KST Offers DataTrigger to Protect DB2/400 Files
May 27, 2008 Alex Woodie
There are many different ways to secure data residing on an i OS-based server. From exit point programs and field-level encryption to firewalls and limiting powerful user profiles, there are as many protection techniques as there are ways to access the server. KST Software, an Israeli developer of i OS utilities, recently launched a new i OS security tool called DataTrigger that offers another approach: using DB2/400’s trigger technology to detect attempts to access specified files.
Two of the most powerful data protection techniques available to i OS-based Power Systems users are triggers and journaling, according to KST Software CEO and CTO Ram Aviram. While they offer deep, i-specific ways of monitoring attempts to access database files, performance and administrative issues have caused many i OS shops to avoid these approaches–performance problems in the case of triggers, and effectively dealing with the sheer volume of journal entries when journaling is turned on.
The performance concerns of using triggers have been largely solved with the new generation of extremely fast processors IBM has added to the platform, Aviram says. That puts the use of triggers back on the table as a good way to monitor specific files or specific users, he says.
However, that still leaves the issue of how best to implement triggers. That’s where Aviram’s new utility comes in. DataTrigger automatically generates triggers for DB2/400 physical files, eliminating the need to manually code the trigger.
DataTrigger creates two kinds of triggers, depending on the IT manager’s goal. If the manager wants to monitor a specific file, the software will create an alert anytime the file is accessed. The software can also be used to create global triggers, which are used to monitor specific users and the files they’re trying to access.
The utility also supports the use of conditional logic in the creation of triggers, enabling alerts to be sent out only when a file is changed by a certain amount. For example, if the value of a transaction changes by a certain amount, it will generate a trigger, but ignore all other transactions that fall within the accepted range. Similarly, the logic can be used to monitor the file activity only of specific types of users.
The software supports a query function that allows managers to generate reports on Data Trigger activity. It also includes a screen capture function enabling IT manages to see exactly what the user did after the fact.
Aviram says he is not aware of another product like DataTrigger that automates the creation of DB2/400 triggers. Many of the same benefits can be had through journaling, but journaling carries its own issues. “This is another type of product, and not everyone wants to use journaling because of the volume of the journal and performance,” he says.
DataTrigger was introduced in 2007, and is mainly used by banks and financial services companies, primarily in Israel. KST Software also has customers or deals in the works among companies in several other countries, including Spain, Italy, Sweden, Denmark, and Australia.
KST Software was founded in 1990, and has primarily developed and sold data conversion tools. The company has helped AS/400, iSeries, and System i shops around the world with currency conversion programs. The company is currently looking for a business partner in the United States.
DataTrigger version 3.1 is available now. The software supports OS/400 V4R2 through i 6.1 (formerly i5/OS V6R1). Pricing starts at $6,000 for a P05 box. For more information, visit www.security-datatrigger.com.