Safestone Goes AIX with Log Management and Compliance
September 28, 2010 Alex Woodie
Safestone Technologies, which historically has focused on IBM i security, made its first foray into the AIX world last week with the launch of Compliance Center for AIX. The software is designed to help organizations manage logs and compliance requirements for AIX servers, and follows a similar compliance product unveiled for IBM i earlier this year.
Compliance Center for AIX is a Windows-based tool designed to streamline the task of collecting security-related information for customers’ System p- and AIX-based Power Systems environments, and then presenting that data in the form of reports for compliance purposes.
The software looks for signs of un-secure configurations in many sensitive areas, including file permissions, user profiles, SQL commands, and network access via FTP, ODBC, and other common protocols. It also analyzes the AIX system log for security-related events, and looks for security anomalies, such as files and directories without owners.
The company touts the flexibility and ease of use of the graphical user interface for Compliance Center. Even non-technical employees can use the software to analyze their AIX server’s general security posture, the vendor says. Pre-configured reports are provided for major regulations like PCI DSS, SOX, Basel II, and HIPAA, and scheduling options are available. Consolidated reports can also be generated for multi-server or virtualized environments, including joint IBM i-AIX environments on Power Systems servers.
The new AIX software is largely based on the Compliance Center for IBM i (CCi) product the company launched in April, except it works in AIX partitions of Power Systems servers. Support for Linux is up next in the company’s development plans for this product, which will give Safestone complete coverage of all three Power Systems environments. A version for X64-based Windows production environments will follow the Linux version, the company says.
Getting into the compliance business for Unix servers is all part of Safestone’s plans, according to Terry Heath, chief operating officer for Safestone. “Releasing an AIX version of Compliance Center is a key step in our strategy of automating log management and compliance reporting for virtualized environments such as the IBM Power Systems,” Heath says in a press release.
Safestone, which has been in the security business for 21 years, is based in the U.K., and has a U.S. office in Seattle, Washington. For more info, see www.safestone.com.