Someone may be manipulating information in your organization. - and you may never know about it!

Transcription

1 for iseries, version 3.5 Complete Security Suite for iseries (AS/400) TCP/IP and SNA Connectivity Someone may be manipulating information in your organization - and you may never know about it! If your iseries (AS/400) is connected to a local or remote network, there are weaknesses in your computer s defenses. Even using a hardware firewall, your computer is still open to attack from outside and misuse from within. Your data can be viewed, changed and even deleted - without trace. Bsafe/Global Security is a comprehensive security solution tailored for the iseries (AS/400) to prevent penetration of your system from the internet or other networks. It is an unparalleled combination of exit-point access control, auditing, reporting, monitoring and IDS early warning in a single product, all tightly controlled through a GUI that is second to none. Bsafe/Global Security is an integrated package of seven essential components in a single product, ensuring maximum protection and auditing of your iseries (AS/400) computer: 1. Intrusion prevention system (IPS) 2. Intrusion detection system (IDS) 3. Advanced audit journal and report manager 4. Graphical network traffic analyzer 5. Dataflow data integrity monitor 6. Internal security manager 7. Full windows-based GUI management console

2 The Benefits of Bsafe/Global Security on your iseries Maximum protection of your iseries through rigid network access control of users both outside and within your organization - including authorized and power users. Powerful auditing capabilities to identify system and data access events and trends. Extensive reports and inquiries to comply with tight auditing demands. Management of an ordered audit policy made easy in the Bsafe/Global Security intuitive GUI. Compliance with Sarbanes-Oxley and ISO and other rigid requirements. GUI interface. Bsafe/Global Security is the unchallenged leader not just in functionality, but also in the clarity and user-friendliness of its PC interface. It is this feature that brings advanced iseries security and auditing to experienced and inexperienced iseries administrators alike. Early warning the built-in IDS (intrusion detection system) will alert you of unauthorized access attempts, failed login attempts and other activities the moment they occur. A single, integrated product comprising all the major security functions: exit point access control, IDS, audit, policy definition and other principal administration tasks through an intuitive PC interface. ROI. Big savings in administration time, development time, in prevention of data theft & misuse and in investigating suspicious events. Reduction in server load following the elimination of unwanted activity. Page 2 of 8

3 Architecture Bsafe/Global Security uses client/server architecture. The essential protection and reporting software resides internally within the iseries (AS/400) giving a truly native security solution. Definitions and control are handled through a friendly and intuitive GUI interface on one or more PC s on the network. The Essential Components 1. Intrusion Prevention System (IPS) Bsafe/Global Security Architecture The IPS is the core of the Bsafe/Global Security product. It comprises: Internet & Intranet Secure Gateway Network IP Address Control Internet Users Control Port Restrictions Control Internet & Intranet Secure Gateway Ultra-tight access control to prevent unauthorized requests through TCP/IP and SNA connections. Access can be restricted by user, group, IP address, application server/service and specific operations. Page 3 of 8

4 The wide variety of iseries (AS/400) application servers and services protected by Bsafe/Global Security includes: Under TCP/IP: Telnet, FTP, TFTP, Remote Command, Remote SQL, Database, Data Queue, ODBC, DDM, DRDA, IFS, Signon, File Server, Central Server, Message Server, Virtual Print, Network Print, WSG Logon and more. Under SNA: DDM, Pass through, Data Queue, File Transfer, DRDA, iseries (AS/400) in the network. Under System: Delete Journal Receiver, Power Down System, System Attention Key. Access can be secured down to the level of a single action (e.g. FTP delete, SQL select statement and OS400 commands which, while allowed in the normal work environment, become suspect when used via the network). At the object level, access can be controlled to selected devices, libraries, files, commands, programs and IFS paths. Network IP Address Control The Network IP Address Manager is an integral part of management in TCP/IP Network Security. Upon activation of Bsafe/Global Security and the Traffic Analyzer, Network IP Address Manager provides a list of active IP addresses to help you determine restrictions and authorizations according to your organization's policy. Internet Users Control Bsafe/Global Security allows management of public internet users, authorized to activate specific applications within the iseries (AS/400). This includes assignment of authorizations, including entry passwords to a specific validation list for each application. Port Restrictions Control Access to your iseries (AS/400) ports is fully covered against penetration and may be restricted by application, protocol and authorized users. Page 4 of 8

