• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • Raz-Lee Cracks Down on CL Commands with New Software

    July 24, 2012 Alex Woodie

    Raz-Lee Security this month unveiled a powerful new IBM i security tool that gives administrators the power to prevent users from issuing control language (CL) commands. The new product, called Command, is the most complete CL control product on the market, the company claims.

    Securing IBM i servers can be a complex process that requires taking several different approaches. Exit points must be monitored to ensure no untoward activity is taking place via FTP or another network access route. Authority levels must be properly configured and continuously watched. Encryption, journaling, and passwords are other areas to consider.

    But one area that has been tough to crack down on is CL commands. For experienced users and administrators, CL commands are quick and powerful ways to accomplish tasks. In the hands of a rouge user, however, the CL prompt can be a dangerous gap in the security net surrounding the IBM i server.

    Several security software vendors offer tools to help reign in CL abuse. However, they don’t go far enough to crack down on CL use, Raz-Lee CEO Schmuel Zailer said during the recent COMMON conference in Anaheim, California, where he talked about the forthcoming product launch. A clever user could easily mask his intentions by hiding CL commands within other commands and CL programs, and the other CL-blocking tools don’t address this, he said.

    The new Command product addresses this by analyzing each CL command, including, its parameter, origin, and context (i.e. the program which initiated the CL command), not to mention the user. “Command is the only product that has the ability to refer, for analysis or change, to each part of a complex parameter separately, as well as to the parameter as a whole,” the company says in a press release.

    When Command is turned on, it will reject or allow any IBM or user-defined CL command. It will also initiate alerts by e-mail, syslog, and Twitter. Security administrators can modify the software based on an element, a qualifier, an entire parameter, or the CL command itself, the company says. All product activity is logged, and reports can be automatically generated and distributed as PDF or HTML documents via email.

    The product provides an extensive log via a full Report Generator and Scheduler, and e-mails HTML and PDF reports. The product is a component of Raz-Lee’s iSecurity suite.

    The new product answers requests from Raz-Lee customers for a “firewall” type product for CL commands, says Eli Spitz, the company’s vice president of business development. “Command’s … features, such as the ability to display the program library as well as the programs in the program stack when the command was issued, are market-unique features which add to the usefulness and benefits of the product,” he stated in a press release.

    Command is available now. Pricing is tier-based and ranges from $2,500 to $9,500. For more information on the product see the company’s website at www.razlee.com.

    RELATED STORIES

    Raz-Lee Unloads New Products at COMMON

    Raz-Lee Claims IBM i Data-Access Breakthrough with DB-Gate

    Raz-Lee Feeds IBM i Data into RSA SIEM

    Raz-Lee Unveils GUI for IBM i Journal Security Tool

    Raz-Lee Gets the Twitter Bug

    Imperva and Raz-Lee Team Up for DB2/400 Security Software

    Raz-Lee Adds Object-Level Security to i OS Security Suite



                         Post this story to del.icio.us
                   Post this story to Digg
        Post this story to Slashdot

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags:

    Sponsored by
    OCEAN User Group

    OCEAN TechCon22 – July 21-23, 2022

    Three Days of Inspiration & Innovation!
    In-Person & Online

    Join your IBM i Community for hands-on learning from technical presentations and workshops, plus a Vendor Solutions Expo. Technically, We’re passionate about continuing education on the IBM Power Systems platform!

    Register Now!

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Sponsored Links

    Townsend Security:  View the recorded Webcast: Secure Managed File Transfers for the IBM i
    Help/Systems:  FREE: Download the IBM i Scheduling Survival Guide
    Abacus Solutions:  More affordable and flexible alternatives to deliver secondary workloads

    IT Jungle Store Top Book Picks

    BACK IN STOCK: Easy Steps to Internet Programming for System i: List Price, $49.95

    The iSeries Express Web Implementer's Guide: List Price, $49.95
    The iSeries Pocket Database Guide: List Price, $59
    The iSeries Pocket SQL Guide: List Price, $59
    The iSeries Pocket WebFacing Primer: List Price, $39
    Migrating to WebSphere Express for iSeries: List Price, $49
    Getting Started with WebSphere Express for iSeries: List Price, $49
    The All-Everything Operating System: List Price, $35
    The Best Joomla! Tutorial Ever!: List Price, $19.95

    IBM i Tech Conference Keeps Education Light Burning Is An RPGOA-like Standard For HTML5 On The Horizon?

    Leave a Reply Cancel reply

Volume 12, Number 20 -- July 24, 2012
THIS ISSUE SPONSORED BY:

looksoftware
SEQUEL Software
HiT Software
Tembo Application Generation
RJS Software Systems

Table of Contents

  • CYBRA Completes Forms Journey with MarkMagic 8
  • Jumping Hurdles From Green Screen to Graphical
  • Software AG Maintains Investment in Jacada Tools
  • Raz-Lee Cracks Down on CL Commands with New Software
  • Robot/NETWORK Now Displays Performance Data
  • Emulator Vendors Begin March Toward Windows 8
  • Go Bankrupt, Get Free Software
  • IntelliChief Lands More Infor Customers
  • Zend Releases Hotfix Update for IBM i PHP Stack
  • Introducing the IBM Intranet Experience

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • IBM Mulls Using DataMigrator as Cloud Warehouse Pipeline
  • PowerTech AV Automatically Detects Ransomware Activity
  • Infor Puts CM3 Project On Hold
  • Four Hundred Monitor, June 29
  • IBM i PTF Guide, Volume 24, Number 26
  • Guild Mortgage Takes The 20-Year Option For Modernization
  • IBM i Licensing, Part 3: Can The Hardware Bundle Be Cheaper Than A Smartphone?
  • Guru: The Finer Points of Exit Points
  • Big Blue Tweaks IBM i Pricing Ahead Of Subscription Model
  • We Still Want IBM i On The Impending Power E1050

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2022 IT Jungle

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.