|
Protegrity Delves Into OS/400 Security with 'Defiance'
Published: October 24, 2006
by Alex Woodie
Protegrity last week launched a new release of its suite of data and application security software that provides support for OS/400 for the first time. With Defiance 4.2, Protegrity has put the OS/400 server on the same footing as other major platforms, and has enabled users to manage and monitor the security of the OS/400 server alongside all of their other servers.
Protegrity got its start about 10 years ago with the launch of a database encryption solution, called Secure.Data. Since then, the Stamford, Connecticut, company has built, acquired, or partnered for additional security capabilities that enhance that core proficiency in data and file encryption.
In the case of OS/400 security, Protegrity partnered with Patrick Townsend & Associates, an acknowledged leader in the field of DB2/400 encryption. The two companies announced their partnership in June, and Protegrity delivered the new DB2/400 encryption and application protection capabilities with the release of Defiance 4.2, which was announced last week.
The inclusion of OS/400 security capabilities in Defiance 4.2 is important for Protegrity, says Paul Giardina, Protegrity's senior vice president of marketing. "It's a strategic direction for us," he says. "We think it's an important platform out there, and one that's underserved."
Protegrity is hoping to solve a vexing problem for its customers: providing a single view of IT security. "From AS/400s to SQL Server to Oracle, one of their biggest obstacles is to tie and manage those together to provide a consistent security policy," Giardina says. "You can define a security policy and roll it out to AS/400s. That's a big plus for organizations."
Pat Townsend helped Protegrity develop an encryption solution for DB2/400, which is now available in the Data Protection System (DPS) component of Defiance 4.2. OS/400 support has also been delivered in the Threat Management System (TMS), or application firewall, component of the Defiance suite. "We're supporting iSeries for application and database encryption--database column-level support as well as the ability for applications in the iSeries to make a call through the VPS for application level security," Giardina says.
Data from the OS/400-based DPS and TMS components is also available to the Security Reporter and Security Publisher components of the Defiance Suite, which gives organizations the capability to enforce security policies across platforms and to conduct audits and generate security reports. "We're providing the ability to be tied into a central policy across the enterprise," Giardina says. "Our customers are looking for us to provide security not just for one platform but all platforms."
In addition to supporting OS/400, Defiance 4.2 also introduces cross-platform event correlation. Now, events detected by any Defiance component, such as the modification of a DB2/400 file, can trigger an alert and start a threat management escalation process. This technology was incorporated into the suite as the result of Protegrity's acquisition of OmniSecure in March.
Defiance 4.2 also boosts Protegrity's support for IBM zSeries mainframes and DB2 for mainframes. Today, the suite supports all major operating systems, including OS/400, z/OS, Windows, Linux, Solaris, AIX, HP-UX, and MP-RAS, as well as all the major databases.
Protegrity, which is a subsidiary of the Cayman Islands-based company Xcelera, currently has about 300 Defiance customers. One of the big business drivers right now is the new PCI security standard being required by credit card companies. "Retailers are definitely feeling the pinch," Giardina says, "but so are banks, financial institutions, insurance companies, credit card processors, charities--anybody who accepts credit cards.
Defiance is typically sold as a bundled suite, called Defiance Enterprise, that includes all components, including TMS, DPS, VPDisk (a file-level encryption solution that's a subset of DPS), and the Security Reporter and Security Publisher consoles. All of the platform-specific pieces run on the particular server they're designed to protect, while the reporting pieces and console components run on Windows or Linux workstations.
Pricing for Defiance Enterprise 4.2 starts at $36,000. From there, customers buy platform-specific agents that provide all of the data encryption and application firewall capabilities. These platform-specific pieces start at $10,000 per server, with a cost of $3,000 for each additional server, or logical partition (LPAR) for the iSeries world. The mainframe agents are more expensive because they require more work to maintain.
Defiance 4.2 is available now. For more information, visit www.protegrity.com.
|
