PowerTech Updates i OS Log Management Software
June 17, 2008 Alex Woodie
The PowerTech Group last week launched a new release of Interact, its log management software that converts i OS (formerly i5/OS) security events to the Syslog format, which can then be consumed by third-party security information and event management (SIEM) tools. With the launch of Interact 3.0, PowerTech added support for 25 additional security-related events tracked by the i OS. The update also brings more details for remedying i OS systems with regulations like PCI, CoBIT, and ISO.
PowerTech officially launched Interact as a separate product in late 2007 to address the growing need to capture and tally System i security event information with third-party SIEM tools that have become the standard in the enterprise. Support for capturing i OS log data–such as entries in the security audit journal (QAUDJRN), the system (QSYSMSG), and system operator (QSYSOPR) message queues–in the de facto Syslog format was instrumental in gaining visibility of System i security event information using SIEM tools from ArcSight, CA, Cisco, High Tower Software, IBM‘s Internet Security Systems division, Intellitactics, LogRhythm, LogLogic, Symantec, OpenService, Q1 Labs, RSA, and TriGeo.
Sales of Interact have been good since PowerTech segregated the product and its functionality from the company’s flagship Network Security suite. “Since we released version 2.0 last year, the market has embraced Interact enthusiastically because of its ability to transmit events in real time to enterprise security consoles,” says John Earl, PowerTech’s CTO. “Security and network staff appreciate that OS/400 security events are parsed into a meaningful descriptions that they can understand.”
i OS operations and security staff (who are oftentimes the same person) now gain deeper coverage of i OS security events with Interact 3.0, which now supports an additional 25 event types.
Version 3 also brings a new OS/400 Compliance Guide that provides more detail about the i OS event types and their significance in complying with the Payment Card Industry (PCI) requirements, COBIT, and ISO standards that are driving so many SIEM roll-outs. The guide features multiple search and lookup options to help educate Interact users on the major i OS security risks, and how they relate to the regulations.
Other notable changes with version 3 include a “significantly” smaller installation footprint, which should improve the product’s performance, support for i 6.1 (formerly i5/OS V6R1), and support for IBM’s product licensing programs.
Interact 3.0 is available now. Pricing begins at $1,500 per logical partition. For more information and free 30-day trial downloads, visit PowerTech’s Web site at www.powertech.com.