eam - · pdf filewith complete managerial control, eam allows specified users to be...
TRANSCRIPT
With complete managerial control, EAM allows specified users to be temporarily granted an elevated authority, either automatically or on request. Elevated authority can be limited to a specific command, day, time, IP Address and other parameters. EAM not only includes an effective and flexible authority management mechanism but also provides a comprehensive monitoring and reporting tool. Multiple sources (job log, screen capture, exit points and system and database journals) are used to exhaustively log all user activity, which creates a complete audit trail.
EAM offers different authority management methods:
* *SWAP – user is swapped to and inherits the authorities of the target profile
* *ADOPT – user adopts the target profile authorities
* *LOG – all activity of the user is logged without change to the user’s authorities
DESCRIPTION
P R E V E N T F R A U D& C O M P LY W I T H I N D U S T R Y R E G U L AT I O N S
w w w. c i l a s o f t . c o m
Reduce the number of powerful IBM i user profiles (*ALLOBJ, *SECADM, command line access, etc.) with the ability to elevate the authority of user profiles on an as-needed basis. With EAM, all activity from a temporarily elevated profile is logged so a complete audit trail is produced.
EAM gives managers complete control of user activity on the IBM i to help your company meet the most stringent regulatory requirements mandated by SOX, Basel II, PCI-DSS, HIPAA, etc.
THE ELEVATED AUTHORITY MANAGEMENT SOLUTION FOR IBM i
With EAM you can:
* Change system values or user profile attributes without the need to grant permanent *SECADM authority
* Let users inherit *AUDIT special authority only when required
* Provide data authority to change production files (DFU, STRSQL, ODBC, etc.) only when needed
* Automatically log all activity from powerful user profiles
* Allow user access to a command line on an as-needed basis
FLEXIBLE AND EFFICIENT
EAM
EAM
EAM adapts easily to changing company needs
and requirements thanks to its flexible configuration
and capacity to produce pertinent reports. ”
* Rule definitions can be created according to: - Method (*SWAP, *ADOPT, *LOG) - Context (IP Address, time, date, job, IASP, etc.)
* Based on source and target profiles including: - Group profiles- Supplemental groups- List of users- Command line access
* Emergency mode with delegation of rule management and complete audit trail
* Simple, rapid and documented authority request process (default values, pre-filled parameters)
* Authority request approval can be automatic or manual
* 5250 and server mode for external processes (ODBC, JDBC, DRDA, FTP)
* Optional alerts on EAM events delivered via e-mail, popup or syslog: - Start- End- Exceeding authorized time- Abnormal end, etc.
* Control and/or audit of commands which can hide the job log or end the EAM session
* Control command line access – even within batch jobs
* Can reduce user authority if required
* Logging and reporting of all requests with customizable filters
* Include SQL statements, FTP functions and critical commands in the EAM job log
* Optional ticket management to interface with external helpdesk solutions
* Multiple report formats available (PDF, XLS, CSV)
* Capacity to interface with leading SIEM consoles
* And more
KEY FEATURES
* Easily meet requests from users for elevated authorities
* Satisfy security officers by reducing the number of powerful profiles
* Satisfy auditors with reporting and alerting capabilities
* Enforce segregation of duties
* Significantly reduce security exposures caused by human error
* Limit access to sensitive data
BENEFITS
© C
opyr
ight
201
6 C
ilaso
ft –
All
afor
emen
tion
ed t
rade
mar
ks a
re t
he p
rope
rty
of t
heir
resp
ecti
ve o
wne
rs –
Pho
to C
redi
ts :
© ju
rra8
/ S
hutt
erst
ock.
com
- ©
Eric
Isse
lée
- Fo
tolia
.com
• C
once
ptio
n /
Cre
atio
n /
Prin
ting
:
QJRN/400System & Database Auditing
CONTROLERGlobal Access Control
DVMAuditRead Access
DVM
GLOBAL AUDIT & SECURITY SUITE FOR IBM i
www.cilasoft.comTel: 404 495 5912 (North America)Tel: +33 4 50 69 45 98 (Rest of the World)
E-mail: [email protected]
CENTRALDataConsolidation& Distribution
Cilasoft - Security & Audit Tools
2015-01-19, 16:52:42, Page:1EAM Job Log
Job 060483/GM_BASIC/CILAGMB1From profile GM_BASICTo profile GMStart time 01/19/15 16.29.36Actual end time 01/19/15 16.31.13Duration 00:01:36 h:m:sSystem CILAD71 IP address 192.168.5.122Method *ADOPTExternal Ticket ID PRD-45788-ABOComment Customer data to be fixed manually according to ticket PRD-45788-ABO
Job number Date Time Command
060483 2015-01-19 16:29:49 Job 060483/GM_BASIC/CILAGMB1, EAM job started. From profile GM_BASIC to profile GM. On 01/19/15 at 16:29:49.
