NetIQ Security Solutions for iSeries Provides Customizable Security

Article ID: 63459
Posted July 1st, 2009
in
By:
Zac Wiggy

The number of attacks against computer systems is constantly increasing, and this trend doesn't show signs of slowing down. Frequent reports of even the most trusted firms being breeched show that you can’t be too cautious these days. Even the venerable System i could use some help with security, and that's where NetIQ Security Solutions for iSeries comes in.

NetIQ's product aims not only to make it harder to crack into your system, but also make it easier for you to manage multiple servers. Its auditing tools help you track changes to your systems and security violations. Its detection tools constantly monitor your servers for security problems as well as less exotic problems, like disk space shortages. And it works with System i's security to keep your servers safe from suspicious activity.

Manage Privileges

One of the most basic aspects of security is keeping a handle on who can do what to your servers, and NetIQ's product includes Privilege Manager to make it easier to do so. Privilege Manager uses an escalation model so you can give individual users access to specific commands, programs, and files. These granular controls help you meet compliance requirements and let you give fewer accounts the *ALLOBJ authority. You can also audit usage and access failures—the more you know about your servers, the safer they are.

Of course, it's no good to be so secure that the people who use the servers can't get their work done. Privilege Manager lets you schedule one-time or recurring windows where users have access to more sensitive commands to perform tasks like regularly scheduled maintenance without giving access to those commands all the time.

Customization Is Key

Every situation calls for different security responses, and NetIQ provides extensive customizability. You can create custom security checks to protect your specific environment. The iSeries Security Namespace exposes many objects, including message queues, network status, user profiles, and system status for your custom checks.

When you create your own checks you can, for example, establish baselines for certain quantities. Then, if values for your system fall outside the normal values, you're able to figure out what changes have been made to your servers and how you should react. You can incorporate scoring into your security checks so that you can tell how bad a security risk is. And you can select only the system attributes that are important for your reports, so you don't get bogged down in irrelevant details.

If you don't want to create your own security checks or if meeting compliance requirements is your main goal, you can use predefined regulatory compliance templates, including HIPAA, GLBA Access Control, Sarbanes-Oxley, PCI, and FDA.

Controlled Access

When you're in control of who can access your servers and how, you've already won a big part of the battle for security. NetIQ's Remote Request Management (RRM) monitors FTP, Telnet, SQL, and ODBC access to your servers and uses security rules you set to authorize or refuse incoming transactions. These remote transactions are secured at the object level, so RRM works with i's built-in security instead of replacing it. You can use wildcards to specify directories and objects in your rules and not change i's native security.

Your servers are likely to have many different users and security rules and a large amount of remote accesses, so an important part of controlling access is being able to easily view relevant information. RRM includes over 40 reports to tell you who accessed your servers, when, and from where. Its sorting and filtering abilities make it easy to find and work with a specific access rule, even if you have thousands of them. User groups let you assign rules to specific groups of users, so you can, for example, create a group for people who work in a certain department and apply rules to that group.

All Kinds of Threats

Every company has different needs, and the rapidly evolving business and security landscapes mean that to keep secure, you must have a security product that can be customized and work no matter how you set up your environment. NetIQ Security Solutions' many customizable rules and settings mean that you can be ready for whatever comes your way. The product lets you manage heterogeneous enterprise environments and define and manage your own authority configurations.

Real-time monitoring and intrusion protection mean that Security Solutions will keep you safe from outside threats, and privilege management helps you guard against the internal threat of a disgruntled (or simply accident-prone) employee damaging your systems from the inside.

Security Solutions has many more configuration options than could be enumerated here, so visit the NetIQ site for more information and to download a trial version of the product.

Zac Wiggy is an editor in the IT Media editorial group of Penton Media.

Solution Spotlight is a feature of System iNews that provides more in-depth coverage of significant System i products. Selections are based on staff perception of the product as significant to the System i market. Source material for Solution Spotlights are user manuals and other documentation provided by product vendors and is not the result of any product testing.

NetIQ

888-323-6768

netiq.com

Solutions for iSeries

Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Reddit
  • Newsvine
  • Facebook
  • Google
  • Yahoo

ProVIP Sponsors

ProVIP Sponsors