• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • User Activity Monitoring from PacketMotion to Support i OS

    December 1, 2009 Alex Woodie

    System i shops that are concerned about the high level of access granted to systems administrators and others, but are hesitant to put controls in place for fear of slowing down transaction times, may want to consider trying out a new agent-less user activity monitoring (UAM) solution that is coming to the platform. PacketMotion recently rolled out support for TN3270 with its appliance-based UAM solution, called PacketSentry, and is close to beginning beta tests for a similar offering that will support the IBM i OS via TN5250.

    The practice of over-allocating user credentials is a universal problem. It has been well documented in the System i world, where the majority of companies run with too many privileged user profiles, such as security administrator (SECADN) or all object authority (ALLOBJ), according to security vendor PowerTech‘s annual security survey.

    The same kind of problem affects users of Windows, Unix, and mainframe servers, and customers are looking for solutions to deal with it, says Jonathan Gohstand, PacketMotion’s vice president of marketing.

    “I see people really grappling with this in the mainframe, and we’re starting to see it on the AS/400 as well, because if they’re using an application and the application doesn’t have the proper logging, you’re awfully limited it what you can do,” Gohstand says. “You can go to the vendor and request them to add the logging. Good luck with that. Or if it’s homegrown, nobody wants to touch the software because they’re afraid they’ll mess something up.”

    PacketMotion started developing PacketSentry about five years ago for the purpose of boosting user security. Along the way, the company added regulatory compliance to its repertoire. Today, the company’s approach to development and marketing leans heavily on the fact that many organizations don’t have the time or expertise to modify existing systems to improve security and achieve compliance with HIPAA, PCI, SOX, etc.

    The PacketSentry solution basically monitors all of the actions that users–and “superusers” with special privileges in particular–take on critical systems for signs of suspicious or unauthorized activity, and stores that data in an integrated Oracle database that generates the required reports. Customers can also activate PacketSenry’s security functionality and block unauthorized activity.

    While it’s a pre-loaded offering (and one that doesn’t require a dedicated Oracle DBA, by the way), customers can customize their PacketSenry devices to meet their specific needs. For example, the customer could instruct the software to not let anybody to sign in using the systems administrator profile if they’re coming in over VPN. Or user profiles used by outside contractors can be restricted to only allow access to certain machines, which will be heavily logged.

    Most of PacketMotion’s early customers have been on Unix and Windows machines, so supporting UAM on mainframes required PacketMotion to get a little creative, according to Gohstand. What the company instituted was a system that basically keeps a screen-by-screen log of a user’s TN3270 session. Also, by correlating the mainframe audit trails with the Windows domain ID of the computer on which the telnet session was running, PacketMotion is able to eliminate any account sharing or confusion about where the session was running.

    PacketMotion will use the same approach to support UAM on the System i server via 5250. General availability is tentatively planned for January, and the company is now accepting applications to participate in the System i beta test.

    While hardened appliances are gaining favor for security and compliance tasks, they are not all created equally, according to Gohstand. Traditionally, a security information and event management (SIEM) or UAM appliance would be installed inline to monitor application traffic. However, this heightens the risk of an outage, because if something happens to the UAM device, then transactions cannot get through. This necessitates a second SIEM or UAM device for failover purposes, and the complexity increases.

    The company gets around this problem by plugging PacketSenry Probe appliances into the monitored or “expand” ports of a switch, which duplicates all of the production network traffic, but does not impede its flow. The Probe appliance then sends the subject traffic to the PacketSentry Manager appliance, which is where the Oracle database is loaded.

    “For example, you could have eight switches in front of an AS/400 or a mainframe, and have the monitored port sent to us, so we’re reporting everything going on, but we’re not inline,” Gohstand says. “The important thing is, if our solution blows up, traffic still goes through the switch to server. It’s not going to affect anything.”

    PacketMotion has garnered praise from Gartner, which labeled it a “cool vendor,” and other analyst groups for its PacketSentry offering, which starts at around $50,000. For more information, visit www.packetmotion.com.



                         Post this story to del.icio.us
                   Post this story to Digg
        Post this story to Slashdot

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags:

    Sponsored by
    PERFSCAN

    Revolutionary Performance Management Software

    At Greymine, we recognize there is a void in the IT world for a dedicated performance management company and also for a performance management tool that’s modern, easy to use, and doesn’t cost an arm and a leg. That’s why we created PERFSCAN.

    PERFSCAN is designed to make your job easier. With revolutionary technology, an easy-to-read report and graphics engine, and real time monitoring, tasks that used to take days can now take minutes. This means you will know your system better and will be able to provide better service to your customers.

    OUR FEATURES

    PERFSCAN is full of robust features that don’t require you to take a three-day class in order to use the product effectively.

