• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • PowerTech Delivers Object-Based Control Over Exit Points

    May 25, 2010 Alex Woodie

    For years, security experts have maintained that exit point programs will never offer the same capability as object-level security, the most powerful aspect of the i/OS security apparatus. But with this month’s release of Network Security 6.0, PowerTech says it has come up with a way to control access to i/OS exit points at the object level. Whether it provides the same functionality as true object-level security or not, the new capability is sure to create some buzz for the Help/Systems subsidiary.

    Network Security is an i/OS security tool designed to prevent unauthorized access to System i resources over the network. Its main function is to monitor and control access to more than 30 exit points in i/OS, including network access points such as FTP and ODBC that are not controlled through the platform’s traditional menu-based security paradigm. And if someone does get access to something that they shouldn’t, Network Security is charged with detecting that security policy violation, and notifying the administrators.

    With Network Security 6.0, the company has implemented another layer of protection over exit points, those i/OS elements that IBM added after-the-fact to provide a modicum of security and control over transactions that are initiated or responded to via modern protocols like ODBC and FTP, which were not yet mainstream when the OS/400 operating system and its integrated security mechanisms were created way back in 1988.

    In particular, PowerTech says Network Security 6.0 gives administrators the capability to define exit point access rules based on i/OS objects. Previously, the software could only set access rules based on the user profile or on the IP address that initiated the access attempt. These new object-based rules will let administrators control access to both the object and the data contained within the object, and they work across all programs, files, libraries, and folders, as well as IFS directories and files, the company says.

    This gives security administrators an “incredibly powerful capability,” says PowerTech product support manager Jill Martin, in a PowerTech PowerBlog posting. “This means it is possible now to restrict and audit access to an object regardless of the syntax of the incoming request.

    “In SQL for example, Select fld1, fld2 from myfile was previously seen as a different request to select fld1 from myfile,” she continues. “As humans, we could look at that and know it was pulling the same data, but the server couldn’t. This capability adds to the powerful transaction-based rules that Network Security has long been admired for.”

    Security experts have struggled with resolving the differences between the level of control that can be accomplished through exit points and the object-level security feature in i/OS. In a 2006 whitepaper on the topic, former PowerTech CTO John Earl (who is now CEO of Patrick Townsend Security Solutions) concluded: “After exhaustive analysis of this issue, PowerTech is convinced that it is just not possible for exit programs to accurately mimic OS/400 object level security. Put even more simply: Only OS/400 can provide object level security.”

    The new version brings several other enhancements, including redesigned menus and screens that make it easier to define access rules, and a new selective activation process that makes it easier for customers to decide which exit points they will secure. In the PowerBlog, Martin says this feature “allows a staged approach to integrate Network Security into the operating system, something that is often important in large IT shops.”

    Version 6.0 also introduces new reports that provide a greater level of detail about the security rules and activity on the system. PowerTech also added a new installation wizard to streamline the installation process.

    PowerTech plans to hold a Webinar in the near future to discuss Network Security 6.0 with interested participants. For more information, visit www.powertech.com.

    RELATED STORIES

    i/OS Security Warnings: Like Talking to a Brick Wall

    PowerTech Acquired by Help/Systems, Private Equity Firm

    PowerTech Updates Compliance Manager

    PowerTech Tools Build Trust By Decreasing Authority

    PowerTech Unveils New Password Utility

    PowerTech Picks New President and CEO

    PowerTech Debuts ComplianceMonitor, Studies Security Practices



                         Post this story to del.icio.us
                   Post this story to Digg
        Post this story to Slashdot

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags:

    Sponsored by
    CYBRA

    The next generation of barcode labeling software is here

    MarkMagic X

    MarkMagic barcode labeling software is the easiest way to design and print the barcode labels, electronic forms, reports, and RFID tags you need to communicate with your customers and suppliers.

    MarkMagic X comes in two major editions – one for IBM i, and one for WIndows, Linux, UNIX, IBM AIX, and other major operating systems.

    Learn More About MarkMagic X

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Sponsored Links

    IBS:  Free e-book: The Six Margin Killers in Wholesale Distribution
    WorksRight Software:  ZIP codes, area codes, Canadian postal codes, CASS certification, and more
    COMMON:  Join us at the Fall 2010 Conference & Expo, Oct. 4 - 6, in San Antonio, Texas

    IT Jungle Store Top Book Picks

    Easy Steps to Internet Programming for AS/400, iSeries, and System i: List Price, $49.95
    The iSeries Express Web Implementer's Guide: List Price, $49.95
    The System i RPG & RPG IV Tutorial and Lab Exercises: List Price, $59.95
    The System i Pocket RPG & RPG IV Guide: List Price, $69.95
    The iSeries Pocket Database Guide: List Price, $59.00
    The iSeries Pocket SQL Guide: List Price, $59.00
    The iSeries Pocket Query Guide: List Price, $49.00
    The iSeries Pocket WebFacing Primer: List Price, $39.00
    Migrating to WebSphere Express for iSeries: List Price, $49.00
    Getting Started With WebSphere Development Studio Client for iSeries: List Price, $89.00
    Getting Started with WebSphere Express for iSeries: List Price, $49.00
    Can the AS/400 Survive IBM?: List Price, $49.00
    Chip Wars: List Price, $29.95

    Catch the Wave: OCEAN Hosts 17th Annual User Group Meeting Five Steps To Monitoring Your Server Log on IBM i

    Leave a Reply Cancel reply

Volume 10, Number 20 -- May 25, 2010
THIS ISSUE SPONSORED BY:

ProData Computer Services
Bytware
RevSoft
IBS
VAULT400

Table of Contents

  • Security and Auditing Breakthrough Gives Cilasoft Compliance Advantage
  • DBU Now Accessible Over the Web
  • PowerTech Delivers Object-Based Control Over Exit Points
  • IBM Considers Offering Trials of RPG OA
  • Databorough Targets CA 2E Apps for Migration
  • IBM to Buy Sterling Commerce for $1.4 Billion
  • IBM Power System Powers IBM Power Systems
  • Software Helps Truckers Cope with CSA 2010
  • Halcyon Snaps Up Snapshot
  • Saudi Distributor Taps VAI for Logistics Improvement

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • IBM i Software And Power Systems Upgrades Keep Rolling Forward
  • Preparing For What’s Next In A Thoughtful, Structured Way
  • Guru: Fall Brings New RPG Features, Part 3
  • ARCAD Plugs IBM i DevOps Suite Into Microsoft Azure
  • Park Place Buys Curvature To Become Maintenance Goliath
  • 2021 Predictions for IBM i, Part 1
  • West Four Stands Out With On Demand Color Label Printing
  • HelpSystems Acquires Data Security, File Transfer Companies
  • Four Hundred Monitor, January 13
  • IBM i PTF Guide, Volume 23, Number 2

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2021 IT Jungle

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.