5 2. Intrusion Detection System (IDS) The moment an intrusion occurs real-time notification can be sent via several means, including on-line messages, , SMS and/or others. The alert criteria are defined by you. Bsafe/Global Security currently supports the sending of messages under SNMP to the following lead products: IBM- Tivoli, HP-Openview, CA-Unicenter, Orange-Cellular, IBM-Teledrine. 3. Advanced Audit Journal and Report Manager Bsafe/Global Security includes innovative GUI management of the System Journal Audit providing full supervision of the system journal audit including management of journal receivers, audit policy definition and reports. The sophisticated interactive system journal log provides retrieval through filtering by different criteria. When investigating attempts of security breaches, the advanced audit journal manager turns a previously complex and time-consuming task into a simple and efficient one. The report manager contains 64 built-in reports, which can be previewed on the screen or printed. Additional reports can be defined by the administrator and saved for later reuse. 4. Graphical Network Traffic Analyzer Bsafe/Global Security allows monitoring of all network requests to your iseries (AS/400) servers. Once logged, network requests are immediately available for analysis through a sophisticated system of filtering and graphical presentation. This feature facilitates a real-time picture of your network trends and allows on-the-spot decisionmaking on security policy, saving precious time and staff costs. Network Traffic Monitoring, Bsafe Audit A detailed log of network events containing critical information which is absent from the system log (e.g. user ID of user executing FTP commands). The information logged here is available for examination via filtering by different criteria and forms the basis for investigation and analysis using Bsafe/Global Security graphical analysis tools. Network Traffic Analyzer, Summary and Statistics Summary data and graphs to present distribution of network events, allowing you to determine trends and aiding you in the identification of abnormal activity. Page 5 of 8

6 Network Traffic Distribution, Summary by Time Network activity offset against time, filtered by event type, user and other criteria. The network traffic distribution function features an ECG-like graph and summarizes network requests by year, month, day and even hour. 5. Dataflow data integrity monitor With Bsafe/Global Security Dataflow Database Integrity you can track changes in your data down to the level of a single item. Field values can be displayed from before and after the change accompanied by a full description of the environment at the time of the change including user, the program through which the change was made and more. The product has been designed for users who don t necessarily possess a deep knowledge of system commands. You can easily view changes in field values, or details of deleted and added records. Bsafe/Global Security Dataflow Database Integrity can assist you in making decisions regarding restoring of corrupted data. 6. Internal Security Manager Bsafe Internal Security Manager manages iseries (AS/400) internal security tools in one convenient easy-to-use GUI. It includes user profile and OS400 object authority management along with an advanced audit journal and report manager. User Profile Manager Fast and powerful management of OS400 user profiles with maximum information displayed to the administrator and one-click operations. Object Authority Manager A flexible, easy-to-use and efficient means to handle permissions and restrictions to OS400 objects. 7. Full Windows-Based GUI Management Console Page 6 of 8

7 Bsafe/Global Security is controlled through a Windows-based client connected to your iseries (AS/400). The product features a full graphical user interface, with one-click operations and on-line help. A single screen handles all the iseries (AS/400) in your network simultaneously. SSL & Crypto Access Support Bsafe/Global Security includes SSL support and encrypts the data moving between the security administrator's PC client and the OS/400, through TCP/IP. This is accomplished through close integration with the IBM Digital Certificate Manager and the IBM Crypto Access Provider for OS/400. National Language Support The Bsafe/Global Security database fully supports any national language supported by the OS400 file system. Furthermore, the GUI interface may be tailored to any language supported by your PC. Bsafe/Global Security Administration Role Manager Through the Bsafe/Global Security administration role manager you can define different levels of security authorization for different members of your security team. Page 7 of 8

8 About Bsafe Information Systems Bsafe Information Systems produces network and data security products for IBM iseries (AS/400), IBM zseries (mainframe ), and open systems. In addition, the company manages custom projects in the security field. For more than a decade the company has been providing security solutions to large organizations with high security demands such as banks, insurance companies and public institutions. Our experience and on-going development in security technology enable us to provide comprehensive and state-of-the art solutions for our clients. Contact: USA-West Coast Mr. Dennis Bress 124 Opal Ave. Newport Beach CA Tel info-usw@bsafesolutions.com For additional information, please contact your local representative or visit the Bsafe Solutions website at Copyright Bsafe Software Solutions Ltd. All rights and privileges reserved. All trademarks are property of their respective owners. Bsafe/Global Security Analyzer patent pending Bsafe/Global Security registered as IBM product no. 5620DLJ * IBM Product No. 5620DLJ *Patent pending Page 8 of 8