security & compliance for today & beyond · security & compliance for ... compliance,...

29
iSecurity Overview: Security & Compliance for Today & Beyond Shmuel Zailer, CEO/CTO [email protected]

Upload: truongnhan

Post on 13-Apr-2018

219 views

Category:

Documents


4 download

TRANSCRIPT

Page 1: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

iSecurity Overview:

Security & Compliance

for

Today & Beyond

Shmuel Zailer, CEO/CTO

[email protected]

Page 2: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

• Internationally renowned IBM i solutions provider

• Founded in 1983, 100% focused on IBM i

• Corporate offices in: US, Italy, Germany, Israel

• Installed in over 35 countries, more than 12,000 licenses

• IBM Business Partner, Integration Partner with Tivoli and Q1Labs

• Partnerships with other major global security providers:

• Official partnership with RSA enVision, GFI SIEM, HP OpenView

• OEM by Imperva SecureSphere

• Proven integration with ArcSight, CA UniCenter, Splunk, Juniper…

• Worldwide distribution network

About Raz-Lee Security

Page 3: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

Raz-Lee’s Mission To provide the best and most comprehensive IBM i

compliance, auditing and security solutions

• Infrastructure Security: network access, QAUDJRN monitor and report, user profile management and object authorities, automatic tracking of software changes, native object security, anti virus protection, all the above with multi-LPAR management capabilities

• Application Security: DB activity (journal) auditing, Cross-Application business item reporting with real-time alerting, Business Intelligence over transaction data, screen recording…

• System tools: File editor, RPG/COBOL and interactive access to MS SQL, Oracle, MySQL, Excel,…

Raz-Lee Security – Mission & Product Lines

Page 4: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

Raz-Lee’s Global Distribution Network

Page 5: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

Selected iSecurity Customers

Some Banking Customers KUNDINKASSO FORENINGSSPARBANKE

RISONA BANK

BURAJIRU BANK

SVENSKA HANDELSBANKEN-LUXEMB.

MIZUHO CORPORATE BANK

MIZUHO BANK

ROYAL BANK OF SCOTLAND

NUEVO BANCO DE SANTA FE

KINKI OSAKA BANK

BANK OF CHINA

VENTURE BANK

BANCO DI SARDEGNA

FIRST GLOBAL BANK

KANSAI URBAN BANK

HSH-NORDBANK

Some 2011 Customers TAIKO HEALTH

INFO AG

SOUTHERN WINE & SPIRITS

BALLY TOTAL FITNESS

WYOMING MACHINERY

WILLIAM ADAMS

BUTLER MACHINERY

CATS

ECOMMERCE

FOLEY EQUIPMENT COMPANY

CAPITAL

AVESCO

SANDS BETHLEHEM CASINO

PANASONIC EXCEL STAFF

SANYO ELECTRIC LOGISTICS

Page 6: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

• CHS (Community Health Systems, US) appx. 150 LPARs, replaced Powertech

• Royal Bank of Scotland purchased iSecurity after POCs of nearly ALL competitors!

• Venetian Casinos (multi-national) purchased iSecurity following extensive compliance POC.

• Euronet Worldwide banking clearinghouse in Europe & Asia, replaced competitor with iSecurity.

• Svenska Handelsbanken, one of the largest banks in Scandinavia, used competitor for several years; replaced it with iSecurity.

• Unicredit (IT Austria), SkyTV, IKO Industries, JPMorgan Chase, Boyd Gaming, Bank of China, MasterCard, Avis

iSecurity: Selected Customers

Page 7: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

• Full GUI and green screen - short learning curve, ease of use

• Visualizer Business Intelligence analysis

• Hundreds of built-in, customizable reports. Report/Query Generator and Scheduler produces print, screen, HTML, PDF, CSV e-mailed reports.

