Califon Systems Ships New Release of OS/400 Security Module

by Alex Woodie

OS/400 is a notoriously secure operating system, but without proper exit point controls in place, PC-based users can gain unhindered access to the database. One of the providers of OS/400 network security products, Califon Systems, recently started shipping a new release of its network Security Module. New features with this release include the capability to restrict access by day or time, improved FTP server log-ons, and on-the-fly reporting of product settings for auditing purposes.

You may not have heard about Califon Systems, a small OS/400 software developer based in Newport Beach, California. The company's roots go back to 1989, when it was a backup solution provider that sold OS/400 backup software and a variety of tape drives, including 8 millimeter, quarter-inch, and half-inch Magstar and DLT tapes, as well as nine track reel-to-reel, to S/36 and AS/400 shops. Today, Califon concentrates on software and services and has a range of OS/400 utilities to choose from. Among these are its exit point program, an auditing package, a file transfer utility, and a cross-platform password synchronization product.

Several months ago, Califon introduced a new release of its Security Module, which was first developed four years ago. This green-screen exit point program helps companies restrict the access to OS/400 that most PC emulation and desktop products leave wide open, including ODBC, DDM/DRDA, FTP, IFS, TCP, and Telnet, among others. The Security Module can be used to grant or deny authority to specific users or groups of users, or to grant or deny access to specific libraries, objects, commands, or IFS directories. Rights for read-only, or read-write, can also be controlled with this product, and it keeps an audit trail as well.

The Security Module has several new capabilities, including a new report-generation facility that allows reports detailing security settings to be printed on the fly. The company says that this new reporting capability, which confirms what and who the administrator has secured on the OS/400 server, can come in handy during internal or external audits.

Version 3.5 also introduces the capability to restrict access to AS/400 and iSeries assets by day and by time. With this feature, administrators can put in place additional restrictions for server requests for specific users and for IP addresses. The capability to recognize and restrict users by IP address has also been added to the Security Module's FTP server log-on process. Previously, this process only supported user names, and this is the final major enhancement Califon has delivered with Version 3.5.

Califon currently has close to 300 users of its security module in Europe, Asia, and Latin America, and is expanding its presence in the United States, says Steve Davis, vice president of sales. The company provides technical support for its customers over the phone and via e-mail and the Web.

Pricing for the network security module is tier-based and ranges from about $1,500 to $7,000. For a limited time, Califon is willing to waive the license fee in exchange for payment of the maintenance fee, which is currently 20 percent, Davis says.

For more information on Califon Systems and its products, go to www.califon-systems.com.