CCSS Adds Syslog Support to QMessage Monitor

July 21, 2009 Alex Woodie

System i shops that rely on the QMessage Monitor from CCSS to automate the handling of System i messages can now export those messages to third-party products as a result of the recently announced support for the Syslog message format. This will give QMM customers the capability to use cross-platform security event and information management (SEIM) products to keep watch over their entire IT environment, among other uses.

QMessage Monitor is a message management solution for single- and multi-site OS/400, i5/OS, and IBM i OS implementations. The software constantly watches a variety of system messages, logs, and journals so operators don’t have to and provides a range of filtering options to ensure that the most critical messages are brought to somebody’s attention, via the Windows-based console or through paging and alerts, while escalation procedures ensure a response to critical messages.

It’s been a while since QMM was updated, the last release being version 6.064 in the spring of 2007. Now, with the release of version 6.073, CCSS is helping its customers by enabling the product to route System i messages outside the product using Syslog. This new features should be a boon for System i shops that are struggling with managing the System i server in conjunction with other platforms.

Syslog is a standard for forwarding log messages in an IP network. While Syslog is the most widely supported protocol for sharing messages generated by a range of servers, it is not supported natively in i OS. This has provided work for third-party security management vendors, who have developed connectors for converting richly detailed i OS operational and security messages into the Syslog format.

While the System i often generates more security-related messages than other platforms, the messages are somewhat cryptic to the uninitiated and can be hard to share off-platform. This creates a liability for organizations that aim to manage the security for all platforms from a central point using an overarching SEIM product.

Now, with the capability to generate Syslog content, QMM can help customers to move relevant security and operational messages from the System i to a SEIM product. QMM is well positioned for this role, thanks to its advanced filtering mechanisms to suppress the minor and unimportant messages and amplify the most important and critical. This will help to ensure that the “talkative” nature of the System i messaging system does not overwhelm the SEIM product and drown out messages with potentially serious ramifications.

The addition of Syslog to QMM gives customers greater flexibility in how they use the product, says CCSS product manager Paul Ratchford.

“Part of the underlying equation for any messaging solution is not only the types of messages that are being generated, but also, how they are delivered,” he says in the announcement. “With each company and [piece of] network environment, the needs are unique, so we need to provide the maximum number of choices so customers can tailor the delivery to suit their resources, shift patterns, and communications preferences. The addition of Syslog is a good example of how we’re always looking at both sides of that equation and seeing how we can do more, and better, for our customers.”

QMM version 6.073 is available now. Pricing was not disclosed. For more information, visit the company’s Web site at www.ccssltd.com.

RELATED STORIES

Love’s Likes CCSS for PCi

CCSS Addresses SOX Requirements in QMessage Monitor

CCSS Boosts Problem Resolution in QMessage Monitor

Message Monitoring Software from CCSS Gets Tighter Security

                     Post this story to del.icio.us
               Post this story to Digg
    Post this story to Slashdot

Tags:

CYBER-ATTACKS ON THE RISE. PROTECT WITH THE TRIPLE PLAY.

COVID-19 has not only caused a global pandemic, but has sparked a “cyber pandemic” as well.

“Cybersecurity experts predict that in 2021, there will be a cyber-attack incident every 11 seconds. This is nearly twice what it was in 2019 (every 19 seconds), and four times the rate five years ago (every 40 seconds in 2016). It is expected that cybercrime will cost the global economy $6.1 trillion annually, making it the third-largest economy in the world, right behind those of the United States and China.”1

Protecting an organization’s data is not a single-faceted approach, and companies need to do everything they can to both proactively prevent an attempted attack and reactively respond to a successful attack.

UCG Technologies’ VAULT400 subscription defends IBM i and Intel systems against cyber-attacks through comprehensive protection with the Triple Play Protection – Cloud Backup, DRaaS, & Enterprise Cybersecurity Training.

Cyber-attacks become more sophisticated every day. The dramatic rise of the remote workforce has accelerated this trend as cyber criminals aggressively target company employees with online social engineering attacks. It is crucial that employees have proper training on what NOT to click on. Cyber threats and social engineering are constantly evolving and UCG’s Enterprise Cybersecurity Training (powered by KnowBe4) is designed to educate employees on the current cutting-edge cyber-attacks and how to reduce and eliminate them.

A company is only as strong as its weakest link and prevention is just part of the story. Organizations need to have a quick response and actionable plan to implement should their data become compromised. This is the role of cloud backup and disaster-recovery-as-a-service (DRaaS).

Data is a company’s most valuable asset. UCG’s VAULT400 Cloud Backup provides 256-bit encrypted backups to two (2) remote locations for safe retrieval should a cyber-attack occur. This is a necessary component of any protection strategy. Whether a single click on a malicious link brings down the Windows environment or an infected SQL server feeds the IBM i, once the data is compromised, there is no going back unless you have your data readily available.

Recovery is not a trivial task, especially when you factor in the time sensitive nature of restoring from an active attack. This leads to the third play of the Triple Play Protection – DRaaS. Companies have myriad concerns once an attack is realized and a managed service disaster recovery allows employees to keep focus on running the business in a crisis state.

The combination of training employees with secure backup and disaster recovery offers companies the best chance at avoiding financial disruption in an age of stronger, more frequent cyber-attacks.

Reach out to UCG Technologies to discuss your company’s security needs and develop a data protection plan that fits you best.

ucgtechnologies.com/triple-play

800.211.8798 | info@ucgtechnologies.com