PowerTech Looks to OpenService for Cross-Platform Security

Published: January 30, 2007

by Alex Woodie

One of the downsides of the rise of multi-platform, n-tier computing environments most iSeries shops live in is the complication of security. Potential break-ins may not be detected and stopped by scanning iSeries logs, and changes may need to be made across multiple systems. To help iSeries shops get a handle on cross-platform security problems, PowerTech is teaming up with OpenService to bring greater OS/400 depth to OpenService's security event correlation and reporting tools.

OpenService sells a collection of security tools, which it classifies as Security Information Event Management (SIEM). Under this SIEM umbrella lays the company's flagship Security Management Center (SMC), which provides a framework that brings together various aspects of security--including threat management, log management, security policy compliance, and regulatory compliance--that's accessed in real-time from a dashboard interface.

The SMC offering is split into two components. The Security Threat Manager is a real-time security event correlation engine that gathers data from the various supported devices, and compares it to information from vulnerability assessment scans to determine the areas of an IT infrastructure that are at risk.

The second component of SMC, called the Security Log Manager, is composed of a large database that stores data gathered by the Security Threat Manager for the sake of creating reports over time. The Log Manager is often used forensically, to answer questions about security events, and also for regulatory compliance reporting.

OpenService already supported more than 60 operating systems, databases, and end-point security tools, such as eEye Digital Security's Blink intrusion prevention system (IPS), Cisco's Pix firewalls and intrusion detection systems (IDS), Microsoft's Active Directory, Qualys' QualysGuard Enterprise vulnerability assessment (VA) systems, Symantec's antivirus (AV) software, and many other commonly used IDS, IPS, VA, and AV offerings.

In mid-2006, the company added the capability to read OS/400 security logs when one of its customers, Security Bank of Kansas City, requested that OpenService support the IBM midrange server, says Art Zins, vice president of business development for OpenService. "They had several of them [iSeries] in their environment. It's kind of a strange beast, so we connected back with IBM, and they were happy to provide technical resources," Zins says.

Since then, several other iSeries shops have selected OpenService to help them monitor their IT infrastructures. At some point, Zins decided to take OpenService's support of the otherworldly server to another plane, and that's where PowerTech comes in. "We're not very experienced with AS/400 systems from a security sense. PowerTech has a lot of experience, so working together adds more credibility in those accounts," he says.

At this point, the partnership is largely a sales and marketing arrangement, according to Zins. The companies are referring prospective customers to each other, and they're planning on holding some joint Webinars later this winter. OpenService is also making use of PowerTech's free security assessment software, which analyzes a user's OS/400 security settings to gauge how strong its security is--or, more often than not, where the glaring holes are.

There is also some development going on to more closely link SMC with PowerTech's security tools. This is good news for PowerTech, which focuses intently on the iSeries security space and is considered one of the leading independent authorities in the area.

PowerTech currently doesn't offer security tools for other types of servers, which is a concern only because companies' IT environments have become so heterogeneous. In the past, the pure-play has looked outside to companies like Internet Security Systems (ISS)--which was acquired last year by IBM--for the cross-platform and event-correlation security tools. Now, it has an independent partner to turn to for cross-platform security tools in OpenService.

The capability to see across platform and application lines provides a critical advantage in today's security environment, Zins says. "Lots of times, you don't have the whole picture of what's going on until you look at the picture taken together," he says.

"Although the IBM folks would say there has never been a hack of the AS/400, that's not really true," Zins says. "Once you put yourself on the Internet, you're opening yourself up to the same problems everybody else has. AS/400s today are part of a larger environment with non-AS/400 systems, and security and network devices."

OpenService was founded in 1994 as a provider of network management software. The company, which today is based in Marlborough, Massachusetts, gradually turned to security, which has been the focus of the company for the last four years. While the company is small, it serves primarily larger customers, and today counts more than 100 customers.

OpenService SMC suite starts at around $70,000 and ranges up to several hundreds of thousands of dollars. For more information, visit www.openservice.com.

RELATED STORIES

PowerTech Issues Third Annual State of i5/OS Security Report

PowerTech Picks New President and CEO

PowerTech to Resell 256-Bit Encryption from Pat Townsend

PowerTech Adds 'FireCall' to Authority Control Product

                     Post this story to del.icio.us
               Post this story to Digg
    Post this story to Slashdot