eam - · pdf filewith complete managerial control, eam allows specified users to be...
Post on 10-Mar-2018
221 Views
Preview:
TRANSCRIPT
With complete managerial control, EAM allows specified users to be temporarily granted an elevated authority, either automatically or on request. Elevated authority can be limited to a specific command, day, time, IP Address and other parameters. EAM not only includes an effective and flexible authority management mechanism but also provides a comprehensive monitoring and reporting tool. Multiple sources (job log, screen capture, exit points and system and database journals) are used to exhaustively log all user activity, which creates a complete audit trail.
EAM offers different authority management methods:
* *SWAP – user is swapped to and inherits the authorities of the target profile
* *ADOPT – user adopts the target profile authorities
* *LOG – all activity of the user is logged without change to the user’s authorities
DESCRIPTION
P R E V E N T F R A U D& C O M P LY W I T H I N D U S T R Y R E G U L AT I O N S
w w w. c i l a s o f t . c o m
Reduce the number of powerful IBM i user profiles (*ALLOBJ, *SECADM, command line access, etc.) with the ability to elevate the authority of user profiles on an as-needed basis. With EAM, all activity from a temporarily elevated profile is logged so a complete audit trail is produced.
EAM gives managers complete control of user activity on the IBM i to help your company meet the most stringent regulatory requirements mandated by SOX, Basel II, PCI-DSS, HIPAA, etc.
THE ELEVATED AUTHORITY MANAGEMENT SOLUTION FOR IBM i
With EAM you can:
* Change system values or user profile attributes without the need to grant permanent *SECADM authority
* Let users inherit *AUDIT special authority only when required
* Provide data authority to change production files (DFU, STRSQL, ODBC, etc.) only when needed
* Automatically log all activity from powerful user profiles
* Allow user access to a command line on an as-needed basis
FLEXIBLE AND EFFICIENT
EAM
EAM
EAM adapts easily to changing company needs
and requirements thanks to its flexible configuration
and capacity to produce pertinent reports. ”
* Rule definitions can be created according to: - Method (*SWAP, *ADOPT, *LOG) - Context (IP Address, time, date, job, IASP, etc.)
* Based on source and target profiles including: - Group profiles- Supplemental groups- List of users- Command line access
* Emergency mode with delegation of rule management and complete audit trail
* Simple, rapid and documented authority request process (default values, pre-filled parameters)
* Authority request approval can be automatic or manual
* 5250 and server mode for external processes (ODBC, JDBC, DRDA, FTP)
* Optional alerts on EAM events delivered via e-mail, popup or syslog: - Start- End- Exceeding authorized time- Abnormal end, etc.
* Control and/or audit of commands which can hide the job log or end the EAM session
* Control command line access – even within batch jobs
* Can reduce user authority if required
* Logging and reporting of all requests with customizable filters
* Include SQL statements, FTP functions and critical commands in the EAM job log
* Optional ticket management to interface with external helpdesk solutions
* Multiple report formats available (PDF, XLS, CSV)
* Capacity to interface with leading SIEM consoles
* And more
KEY FEATURES
* Easily meet requests from users for elevated authorities
* Satisfy security officers by reducing the number of powerful profiles
* Satisfy auditors with reporting and alerting capabilities
* Enforce segregation of duties
* Significantly reduce security exposures caused by human error
* Limit access to sensitive data
BENEFITS
© C
opyr
ight
201
6 C
ilaso
ft –
All
afor
emen
tion
ed t
rade
mar
ks a
re t
he p
rope
rty
of t
heir
resp
ecti
ve o
wne
rs –
Pho
to C
redi
ts :
© ju
rra8
/ S
hutt
erst
ock.
com
- ©
Eric
Isse
lée
- Fo
tolia
.com
• C
once
ptio
n /
Cre
atio
n /
Prin
ting
:
QJRN/400System & Database Auditing
CONTROLERGlobal Access Control
DVMAuditRead Access
DVM
GLOBAL AUDIT & SECURITY SUITE FOR IBM i
www.cilasoft.comTel: 404 495 5912 (North America)Tel: +33 4 50 69 45 98 (Rest of the World)
E-mail: sales@cilasoft.com
CENTRALDataConsolidation& Distribution
Cilasoft - Security & Audit Tools
2015-01-19, 16:52:42, Page:1EAM Job Log
Job 060483/GM_BASIC/CILAGMB1From profile GM_BASICTo profile GMStart time 01/19/15 16.29.36Actual end time 01/19/15 16.31.13Duration 00:01:36 h:m:sSystem CILAD71 IP address 192.168.5.122Method *ADOPTExternal Ticket ID PRD-45788-ABOComment Customer data to be fixed manually according to ticket PRD-45788-ABO
Job number Date Time Command
060483 2015-01-19 16:29:49 Job 060483/GM_BASIC/CILAGMB1, EAM job started. From profile GM_BASIC to profile GM. On 01/19/15 at 16:29:49.
