Bsafe Steps Forward with New OS/400 Security Tools, Partners
October 4, 2005 Alex Woodie
This is a good time to be in the security software market, and Bsafe Information Systems knows it. With new laws like Sarbanes-Oxley, HIPAA, GLBA, and Basel II forcing companies to lock down their servers and the information they safeguard, Bsafe is angling for more business by building out its worldwide network of resellers and tech support centers, and by continuing the development of its OS/400 security product, Bsafe Enterprise Security, which is slated to ship at version 4.0 later this month.
The company says version 4.0, which is currently in managed availability, is a completely new product compared with Bsafe/Global Security, which was previously the flagship product and released at version 3.6 in March.
Bsafe Enterprise Security 4.0
One of the most important new features of Bsafe Enterprise Security 4.0 is support for Linux environments, either those running on an iSeries or on a separate server. The capability to manage the security settings for OS/400 and Linux environments from a single Windows-based GUI management console (which also received an overhaul) will make life easier for systems administrators, according to Bsafe officials, who say administrators are hindered by the hodge podge of various security tools they currently must use to secure different platforms.
While the OS/400 component of the product is concerned with locking down OS/400 exit points and other common platform tasks, the Linux module (which will be available separately for an additional charge) will provide more Unix-oriented protection, including securing things like Login, POP, Samba, FTP, and iMap controls.
In addition to supporting Linux servers from that Windows-based console, Bsafe Enterprise Security 4.0 will also give administrators the capability to manage any number of local or remote iSeries or Linux servers from that single GUI console. This release will also bring new “account swapping” functionality, which appears to be aimed at enabling administrators to quickly generate new user profiles by cloning existing user profiles and their authorities, and a new “role management” module, which will control the different administrators and their authorities and responsibilities.
Other enhancements in Bsafe Enterprise Security 4.0 include: better access to Telnet activity audit logs; more options added to file audit groups; more system journal report options; and the capability to restrict access to the CHGSPLFA command.
It is not possible to talk with Bsafe officials for very long without the conversation turning toward its Windows-based GUI management console. The company considers it their primary competitive advantage compared to other OS/400 security tools on the market. Officials say Bsafe’s advantage starts with the GUI management console and that all server-side agents were developed to provide the security logic to fit that GUI management console. Therefore the company didn’t have to “reverse engineer” any functionality to fit the GUI, and subsequently the entire product suite is more integrated and easier to use than green-screen commands or other security tools that require interaction with a green screen.
“It enables administrators to do sophisticated things that would be very difficult with green-screen commands,” says Paul Culin, who joined Bsafe a couple of years ago from OS/400 security software developer NetIQ. Culin works out of Bsafe’s Houston office as the North American director of professional services.
Reseller Network Expands
While work continues in Bsafe’s research and development lab, the company is making strides on the business side, too.
Things have never looked better for Bsafe in the United States. The Israeli company, which struggled to recruit resellers just a couple of years ago, has made notable strides in the U.S., thanks in large part to a partnership it formed with iSeries distributor Avnet at the beginning of the year. With Avnet on its side, its reseller network grew by leaps and bounds, and today the company boasts 20 partners in North America, in addition to three offices of its own in Toronto, Houston, and New Jersey, where Bsafe employees are stationed and provide sales and technical support.
While Bsafe has advanced in the U.S.–the largest software market in the world–it isn’t forgetting about other markets, where the majority of its hundreds of customers reside. For example, the company is rolling out a Japanese language version of its OS/400 security software, to target the growing iSeries opportunity in Japan. Bsafe, which also develops and sells zSeries security software, has customers in 35 countries, and 60 resellers around the world.
Bsafe Vulnerability Report
Selling iSeries security software should be easier with Bsafe Security Assessment, a new tool that the company is making available free to any OS/400 shop that sees value in checking the safety of its iSeries environment. We all know the iSeries is one of the most secure computer platforms, but the advent of IP-based network access, which circumvents OS/400’s traditional menu-based security system, can make it as vulnerable as a trailer park in a hurricane.
OS/400 shops can use the Bsafe Security Assessment tool to check the vulnerability of various aspects of their iSeries server, such as FTP, remote command, ODBC, password policy, system values, system audit settings, user authorities, special authorities usage, and network connections and port usage. The tool checks these settings on a given IP address, and generates a multi-page HTML report that details all of its findings, using a check-mark for areas with satisfactory security, and yellow and red icons for areas that are considered security risks.
Jim Dyson, chief executive of Bsafe reseller DyComp of Clemmons, North Carolina, says the free Bsafe Security Assessment is a great tool for customers. “Within ten minutes the tool can be installed on the iSeries and a report is generated outlining the security vulnerabilities of the machine,” he says.
The Bsafe Security Assessment will be particularly useful for companies engaged in compliance initiatives, says Brian Olson, security solutions manager for Bsafe reseller Able-One Systems of Toronto. “Any company facing compliance requirements of Sarbanes Oxley, HIPAA, SEC, or FDA will find this tool helpful in defining the security aspects of compliance,” Olson says.
“We want to be the leader” in OS/400 security software, says Shimon Bouganim, founder and chief executive of Bsafe. “We want to teach people to manage a global security environment.”