What does the security section of your tech team look like? Does it involve multiple employees and a huge array of security products? Robot/SECURITY is an i5/OS security monitoring and auditing software that combines five tools in one package to create a complete security strategy for System i, with an interface so simple that even nontechies can manage it.

Robot/SECURITY covers multiple aspects of i5 security: exit point monitoring, the System Audit Journal (QAUDJRN) monitoring and notification, security audits, profile exchange, and forensics. With all of these options, you can keep your i5 as secure as a secret agent's identity.

Watch Your Back (Door, That Is)

Giving users the convenience of accessing system functions through several industry-standard protocols, such as ODBC/JDBC, FTP, and Telnet, also opens that many more doors to intruders. The first and foremost security feature of Robot/SECURITY is its Exit Point Monitoring, which monitors server exit points and controls when, where, and who can access your system to create a barricade against unauthorized access.

With Exit Point Monitoring, managers can define which exit points to control and the level of management needed. The monitor also keeps a running history of which users accessed which point and at what time. By having a log of this activity, managers can pinpoint specific users who might be causing security breaches.

Several modes are available within exit point monitoring, including the ability to enforce rules. Managers can choose log only, no logging, lock all server access, all rules enforced, and learn modes, from which they can see all exit points being accessed at a particular time to get a birds-eye view of all the comings and goings on the server. The monitoring supports individual users and user lists and lets managers control access down to the object level, even to setting limits on IP addresses users can access and restricting library access. Managers can create exit point rules based on user profiles or server capabilities, and they can set up a schedule of access permissions for users or user lists.

Take On an Alias

Giving any user on your system a special authority (such as *ALLOBJ, *IOSYSCFG, or *SECADM) or sharing the QSECOFR password can lead to data theft or other unauthorized activities. Robot/SECURITY Profile Exchange allows you to authorize users to assume the authority of a more powerful user profile for a short time, and only when needed.

When users need a different authority level, this module enables them to temporarily exchange profiles with an alternate profile (approved by a supervisor), assume the necessary authority, complete their tasks, then return to their standard authority level. Robot/SECURITY tracks all activities carried out during the exchange to ensure that each user can be held responsible for his or her actions.

With Profile Exchange, managers can also set up exchanges to happen on a predefined schedule, occur with an administrator's approval, or process automatically with simply a notification to a manager. Administrators define alternate user profiles that are eligible to swap authorities to ensure, for example, that the mail clerk can't access the same files as the vice president.

Always Be on Alert

In addition to security exit points and grants of authority, Robot/SECURITY monitors system activity. The QAUDJRN Monitoring module watches your security audit journal in realtime for authority failures, user-profile changes, invalid password attempts, and system value changes. It then notifies a selected individual when potential security problems occur. Managers can choose to receive notifications via e-mail, pager, or network. Managers can also set a command to purge the reports after a specified period of time. Robot/SECURITY's Security Audit module audits the system and reports if its settings don't match industry best practices or the predefined company security policy. This helps ensure that vulnerabilities are stopped before they become major problems.

If your company doesn't have a security policy, Robot/SECURITY can help you create one. Security Audit can audit system value settings, user profiles, network attributes, servers, and more. Additionally, you can audit your libraries, files, commands, programs, directories, and other objects for proper private and public authorities. The audit can cover general system settings, such as system values, autostart settings, user profiles, libraries, job descriptions, and even workstation entries. A comprehensive set of reports provides a complete audit record created with CobIT and SOX-compliant standards, so managers and auditors alike can pinpoint security problems with ease.

The Forensics Analysis Utility (Figure 1) is a PC tool that consolidates data from several sources, including Robot/SECURITY profile exchange and exit point monitoring, QAUDJRN, the QHST, QSYSOPR and other message queues, and other Help/Systems products to help users research and drill down into system security activity by user, job, or date. After consolidating the data, managers can sort and filter it by profile, object, or library. Robot/SECURITY's Forensics Analysis Utility also offers a data filter that lets you limit the data shown to the entries that meet the criteria you specify; for example, you can display only entries related to a specific file or library, or see what that pesky, shifty-eyed Bob is up to down in accounting (you've never trusted that guy). With the Analysis Utility, managers can get a clear, realtime, detailed security update in a graphical display.

So, Robot/SECURITY can secure exits, protect identities, and help managers keep an eye out for suspicious activity. If you need to make your System i as secure as Area 54, Robot/SECURITY might be perfect for the job.

Erin Bradford is an assistant editor for System iNEWS.

Solution Spotlight is a System iNEWS feature that provides more in-depth coverage for selected System i products. Selections are based on staff perception of the product as significant to the System i market. Source material for Solution Spotlights includes user manuals and other documentation provided by product vendors and is not the result of any product testing.