2015-01-19 16:29:49 GO MENU(MAIN)
2015-01-19 16:29:56 upddta glfclien
2015-01-19 16:30:24 strsql
2015-01-19 16:30:28 > UPDATE F_GLT/GLFCLIEN SET CLICOMP = 'TOTO' WHERE CLICOMP = '123'
2015-01-19 16:30:30 > SELECT * FROM F_GLT/GLFCLIEN
2015-01-19 16:30:37 Have you considered using System i Navigator's Run SQL Scripts instead of STRSQL.
2015-01-19 16:30:43 wrkactjob
2015-01-19 16:30:52 eendsbs ijrnasj *immed
2015-01-19 16:30:52 Command EENDSBS in library *LIBL not found.
2015-01-19 16:30:52 Error found on EENDSBS command.
2015-01-19 16:30:55 endsbs ijrnasj *immed
2015-01-19 16:30:55 No subsystem IJRNASJ active.
2015-01-19 16:31:01 endsbs ijrnajs *immed
2015-01-19 16:31:01 Ending of subsystem IJRNAJS in progress.
2015-01-19 16:31:04 Job 060483/GM_BASIC/CILAGMB1, EAM job ended. From profile GM_BASIC to profile GM. On 01/19/15 at 16:31:04.
Cilasoft - Security & Audit Tools
2015-01-19, 16:52:42, Page:1EAM Job Log
Job 060483/GM_BASIC/CILAGMB1From profile GM_BASICTo profile GMStart time 01/19/15 16.29.36Actual end time 01/19/15 16.31.13Duration 00:01:36 h:m:sSystem CILAD71 IP address 192.168.5.122Method *ADOPTExternal Ticket ID PRD-45788-ABOComment Customer data to be fixed manually according to ticket PRD-45788-ABO
Job number Date Time Command
060483 2015-01-19 16:29:49 Job 060483/GM_BASIC/CILAGMB1, EAM job started. From profile GM_BASIC to profile GM. On 01/19/15 at 16:29:49.
2015-01-19 16:29:49 GO MENU(MAIN)
2015-01-19 16:29:56 upddta glfclien
2015-01-19 16:30:24 strsql
2015-01-19 16:30:28 > UPDATE F_GLT/GLFCLIEN SET CLICOMP = 'TOTO' WHERE CLICOMP = '123'
2015-01-19 16:30:30 > SELECT * FROM F_GLT/GLFCLIEN
2015-01-19 16:30:37 Have you considered using System i Navigator's Run SQL Scripts instead of STRSQL.
2015-01-19 16:30:43 wrkactjob
2015-01-19 16:30:52 eendsbs ijrnasj *immed
2015-01-19 16:30:52 Command EENDSBS in library *LIBL not found.
2015-01-19 16:30:52 Error found on EENDSBS command.
2015-01-19 16:30:55 endsbs ijrnasj *immed
2015-01-19 16:30:55 No subsystem IJRNASJ active.
2015-01-19 16:31:01 endsbs ijrnajs *immed
2015-01-19 16:31:01 Ending of subsystem IJRNAJS in progress.
2015-01-19 16:31:04 Job 060483/GM_BASIC/CILAGMB1, EAM job ended. From profile GM_BASIC to profile GM. On 01/19/15 at 16:31:04.
Cilasoft - Security & Audit Tools
2015-01-19, 16:52:42, Page:1EAM Job Log
Job 060483/GM_BASIC/CILAGMB1From profile GM_BASICTo profile GMStart time 01/19/15 16.29.36Actual end time 01/19/15 16.31.13Duration 00:01:36 h:m:sSystem CILAD71 IP address 192.168.5.122Method *ADOPTExternal Ticket ID PRD-45788-ABOComment Customer data to be fixed manually according to ticket PRD-45788-ABO
Job number Date Time Command
060483 2015-01-19 16:29:49 Job 060483/GM_BASIC/CILAGMB1, EAM job started. From profile GM_BASIC to profile GM. On 01/19/15 at 16:29:49.
2015-01-19 16:29:49 GO MENU(MAIN)
2015-01-19 16:29:56 upddta glfclien
2015-01-19 16:30:24 strsql
2015-01-19 16:30:28 > UPDATE F_GLT/GLFCLIEN SET CLICOMP = 'TOTO' WHERE CLICOMP = '123'
2015-01-19 16:30:30 > SELECT * FROM F_GLT/GLFCLIEN
2015-01-19 16:30:37 Have you considered using System i Navigator's Run SQL Scripts instead of STRSQL.