• Wizards, Real Time/Periodical, Alerts. All done on IBM i

• Sends SYSLOG, SNMP, Twitter, e-mail, messages

• Cross-enterprise reporting, definitions, logs

• Exceptional performance on all sizes of systems

• Unique products: Capture, Change/PTF Tracker, DB-Gate, Anti-Virus

• The most comprehensive IBM i security suite, with on-going product development

iSecurity - Characteristics

Page 8: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

Reports for Large Systems

• Report/Query Generator HTML, PDF, CSV, EXCEL reports by E-mail (in addition to output via Screen, Print, GUI an OUTFILE)

• Each field includes field description, values and their description, allows selection of possible values

• Filter by EQ, NE, GT… LIST, LIKE, START, ITEM (in an external table) with And/Or conditions

• In AP-Journal also DIFGT, DIFLT… DIF%GT, DIF%LT… (difference between After and Before values in numbers and percentage)

• Report includes Explanation to auditor, Systems included in the report, Statistics…

• Can be observed by Visualizer for analysis

• Fully featured Report Scheduler

Page 9: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

Consolidated report correlating information from all

LPARs, up to last minute

Note last 5 minutes and system parameters

Page 10: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

Integrated Business Intelligence

Intuitive Multi-

Level Filtering

Use Summary

Data for On-

Line inspection

Drill down to

LOG events

Page 11: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

Multi-System Support in iSecurity

• Replication:

• User Profiles & Passwords

• System Values

• Product definitions/rules

• Reporting: reports on all LPARs from any single LPAR in real time

• Compliance: compare compliance scores of systems

• Real Time reaction to security breaches: sends SYSLOG, SNMP, Twitter, e-mail, messages, … with edited messages or Fields

Page 12: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

iSecurity Products Overview

Evaluation

Compliance Evaluator for SOX, PCI, HIPAA…

Visualizer- BI for security

Syslog, SNMP for SIEM

Auditing • Audit QAUDJRN, Status… • Real-time Actions, CL scripts • Capture screen activity • Central Admin of multiple

LPARS & systems • User Profile Replication • Change/PTF Tracker

Protection • Firewall FTP, ODBC,… access

• Obtain Authority on Demand

• Monitor CL Commands

• Native Object Security

• Anti-Virus protection

Databases • DB-Gate: SQL to non-DB2 DBs (Oracle, MS SQL,…)

• AP-Journal for DB audit, filter, archive, real-time alerts

• View/hide sensitive data

• FileScope secured file editor

Security Assessment FREE!

PCI, HIPAA, SOX… Security Breach Management Decision

Page 13: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

Compliance Report with Score for 2 Systems

Detailed

Summary

Page 14: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

Major iSecurity Products:

Firewall, Audit, AP-Journal

Firewall - Provides total protection of ALL company’s critical files, libraries, etc.

from network intrusions, viruses, and unauthorized usage.

Audit – Enables easy auditing of ALL company’s critical files, users, jobs,

objects, etc. Includes more than 200 built-in, customizable reports which can be

scheduled to run at pre-set dates and times.

AP-Journal – Powerful, unique application security:

• includes real-time threshold-activated alerts per application fields

• changes to business-critical data are highlighted

• displays both “before” and “after” data images

• generates cross-application timeline reports of all data changes/updates

• also monitors and reports on READ access to fields

Page 15: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

AP-Journal Examples (for banking/financial)

• Provide the customer with a timeline report showing MORTGAGE history of

the last 5 years. Include only important info.

• Send e-mail, SMS, SNMP, SYSLOG, Twitter when the INTEREST_RATE

changes by more than 0.2%.

• Who modified PAYMENTS between 20:00 and 06:00 or during corporate

summer vacation?

• When did the tariff for overseas transactions change?

• Which users, who are not Managers, viewed the confidential

PAYMENT_TERMS table since the last business day?

• What changes to the bank’s production libraries were made via non

application-specific (SOX mandated) utilities such as IBM DFU?

Page 16: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

Alert After

AP-Journal Technical Overview

Receivers

Screen Print-out

Long-time storage for critical data

Email & HTML

Alert Before

DB1 DB2 DB3

Reporting System

Reporting System

Processing of Receivers in Real time

(or at night)

C D

E F

G G

Journal DB-Reads

B A

Containers

Business Items

Page 17: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

AP-Journal - Unique Application Security

• React in Real-Time • Message, e-Mail, SMS, Syslog, Twitter, CL Script • For irregular activity or as Application Extension (SMS the customer when

order is ready)

• Interconnect applications (no programming), time based: • Order history (items, payments, claims, ….) • Mortgage history (loaners, guarantors, real-estates, payments)

• Special support for Misys, JDE…

• Bi-lateral data conversion capabilities between external and internal data • All outputs and inputs are in standard “human” format, all internal

representations are according to system logic • Converts internal date representation to external “human” format • Support add/omit decimal point based on actual currency

• Controls READ access (PCI requirement)

• Who read the Credit Card number (xxxx-xxxx-xxxx-xxxx) • Which credit cards were displayed on a certain user’s screen

Page 18: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

iSecurity Audit: Information Sources

OS/400

Objects

•Users

•Authorities

•Objects

•Scheduled

Jobs

•Etc.

