic names
• Easily Check and Display differences between current security definitions and the planned security definitions
• Set current security status to the planned definitions

Native Object Security Planning & Setup Features

• Plan security definitions using generic names, reducing the number of rules required to maintain
• Check plans with current status and show inconsistencies
• Set to the current status to the planned definitions
• Sets Owner, Authorization List, Primary group, Specific user authorities (Add/Replace)
• Product can also can set Audit value and Reset usage count for objects
• Full reporting includes support for OUTFILE

AUDIT KEY FEATURES

• Monitors user activities and object access in real-time
• Triggers alert messages and corrective actions
• Simple to use - no technical knowledge required
• More than 200 pre-defined queries and reports
• Query Wizard - create queries quickly and easily without programming
• Queries may also be exported to a business intelligence graphics solution
• Time groups apply rules and filters at predefined times
• “Backward Glance” feature - quickly look at what happened to your system in the last few weeks
• View multiple audit types with one query
• Sort query data in any order
• Robust log functions as a table, enabling you to filter, sort, format, organize and present data
• Design custom output for query data - select and sort data fields
• Report Scheduler - automatically run reports at specified times
• Explanations for parameters and data values are only a keystroke away
• Audit Scheduler - change audit scope automatically at designed times
• Highly sophisticated CMS (Compliance Monitoring System) feature to provide real time alerts, warnings and provide corrective actions to threats in real-time
• Built-in business intelligence tool that enables IT managers to graphically analyze security related system activity quickly and easily

BENEFITS OF OUR as400 AUDIT SOLUTION

• Specially designed for non-technical users such as auditors, managers and administrators
• Enables compliance with Sarbanes-Oxley, PCI, HIPAA, the California Privacy Act and more...
• Minimizes throughput delay and resource usage
• Full text explanations of audit types, fields, field values and other data make parameter definition a snap
• Scheduler feature minimizes performance impact during peak periods
• Powerful query and report generator provides the data you need when you need it

Specify which audit entry data you want to monitor

Contact us to learn more about SEA and our system security audit module or request a FREE trial today.