2015-01-19 16:30:43 wrkactjob
2015-01-19 16:30:52 eendsbs ijrnasj *immed
2015-01-19 16:30:52 Command EENDSBS in library *LIBL not found.
2015-01-19 16:30:52 Error found on EENDSBS command.
2015-01-19 16:30:55 endsbs ijrnasj *immed
2015-01-19 16:30:55 No subsystem IJRNASJ active.
2015-01-19 16:31:01 endsbs ijrnajs *immed
2015-01-19 16:31:01 Ending of subsystem IJRNAJS in progress.
2015-01-19 16:31:04 Job 060483/GM_BASIC/CILAGMB1, EAM job ended. From profile GM_BASIC to profile GM. On 01/19/15 at 16:31:04.
Cilasoft - Security & Audit Tools
2015-01-19, 16:52:42, Page:1EAM Job Log
Job 060483/GM_BASIC/CILAGMB1From profile GM_BASICTo profile GMStart time 01/19/15 16.29.36Actual end time 01/19/15 16.31.13Duration 00:01:36 h:m:sSystem CILAD71 IP address 192.168.5.122Method *ADOPTExternal Ticket ID PRD-45788-ABOComment Customer data to be fixed manually according to ticket PRD-45788-ABO
Job number Date Time Command
060483 2015-01-19 16:29:49 Job 060483/GM_BASIC/CILAGMB1, EAM job started. From profile GM_BASIC to profile GM. On 01/19/15 at 16:29:49.
2015-01-19 16:29:49 GO MENU(MAIN)
2015-01-19 16:29:56 upddta glfclien
2015-01-19 16:30:24 strsql
2015-01-19 16:30:28 > UPDATE F_GLT/GLFCLIEN SET CLICOMP = 'TOTO' WHERE CLICOMP = '123'
2015-01-19 16:30:30 > SELECT * FROM F_GLT/GLFCLIEN
2015-01-19 16:30:37 Have you considered using System i Navigator's Run SQL Scripts instead of STRSQL.
2015-01-19 16:30:43 wrkactjob
2015-01-19 16:30:52 eendsbs ijrnasj *immed
2015-01-19 16:30:52 Command EENDSBS in library *LIBL not found.
2015-01-19 16:30:52 Error found on EENDSBS command.
2015-01-19 16:30:55 endsbs ijrnasj *immed
2015-01-19 16:30:55 No subsystem IJRNASJ active.
2015-01-19 16:31:01 endsbs ijrnajs *immed
2015-01-19 16:31:01 Ending of subsystem IJRNAJS in progress.
2015-01-19 16:31:04 Job 060483/GM_BASIC/CILAGMB1, EAM job ended. From profile GM_BASIC to profile GM. On 01/19/15 at 16:31:04.
Cilasoft - Security & Audit Tools
2015-01-19, 16:52:42, Page:1EAM Job Log
Job 060483/GM_BASIC/CILAGMB1From profile GM_BASICTo profile GMStart time 01/19/15 16.29.36Actual end time 01/19/15 16.31.13Duration 00:01:36 h:m:sSystem CILAD71 IP address 192.168.5.122Method *ADOPTExternal Ticket ID PRD-45788-ABOComment Customer data to be fixed manually according to ticket PRD-45788-ABO
Job number Date Time Command
060483 2015-01-19 16:29:49 Job 060483/GM_BASIC/CILAGMB1, EAM job started. From profile GM_BASIC to profile GM. On 01/19/15 at 16:29:49.
2015-01-19 16:29:49 GO MENU(MAIN)
2015-01-19 16:29:56 upddta glfclien
2015-01-19 16:30:24 strsql
2015-01-19 16:30:28 > UPDATE F_GLT/GLFCLIEN SET CLICOMP = 'TOTO' WHERE CLICOMP = '123'
2015-01-19 16:30:30 > SELECT * FROM F_GLT/GLFCLIEN
2015-01-19 16:30:37 Have you considered using System i Navigator's Run SQL Scripts instead of STRSQL.
2015-01-19 16:30:43 wrkactjob
2015-01-19 16:30:52 eendsbs ijrnasj *immed
2015-01-19 16:30:52 Command EENDSBS in library *LIBL not found.
2015-01-19 16:30:52 Error found on EENDSBS command.
2015-01-19 16:30:55 endsbs ijrnasj *immed
2015-01-19 16:30:55 No subsystem IJRNASJ active.
2015-01-19 16:31:01 endsbs ijrnajs *immed
2015-01-19 16:31:01 Ending of subsystem IJRNAJS in progress.
2015-01-19 16:31:04 Job 060483/GM_BASIC/CILAGMB1, EAM job ended. From profile GM_BASIC to profile GM. On 01/19/15 at 16:31:04.
top related