Report Generator & Visualizer:

Screen, GUI, PDF, HTML (by email)

Filtered Data

Receivers

`

I5/OS

QAUDJRN Current Activity

•Active Jobs

•System Status

•Sharepools

Message

Queues

•QSYSOFR

•Any other

Message

Queue

SIEM Support:

Syslog, SNMP

Log

Alert via Action

Page 19: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

Issue Real-Time Alerts via iSecurity Action

QAUDJRN

(Audit)

Network

Security

(Firewall)

Critical OS

messages

(QSYSOPR/

QSYSMSG)

Database

Journals

(AP Journal)

Authority changes

(Authority on

Demand)

Real-Time Alert handling in iSecurity

Execute CL

Scripts

Send e-mail Write to MSGQ Write to

SYSLOG

Send SMS,

SNMP,

Twitter, etc.

Page 20: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

GUI enables simultaneously managing same subject

on several LPARs

Note comparison of User Profiles on 2 systems

Page 21: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

Over the web single console (e.g. Twitter)

Note Alert Message

options and message as

received in Twitter

Page 22: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

Visit us at

www.razlee.com

[email protected]

Thank You!

Page 23: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

• Standard SQL access to MS SQL, Oracle, MySQL, Excel, CSV and other data sources

• Standard SQL statements, no APIs

• Native SQL integration with RPG, Cobol, C - /EXEC SQL

• Works interactively from Start SQL (STRSQL)

• Integrates with IBM Host Server Authentication

• No need for *SQLPKG even when accessing another IBM i

DB-Gate: Runs SQL 6 times faster for

non-i database access (on RL’s test system)

Oracle

MS SQL

MySQL

SQLite

PostgreSQL

SYBASE

Excel, CSV

and more…

IBM i DataBases

> SELECT * FROM PROD.CUST

> CREATE VIEW CORPDATA.MANAGERS AS

SELECT LASTNAME, DEPT FROM CORP.EM

WHERE JOB = 'MANAGER'

> DELETE FROM PROD.CUST WHERE ID = 78

===> ________________________________

COBOL/RPG/C

*...1....+....2....+....3...

C/EXEC SQL

C+ DECLARE C1 CURSOR FOR

C+ SELECT * FROM CORPDATA.DEPT

C+ WHERE JOB = 'MANAGER'

C/END-EXEC

Enter SQL Statements (STRSQL)

Page 24: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

• Tracks all software changes with NO human intervention- total “foolproof”. Your auditors will love it.

• Tracks in real-time, relies on actual updates to production libraries

• Tracks Programs, Modules, Files, etc. object types including source and attributes

• Have a CMS? Change Tracker will record activities made outside the CMS (Change Management System)

• No CMS? Change Tracker satisfies all your auditor’s requirements

• Ideal for medium-small shops, essential for large enterprises

Change Tracker

Page 25: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

Change Tracker

Page 26: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

• Automatically tracks all PTF activities; apply, remove, current status

• Detailed information relates to the PTF (ID, licensed product, release level), transaction (what, when, by who) and all the objects installed by the PTF (name, type, modules)

• Classifies PTF data into site-specific products such as “Upgrade to TR5”

• Built-in, customizable reports and report generator for on-screen, *PRINT and e-mailed HTML, PDF, CSV output

• Multi-LPAR / Multi-Site reporting

PTF Tracker

Page 27: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

PTF Tracker

Page 28: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

• Audit trail of all database and application activity including accesses

• Focused on “before/after” changes to critical business items which may span multiple applications (Load Number, Order Number, etc.)

• Extends existing applications with additional application functionality without programming!

• Real-time alerts when data changes by more/less than pre-defined percentage or numeric thresholds

• Timeline history of changes to business items, e.g. all changes to a Mortgage

AP-Journal

Page 29: Security & Compliance for Today & Beyond · Security & Compliance for ... compliance, auditing and security solutions ... I5/OS QAUDJRN Current Activity •Active Jobs •System Status

AP-Journal