    Customizable Performance Reporting

    Whether you are troubleshooting a major system problem or simply creating a monthly report, PERFSCAN lets you select any combination of desired performance metrics (CPU, Disk, and Memory).

    User Defined Performance Guidelines

    No matter if you are a managed service provider managing complex systems in the cloud or a customer analyzing your on-premises solution, PERFSCAN gives you the flexibility to define all mission critical guidelines how they need to be.

    Understanding The Impact Of Change

    Tired of all the finger pointing when performance is suffering? PERFSCAN’s innovative What’s Changed and Period vs. Period analysis creates a culture of proof by correlating known environmental changes with system performance metrics.

    Comprehensive Executive Summary

    Creating performance graphs is easy. Understanding what they mean is another thing. With one mouse click, PERFSCAN includes an easy-to-understand executive summary for each core metric analyzed.

    Combined Real-Time Monitor And Performance Analysis Tool

    With PERFSCAN’s combined built in enterprise real-time monitor and historical performance analysis capability, you will always know how your mission-critical systems are performing.

    Cloud Performance Reporting Is Easy

    Managing performance for production systems in the cloud can be a black hole to many system administrators. The good news is PERFSCAN analyzes all core metrics regardless of the location. That’s why MSPs and customers love PERFSCAN.

    Detailed Job Analysis

    PERFSCAN shows detailed top job analysis for any desired period. All metrics are displayed in two ways: Traditional Report and Percentage Breakdown Pie Chart. This toggle capability instantly shows the jobs using the most system resources.

    Save Report Capability

    Your boss lost the report you gave to him on Friday. Now what do you do? With PERFSCAN’s save report capability, any report can be retrieved in a matter of seconds.

    Professional PDF Reporting With Branding

    Creating professional looking reports for your customers has never been easier with PERFSCAN. Branding for our partners and service provider customers is easy with PERFSCAN.

    Check it out at perfscan.com

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Sponsored Links

    Profound Logic Software:  FREE OnDemand Webinar. Learn how to easily build and extend i apps
    LANSA:  Take your apps to a new dimension with RAMP. FREE Webinar!
    Manta Technologies:  Your complete source for IBM i training

    IT Jungle Store Top Book Picks

    Easy Steps to Internet Programming for AS/400, iSeries, and System i: List Price, $49.95
    The iSeries Express Web Implementer's Guide: List Price, $49.95
    The System i RPG & RPG IV Tutorial and Lab Exercises: List Price, $59.95
    The System i Pocket RPG & RPG IV Guide: List Price, $69.95
    The iSeries Pocket Database Guide: List Price, $59.00
    The iSeries Pocket SQL Guide: List Price, $59.00
    The iSeries Pocket Query Guide: List Price, $49.00
    The iSeries Pocket WebFacing Primer: List Price, $39.00
    Migrating to WebSphere Express for iSeries: List Price, $49.00
    Getting Started With WebSphere Development Studio Client for iSeries: List Price, $89.00
    Getting Started with WebSphere Express for iSeries: List Price, $49.00
    Can the AS/400 Survive IBM?: List Price, $49.00
    Chip Wars: List Price, $29.95

    AMD Taps IBM Chiphead for Board of Directors Retrieving and Storing SQL Source for DB2 Database Objects

    Leave a Reply Cancel reply

Volume 9, Number 43 -- December 1, 2009
THIS ISSUE SPONSORED BY:

Help/Systems
Bytware StandGuard Security
Vision Solutions
ARCAD Software
East Coast Computer

Table of Contents

  • Simply Continuous Aims to Narrow ‘Recovery Gap’ with DR Solution
  • ManageEngine Adds i OS Support to Application Performance Tool
  • User Activity Monitoring from PacketMotion to Support i OS
  • Single-Platform, Technology-Focused Security Unwise Says Ex-IBMer Botz
  • NGS Adds PDF and Excel Report Generation to BI Suite
  • TMW to Give EGL a Chance for i OS App Modernization
  • System i Hosting Firm Taps CCSS for Systems Management
  • Steel and Lace: Lawson Upgrades M3 for Equipment and Fashion Industries
  • Equipment Dealer Lauds Attunity for Speedy DB2/400 Replication
  • First Option Goes SaaS with iSeries Watchdog

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • Fortra Issues 20th State of IBM i Security Report
  • FNTS Launches Managed Services for Power Servers in IBM Cloud
  • Total LTO Shipped Capacity Up Slightly in 2022
  • Four Hundred Monitor, May 24
  • Update On Critical Security Vulnerability In PowerVM
  • Critical Security Vulnerability In PowerVM Hypervisor
  • IBM Power: Hosted On-Premises Or In The Cloud?
  • Guru: Watch Out For This Pitfall When Working With Integer Columns
  • As I See It: Bob-the-Bot
  • IBM i PTF Guide, Volume 25, Number 21

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2023 IT Jungle