Safestone Unveils i/OS Compliance Software
Published: April 20, 2010
by Alex Woodie
System i shops that are looking to get compliant with government and industry regulations like Sarbanes-Oxley, PCI, Basel II, HIPAA, ISO, and COBIT were given another tool last week when Safestone Technologies unveiled Compliance Center for i. The new software takes the grunt work out of sifting through i/OS logs and configuration settings, gathering the pertinent data, and arranging it into an acceptable report format.
Safestone is no stranger to the regulatory demands placed on System i shops by new laws and industry guidelines. For years the company has developed tools, such as the Security Audit & Detection and Risk & Compliance Monitor components of its DetectIT suite, which help to identify i/OS settings and activities that breach the regulations, as well as audit the system's journal.
Owing to the huge demands that regulatory compliance is placing on companies and their IT staffs, Safestone decided to develop a more tailored approach to auditing for the Power Systems server. Compliance Center for i, or CCi, is the result of that effort.
CCi is an integrated component of the DetectIT suite, and builds off of Safestone's pre-existing products. The vendor says the Windows-based product provides a simple and intuitive interface for querying data gathered by other DetectIT components, while focusing on the reporting requirements demanded by various industry regulations.
Safestone CCi allows administrators and auditors to gauge the compliance status of multiple System i servers or partitions from a single graphical console.
Depending on which other DetectIT modules the user has licensed, CCi will examine system values, user profiles, object authorities, QAUDJRN and QHST journal entries, and exit point traffic like FTP, ODBC, and SQL. Filtering mechanisms allow users to whittle down the huge amount of data stored in server logs to something more manageable and relevant to the users' goals.
The software will generate a report based on the results of the query and the industry regulation or law at issue. Reports can be output in standard formats, including PDF, HTML, and CSV, and automatically distributed via e-mail. A built-in scheduler enables the software to generate reports while the server is unattended, making the software useful for organizations with far-flung IT operations.
Terry Heath, Safestone's chief operating officer, says CCi delivers robust yet affordable log management, storage, and IT compliance reporting. "Compliance Center enables fast and efficient forensic analysis for effective threat management," he states in a press release.
CCi is available now. Safestone, which is based in the U.K. with U.S. offices in Seattle, Washington, expects to roll out versions of Compliance Center for the other two Power Systems operating systems, AIX and Linux, in a short period of time.
Pricing for CCi is based on the number of servers or partitions the software is running against, and starts at $3,000. For more information, visit www.safestone.com.
Safestone Gives Away Free PCI Assessments to i OS Customers
Safestone Cracks Down on Excessive Authority with PUP
Safestone Gives i Security Officers Greater Control
Safestone Re-emerges with New Corporate Identity, i OS Security Tools
Putting the 'i' Back Into PCI
Post this story to del.icio.us
Post this story to Digg
Post this story to Slashdot