Raz-Lee Certifies IBM i Security Tools with McAfee
January 21, 2014 Alex Woodie
Organizations that run IBM i security software from Raz-Lee Security can now feel comfortable hooking that software up to enterprise security tools from McAfee as a result of the certification that McAfee has bestowed upon the Raz-Lee products. The integration allows IBM i shops running Raz-Lee tools to bubble suspicious events detected on IBM i up to the security information and event management (SIEM) tools from McAfee for broader and more thorough security protection.
The certification ensures that Raz-Lee’s iSecurity suite can communicate accurately with two products from McAfee, including its Database Activity Monitoring (DAM) and Enterprise Security Manager (ESM), its flagship SIEM tool. McAfee, you will remember, is now owned by Intel.
McAfee’s DAM tool is designed to protect databases from external breaches and other malicious activity that violates security policies. The Windows-based product automatically terminates suspicious sessions and quarantines malicious users detected on Oracle, Microsoft SQL Server, MySQL, Sybase, Teradata, DB2 for LUW, DB2 for i (DB2/400), and DB2 for z/OS databases, according to McAfee’s systems requirements page for the product.
McAfee ESM is a SIEM product designed to consolidate, correlate, and report on security information from network endpoints and heterogeneous devices. ESM, which McAfee sells as pre-configured appliances, can process hundreds of thousands of security events per second from source systems, such as vulnerability scanners, authentication management systems, privacy solutions, and partner solutions, such as Raz-Lee’s iSecurity suite, which will now feed IBM i security events from the QAUDJRN and other queues in Syslog format to ESM.
The SIEM offering can also detect malicious behavior by comparing real-time network activity against billions of historical event logs. For added protection, customers can subscribe to McAfee Global Threat Intelligence (GTI) IP Reputation data feed to get additional intelligence on the behavior of cybercriminals from hundreds of millions of sensors around the world.
This is not the first integration of an SIEM solution with Raz-Lee IBM i security software. It’s also worked with the enVision SIEM from RSA Security, IBM‘s SIEM acquired from Q1 Labs, and those from HP and CA. It also has a partnership with Imperva for remote database monitoring.
Raz-Lee CEO and CTO Shmuel Zailer says he’s happy to have integrated the iSecurity tools as a member of McAfee’s Security Innovation Alliance (SIA) program, which it joined a year ago. “The use of iSecurity solutions will enable multi-platform users of McAfee DAM and McAfee ESM to incorporate real-time, database and security-related information and alerts originating from IBM i systems,” he says in a press release.