2015-01-19 16:29:49 GO MENU(MAIN)
2015-01-19 16:29:56 upddta glfclien
2015-01-19 16:30:24 strsql
2015-01-19 16:30:28 > UPDATE F_GLT/GLFCLIEN SET CLICOMP = 'TOTO' WHERE CLICOMP = '123'
2015-01-19 16:30:30 > SELECT * FROM F_GLT/GLFCLIEN
2015-01-19 16:30:37 Have you considered using System i Navigator's Run SQL Scripts instead of STRSQL.
2015-01-19 16:30:43 wrkactjob
2015-01-19 16:30:52 eendsbs ijrnasj *immed
2015-01-19 16:30:52 Command EENDSBS in library *LIBL not found.
2015-01-19 16:30:52 Error found on EENDSBS command.
2015-01-19 16:30:55 endsbs ijrnasj *immed
2015-01-19 16:30:55 No subsystem IJRNASJ active.
2015-01-19 16:31:01 endsbs ijrnajs *immed
2015-01-19 16:31:01 Ending of subsystem IJRNAJS in progress.
2015-01-19 16:31:04 Job 060483/GM_BASIC/CILAGMB1, EAM job ended. From profile GM_BASIC to profile GM. On 01/19/15 at 16:31:04.
Cilasoft - Security & Audit Tools
2015-01-19, 16:52:42, Page:1EAM Job Log
Job 060483/GM_BASIC/CILAGMB1From profile GM_BASICTo profile GMStart time 01/19/15 16.29.36Actual end time 01/19/15 16.31.13Duration 00:01:36 h:m:sSystem CILAD71 IP address 192.168.5.122Method *ADOPTExternal Ticket ID PRD-45788-ABOComment Customer data to be fixed manually according to ticket PRD-45788-ABO
Job number Date Time Command
060483 2015-01-19 16:29:49 Job 060483/GM_BASIC/CILAGMB1, EAM job started. From profile GM_BASIC to profile GM. On 01/19/15 at 16:29:49.
2015-01-19 16:29:49 GO MENU(MAIN)
2015-01-19 16:29:56 upddta glfclien
2015-01-19 16:30:24 strsql
2015-01-19 16:30:28 > UPDATE F_GLT/GLFCLIEN SET CLICOMP = 'TOTO' WHERE CLICOMP = '123'
2015-01-19 16:30:30 > SELECT * FROM F_GLT/GLFCLIEN
2015-01-19 16:30:37 Have you considered using System i Navigator's Run SQL Scripts instead of STRSQL.
2015-01-19 16:30:43 wrkactjob
2015-01-19 16:30:52 eendsbs ijrnasj *immed
2015-01-19 16:30:52 Command EENDSBS in library *LIBL not found.
2015-01-19 16:30:52 Error found on EENDSBS command.
2015-01-19 16:30:55 endsbs ijrnasj *immed
2015-01-19 16:30:55 No subsystem IJRNASJ active.
2015-01-19 16:31:01 endsbs ijrnajs *immed
2015-01-19 16:31:01 Ending of subsystem IJRNAJS in progress.
2015-01-19 16:31:04 Job 060483/GM_BASIC/CILAGMB1, EAM job ended. From profile GM_BASIC to profile GM. On 01/19/15 at 16:31:04.
Cilasoft - Security & Audit Tools
2015-01-19, 16:52:42, Page:1EAM Job Log
Job 060483/GM_BASIC/CILAGMB1From profile GM_BASICTo profile GMStart time 01/19/15 16.29.36Actual end time 01/19/15 16.31.13Duration 00:01:36 h:m:sSystem CILAD71 IP address 192.168.5.122Method *ADOPTExternal Ticket ID PRD-45788-ABOComment Customer data to be fixed manually according to ticket PRD-45788-ABO
Job number Date Time Command
060483 2015-01-19 16:29:49 Job 060483/GM_BASIC/CILAGMB1, EAM job started. From profile GM_BASIC to profile GM. On 01/19/15 at 16:29:49.
2015-01-19 16:29:49 GO MENU(MAIN)
2015-01-19 16:29:56 upddta glfclien
2015-01-19 16:30:24 strsql
2015-01-19 16:30:28 > UPDATE F_GLT/GLFCLIEN SET CLICOMP = 'TOTO' WHERE CLICOMP = '123'
2015-01-19 16:30:30 > SELECT * FROM F_GLT/GLFCLIEN
2015-01-19 16:30:37 Have you considered using System i Navigator's Run SQL Scripts instead of STRSQL.
