fhs
Volume 7, Number 38 -- October 9, 2007

Raz-Lee Supports SSL in i5/OS Firewall

Published: October 9, 2007

by Alex Woodie

Raz-Lee Security has added support for Secure Sockets Layer (SSL) encryption in iSecurity Firewall, the firewall component of its iSecurity suite that controls access to OS/400 and i5/OS assets via exit points, object-level security, IP packet filtering, user- and group-level security, and other techniques. Support for SSL encryption will make it easier to incorporate iSecurity into the corporate data center without degrading performance, according to Raz-Lee.

Earlier this month, Raz-Lee announced that support for SSL in iSecurity Firewall will bring several advantages, the most important being that users can now adopt specific user-to-port network rules for users of common network services, such as ODBC, FTP, Telnet, Signon, Remote Access, and DDM servers.

What's more, they can do so without requiring the use of the port restriction capabilities of i5/OS, which can bring several disadvantages, the company says.

"Until Raz-Lee implemented SSL support in Firewall, the only way to implement user-to-port rules was to use the OS/400 port-restriction capabilities," says Shmuel Zailer, CEO of Raz-Lee Security. "As a result, companies needing to define service-to-branch office rules often found that this resulted in unacceptable performance degradation."

Another detriment to using i5/OS' port-restriction capabilities is that it requires a relatively high level of technical knowledge, Zailer says. As a result, it "is often very risky, as a slight error may disconnect users from the system!" i5/OS port restriction does not have simulation capabilities, which can make it harder to set up, and its logging file is not part of the standard log files provided by the operating system, the company says.

In a Raz-Lee technology brief available on its Web site, the company says it added SSL support to iSecurity Firewall to satisfy the requirements of one of its customers that was struggling to enforce the use of SSL with ODBC connections among its various subsidiaries.

Some of the customer's subsidiaries had IP addresses that supported the use of SSL, and others did not. The company wanted to make sure that any of the subsidiaries that had the SSL capability were forced to use that SSL capability, while allowing the subsidiaries without the SSL capability to continue to access ODBC with their unprotected connections.



                     Post this story to del.icio.us
               Post this story to Digg
    Post this story to Slashdot

Sponsored By
RJS SOFTWARE SYSTEMS

Let Your Software Do all the Work!

With report delivery tools from RJS Software, you can sit back and let your software do all the work. Use our tools to natively create e-forms, and automatically split, convert and create sophisticated reports that can be distributed in almost any format. Increase productivity, make better decisions and save money.

Visit us at www.rjssoftware.com
for FREE product demos.
Editor: Alex Woodie
Contributing Editors: Dan Burger, Joe Hertvik,
Shannon O'Donnell, Timothy Prickett Morgan
Publisher and Advertising Director: Jenny Thomas
Advertising Sales Representative: Kim Reed
Contact the Editors: To contact anyone on the IT Jungle Team
Go to our contacts page and send us a message.

Sponsored Links

SafeData:  The iSeries HA Solution that’s Guaranteed
COMMON:  Join us at the annual 2008 conference, March 30 - April 3, in Nashville, Tennessee
NowWhatJobs.net:  NowWhatJobs.net is the resource for job transitions after age 40
 

IT Jungle Store Top Book Picks

The System i RPG & RPG IV Tutorial and Lab Exercises: List Price, $59.95
The System i Pocket RPG & RPG IV Guide: List Price, $69.95
The iSeries Pocket Database Guide: List Price, $59.00
The iSeries Pocket Developers' Guide: List Price, $59.00
The iSeries Pocket SQL Guide: List Price, $59.00
The iSeries Pocket Query Guide: List Price, $49.00
The iSeries Pocket WebFacing Primer: List Price, $39.00
Migrating to WebSphere Express for iSeries: List Price, $49.00
iSeries Express Web Implementer's Guide: List Price, $59.00
Getting Started with WebSphere Development Studio for iSeries: List Price, $79.95
Getting Started With WebSphere Development Studio Client for iSeries: List Price, $89.00
Getting Started with WebSphere Express for iSeries: List Price, $49.00
WebFacing Application Design and Development Guide: List Price, $55.00
Can the AS/400 Survive IBM?: List Price, $49.00
The All-Everything Machine: List Price, $29.95
Chip Wars: List Price, $29.95
 
The Four Hundred
IBM Offers System i Blade Deal, Nixes i5 550 in Upgrade Deal

IBM Tweaks BladeCenter S for the Office, Preps Power6 Blades

Growing Businesses, Upgrades Drive IT Hiring in Q4

As I See It: Great Looking Genes

The Linux Beacon
Red Hat, Reporting Q2, Reorganizes Operations for Growth

An Update from the X64 Server Battlefields

HP Wins 163 Teraflops Opteron Super Deal at PNNL

Sun Ships Intel-Based Galaxy Rack Servers

Big Iron
Leasing and Financing Are Important IT Tools, Says IDC

Top Mainframe Stories From Around the Web

Chats, Webinars, Seminars, Shows, and Other Happenings

Four Hundred Guru
IFS Commands Give You Generic Access

APIs Sometimes Fail (But Programmers Don't Have To)

Admin Alert: Remotely Accessing an HMC System Console, Part 1

System i PTF Guide
September 29, 2007: Volume 9, Number 39

September 22, 2007: Volume 9, Number 38

September 15, 2007: Volume 9, Number 37

September 8, 2007: Volume 9, Number 36

September 1, 2007: Volume 9, Number 35

August 25, 2007: Volume 9, Number 34

The Windows Observer
Windows XP Sales Get a Reprieve

Businesses Targeted by Microsoft's New 'Online' SaaS Offering

An Update from the X64 Server Battlefields

Oracle on Windows: A Strong Combination, Ovum Says

The Unix Guardian
HP Updates HP-UX 11i v3, No Plans for X64 Port

Sun Merges Storage Back into Systems Group

BrandZ Containers, xVM Partitions to Host Legacy Solaris Applications

An Update from the X64 Server Battlefields

Four Hundred Monitor
Four Hundred Monitor's
Full iSeries Events Calendar

THIS ISSUE SPONSORED BY:

BOSaNOVA
Aldon
nuBridges
Computer Measurement Group
RJS Software Systems


Printer Friendly Version


TABLE OF CONTENTS
looksoftware's Modernization Suite Resembling a Full IDE

Pat Townsend Normalizes i5/OS Log Data for Security Analyses

Linoma Boosts Surveyor/400's SQL Functionality

PowerTech Updates Compliance Manager

But Wait, There's More:
IBM Comments on iSeries Access and Windows Vista . . . Update on Virtualization Manager's i5/OS LPAR Capabilities . . . Raz-Lee Supports SSL in i5/OS Firewall . . . ACOM Updates EZ Content Manager . . . Inventive Designers Launches DTM for iSeries Version 3 . . . Optio Software Saves Manufacturer from the Paper Chase . . .

Four Hundred Stuff

BACK ISSUES





 
Subscription Information:
You can unsubscribe, change your email address, or sign up for any of IT Jungle's free e-newsletters through our Web site at http://www.itjungle.com/sub/subscribe.html.

Copyright © 1996-2008 Guild Companies, Inc. All Rights Reserved.
Guild Companies, Inc., 50 Park Terrace East, Suite 8F, New York, NY 10034

Privacy Statement