1

AssessmentComprehensive Analysis of System i Security

2

• In-depth full scope analysis of System i security strengths and weaknesses

• Pinpoints specific issues/areas requiring attention• Full report produced, grading each aspect of server security• Detailed explanations provided for each item in report

Assessment Features

3

Objectives• Set “baseline” for corporate security policies• Check compliance with external regulations & baseline corporate security policy• Prioritize security efforts• Identify security issues before they occur

Deliverables• User-friendly report covering network access, system auditing, user

management, terminal access, password policy, etc.• Assessment recommendations based upon security best practices • Sample questions answered

• Who is using FTP (file transfer) to download files?• Which application files are being transmitted via the network?• Which system value settings are not in accordance with our site’s policies?• How many of our users have non-secure passwords?• Which user profiles are not being used and should be disabled?

Assessment Objectives & Deliverables

4

Security Assessment Application

5

Security Assessment Report

Executive Summary:A proper and thorough security policy can only be implemented after assessing the strengths and weaknesses of your i5 server. The following i5 server 1.1.1.100 underwent comprehensive security checks in order to gauge this vital criterion. 

  This report is structured in the following way. Each subject, such as Attributes, or User Class, is listed together with its descriptive components, such as Value, Risk, etc. There are two scores listed - a current score with the native protection of 1.1.1.100 and a score with that system protected with iSecurity. Following each subject, a table of explanation is listed detailing all possible scores.

Subject by Subject Assessment Summary:

Sign-on Attributes Average Score:   Explanation: A few settings are in accordance but most require immediate modification.

Unattended terminals Average Score:  Explanation: Your settings are faulty. It is necessary that you take immediate steps to correct your settings or else face a security hazard to your network.

Password Control Average Score:  Explanation: Your settings are faulty. It is necessary to take immediate steps to correct your settings to avoid a possible security hazard.

Registration Facility Exit Points Protection Average Score:  Explanation: Most of your exit points are protected, but you require minimal revision to be 100% protected.

6

Security Assessment Report (2)

Detailed Assessment – Section 3.3  Unattended Terminals:

7

Security Assessment Report (3)

Detailed Assessment – Section 3.11  Other Users and Passwords

Default passwords are easy-to-guess for potential intruders, and therefore pose a high security risk. This risk becomes real and immediate if the users are enabled; otherwise the risk remains dormant.

Score with iSecurity:   Average Score:  

Explanation: This number is too high and poses a security risk. You must immediately reduce the number of enabled users.

Importance Description NumberCurrent Score

Enabled users (Very High Risk) 7

Users with default password that can sign on

3

8

Please visit us at www.razlee.com

Thank You !