Enforcive Gives Security Policy Checks a Graphical Makeover
February 18, 2014 Alex Woodie
You can have the best IBM i security in the world, but unless you have a way to prove it to auditors and other interested parties, the security solution is not complete. With the latest release of Enforcive Systems‘ flagship Enterprise Security suite, the company has added a graphical overlay to the security policy assessment component, thereby providing customers and auditors with an easy way to ascertain the strength of an IBM i security configuration.
Enforcive/Enterprise Security offers a breadth of enterprise security features for the IBM i platform, including exit point management, object authority management, IP packet filtering, encryption and masking, log management, cross-platform audit, and security policy management capabilities.
The new graphical overlay capability that Enforcive announced with Enterprise Security suite version 8 in November is designed to help ensure that the various security configurations controlled through Enforcive’s tools or IBM i itself–including settings related to user profiles, objects, system values, IFS, authorization lists, and object integrity–are in line with policies and external regulations.
Specifically, the new graphical overlay for Enforcive’s Policy Compliance Manager component provides users and auditors with visual clues designed to help organizations determine whether an actual IBM i security configuration is in compliance with security policies.
And because security compliance is rarely a one-size-fits-all affair, Enforcive provides users with the capability to give weights to deviations and compliance. This will help users and regulators gain a better view of the actual strengths and weaknesses of a customer’s particular IBM i security posture.
Version 8 of Enforcive/Enterprise Security brings several other capabilities, including IFS data auditing features. This feature enables users to track changes to IFS files at the “data level,” including the before and after images of the file. Alternatively, the feature allows users to check their IFS settings and report on them with the Enterprise suite’s report generator function. The data-level monitoring function is in addition to existing IFS features, including securing and tracking IFS transactions and checking IFS settings integrity.
Version 8 also introduces a new Syslog export capability. This will enable an Enforcive customer to export all of its transaction logs to a security information and event management (SIEM) tool in Syslog, which is the standard format for such files.
The new version also brings new features designed to help with a multi-system implementation of Enforcive/Enterprise Security. Specifically, the software brings the capability to propagate user management, system, and report settings across one or more IBM i systems or partitions.
Lastly, Enforcive has added the capability to generate an alert based on the execution of SQL statements. Certain types of SQL statements are potentially hazardous to IBM i security, including those that are run interactively or those that are embedded in other programs. The company also added an alert for changes to internal operations in the Enforcive product itself.