2015-01-19 16:30:43 wrkactjob
2015-01-19 16:30:52 eendsbs ijrnasj *immed
2015-01-19 16:30:52 Command EENDSBS in library *LIBL not found.
2015-01-19 16:30:52 Error found on EENDSBS command.
2015-01-19 16:30:55 endsbs ijrnasj *immed
2015-01-19 16:30:55 No subsystem IJRNASJ active.
2015-01-19 16:31:01 endsbs ijrnajs *immed
2015-01-19 16:31:01 Ending of subsystem IJRNAJS in progress.
2015-01-19 16:31:04 Job 060483/GM_BASIC/CILAGMB1, EAM job ended. From profile GM_BASIC to profile GM. On 01/19/15 at 16:31:04.
Cilasoft - Security & Audit Tools
2015-01-19, 16:52:42, Page:1EAM Job Log
Job 060483/GM_BASIC/CILAGMB1From profile GM_BASICTo profile GMStart time 01/19/15 16.29.36Actual end time 01/19/15 16.31.13Duration 00:01:36 h:m:sSystem CILAD71 IP address 192.168.5.122Method *ADOPTExternal Ticket ID PRD-45788-ABOComment Customer data to be fixed manually according to ticket PRD-45788-ABO
Job number Date Time Command
060483 2015-01-19 16:29:49 Job 060483/GM_BASIC/CILAGMB1, EAM job started. From profile GM_BASIC to profile GM. On 01/19/15 at 16:29:49.
2015-01-19 16:29:49 GO MENU(MAIN)
2015-01-19 16:29:56 upddta glfclien
2015-01-19 16:30:24 strsql
2015-01-19 16:30:28 > UPDATE F_GLT/GLFCLIEN SET CLICOMP = 'TOTO' WHERE CLICOMP = '123'
2015-01-19 16:30:30 > SELECT * FROM F_GLT/GLFCLIEN
2015-01-19 16:30:37 Have you considered using System i Navigator's Run SQL Scripts instead of STRSQL.
2015-01-19 16:30:43 wrkactjob
2015-01-19 16:30:52 eendsbs ijrnasj *immed
2015-01-19 16:30:52 Command EENDSBS in library *LIBL not found.
2015-01-19 16:30:52 Error found on EENDSBS command.
2015-01-19 16:30:55 endsbs ijrnasj *immed
2015-01-19 16:30:55 No subsystem IJRNASJ active.
2015-01-19 16:31:01 endsbs ijrnajs *immed
2015-01-19 16:31:01 Ending of subsystem IJRNAJS in progress.
2015-01-19 16:31:04 Job 060483/GM_BASIC/CILAGMB1, EAM job ended. From profile GM_BASIC to profile GM. On 01/19/15 at 16:31:04.
Cilasoft - Security & Audit Tools
2015-01-19, 16:52:42, Page:1EAM Job Log
Job 060483/GM_BASIC/CILAGMB1From profile GM_BASICTo profile GMStart time 01/19/15 16.29.36Actual end time 01/19/15 16.31.13Duration 00:01:36 h:m:sSystem CILAD71 IP address 192.168.5.122Method *ADOPTExternal Ticket ID PRD-45788-ABOComment Customer data to be fixed manually according to ticket PRD-45788-ABO
Job number Date Time Command
060483 2015-01-19 16:29:49 Job 060483/GM_BASIC/CILAGMB1, EAM job started. From profile GM_BASIC to profile GM. On 01/19/15 at 16:29:49.
2015-01-19 16:29:49 GO MENU(MAIN)
2015-01-19 16:29:56 upddta glfclien
2015-01-19 16:30:24 strsql
2015-01-19 16:30:28 > UPDATE F_GLT/GLFCLIEN SET CLICOMP = 'TOTO' WHERE CLICOMP = '123'
2015-01-19 16:30:30 > SELECT * FROM F_GLT/GLFCLIEN
2015-01-19 16:30:37 Have you considered using System i Navigator's Run SQL Scripts instead of STRSQL.
2015-01-19 16:30:43 wrkactjob
2015-01-19 16:30:52 eendsbs ijrnasj *immed
2015-01-19 16:30:52 Command EENDSBS in library *LIBL not found.
2015-01-19 16:30:52 Error found on EENDSBS command.
2015-01-19 16:30:55 endsbs ijrnasj *immed
2015-01-19 16:30:55 No subsystem IJRNASJ active.
2015-01-19 16:31:01 endsbs ijrnajs *immed
2015-01-19 16:31:01 Ending of subsystem IJRNAJS in progress.
2015-01-19 16:31:04 Job 060483/GM_BASIC/CILAGMB1, EAM job ended. From profile GM_BASIC to profile GM. On 01/19/15 at 16:31:04.