Cilasoft Security Software Gaining U.S. Business

March 8, 2011 Dan Burger

If you had a security audit tomorrow, would you pass? Security insiders say, more often than not, that security holes are numerous at IBM i shops, and are quite big in some cases. For IBM i security software vendor Cilasoft, the overall lack of good security policies in United States companies is leading to an uptick in sales of software and services.

Dan Riehl is one of the top security experts in the IBM i community. He is currently the head of U.S. operations for Cilasoft, a French security software company that’s grabbing business in the United States since Riehl began representing its suite of software products.

Riehl is well connected and knows the ins and outs of IBM i security from the end user perspective like a cop knows his beat. Much of his experience comes from his days as founder, president, and CEO of PowerTech Group, one of the largest and best known security vendors in the IBM community. He and PowerTech went separate ways in 2009.

During a phone conversation with Riehl last week, he let me know Cilasoft is picking up some of its new customers from companies that are moving off older security products from some well-known security software vendors. Riehl says Cilasoft’s modern reporting interfaces–including text message, e-mail, spreadsheets, and PDF–are a big reason companies prefer Cilasoft.

Riehl also noted Cilasoft’s suite of security products, which is currently in its version 5 release, will be adding new features in a 5.1 release coming in June. The official announcement of this release will be made at the COMMON Annual Meeting and Exposition, which will be held May 1-4 in Minneapolis, Minnesota.

The Cilasoft suite consists of Database View Monitor for i, QJRN/400, and CONTROLER.

QJRN/400 uses the database and system journaling to provide an audit trail. It includes a query manager to allow specific selections and customizable reports processed in both real time or scheduled mode.

CONTROLER is the software that either allows or prevents users accessibility to data.

Database View Monitor identifies when files are accessed regardless of whether a change was made or not. It provides record-level information that identifies the user, what workstation was being used, what program was used to access the record, and the date and time the access occurred.

Each product is licensed separately, but is designed to work as an integrated environment. Pricing is tier-based and begins at approximately $7,000 for use on a P05 box.

Among the enhancements that will be added in the 5.1 release are the support for the SQL Field Procedure exit point that was added in IBM i 7.1 and the SMTP exit point for companies using IBM i to send and receive e-mail. Riehl also noted the capability to report on abnormal queries–long-running queries or other SQL problems–will be on the new feature list.

“Everyone is plagued by a user that starts off a nasty ODBC statement that joins 10 files together and runs forever, hogs up a ton of CPU and system resources while running a meaningless query,” he said. “The new Cilasoft CONTROLER will allow queries to be controlled by a rules set that limits the impact on the operating system.

“There are already alerts that are generated when query anomalies occur,” Riehl continues, “but this allows users to specify events and get reports at a specified time of day that will list query anomalies. Most people don’t want an alert every time a query goes awry. You want to know about high impact queries–those that are going to check millions of records if not controlled.”

The capability to set up users with interface screens in one language (Spanish, for instance) while reports are generated in another language (English for instance) will also be added in 5.1.

Also on the horizon is the integration of Cilasoft products with ERP modules from Lawson Software (available June 1), Oracle‘s JD Edwards (available in the third quarter 2011), and banking applications from SAP and Olympic Banking System.