Trinity Guard Gives PentaSafe Customers a Lifeline
June 7, 2017 Alex Woodie
IBM i shops that still use PentaSafe security and auditing tools will be glad to know that a company named Trinity Guard has emerged to continue developing and supporting the products. The Houston, Texas, company has already rewritten the flagship IBM i auditing tool to support the Authority Collection in IBM i 7.3, and major rewrites for two other PentaSafe products are in the works.
Almost 15 years ago, NetIQ bought PentaSafe for $255 million in one of the first of many deals that would help consolidate the IBM i software market in the years to come. Save for a minor 2005 product update, it was the last time IT Jungle would hear from NetIQ about OS/400, i5/OS, or IBM i security.
That radio silence didn’t just exist in the public company’s marketing department. The former PentaSafe developers who created the “trinity” of core tools – PS-Audit, PS-Secure, and PS-Detect – would soon leave the company to join other firms. Further acquisitions by NetIQ pushed PentaSafe further down on the list of priorities, and over time, the development team dwindled to just a handful of engineers.
Clearly, PentaSafe was not a priority at NetIQ, and the ensuring lack of innovation and development frustrated PentaSafe customers. While the core products were solid and ostensibly “updated” to support new versions of the operating system, they were not being refreshed with the new security and auditing features that IBM was unleashing in the operating system.
Before they left NetIQ/Attachmate, Tony Perera and Pauline Ayala were the only two IBM i engineers left on the payroll. They looked on in frustration as PentaSafe customers requested updates and new content to keep their security tools up to date, only to have NetIQ/Attachmate decline the requests.
“To tell you the truth, they didn’t have a real vision. With the acquisitions, they got sidetracked from the IBM i side,” Perera tells IT Jungle. “They were not willing to invest money to do a roadmap.”
Ayala agrees. “It was hard getting people to understand the IBM i business,” she says. “And coming out on our own seemed to be a better way to get the needs met and to grow quickly.”
Spinning Out Trinity
Ayala and Perera decided to leave NetIQ/Attachmate in 2013 — before the merger with Micro Focus and last year’s acquisition of HPE — and found their own company to continue developing PentaSafe products.
Thanks to a partnership deal struck with Micro Focus, Trinity Guard became the OEM supplier for the English firm’s PentaSafe products. It also provides all the technical support and sales support for PentaSafe customers and prospects. Any PentaSafe customer current on maintenance with Micro Focus is entitled to receive rewrites delivered by Trinity Gard.
According to Perera, there are still 300 PentaSafe customers around the world, which is a surprisingly large installed base for a product that hasn’t had a real update in ages. While some have migrated to PowerTech or other IBM i security tools, many of the customers stayed with PentaSafe because of the core underlying strength of the software.
“They still have most of the Fortune 500 and Global 2000 customers,” Perera says. “Although NetIQ neglected [the software], all the big clients have stayed.”
The PentaSafe exit point program, called remote request management, “is still one of the best in the market,” Perera added. “This is my personal option. We still won deals against PowerTech. It’s pretty robust. That’s what kind of saved them, because there aren’t many competitors with a robust network security solution. So that was the saving grace at that point.”
Trinity Guard currently has 14 employees and five openings. The company even sponsored two interns from a local Houston college to teach them about IBM i security. “There’s still more education to be done,” Perera says. “There are some false impressions by some of the customers that IBM i is already secure and so we don’t have to do anything about it.”
New Product Roadmap
The company has developed a solid product roadmap that focuses on IBM i, which should come as some relief for long-suffering PentaSafe customers.
The company eventually plans to give all of the PentaSafe products a major rewrite. That includes supporting new security and auditing capabilities that IBM has added to the operating system over the years, as well as a new centralized GUI for all three products. Its long-term roadmap calls for developing new security products, too
The first product to get the Trinity Guard makeover was PSAudit. Now known as TGAudit, the software was rewritten with a mix of RPG and C/C++ code to bring the product up to speed with the latest IBM i auditing capabilities, specifically the Authority Collection features that IBM shipped in IBM i 7.3.
Because Trinity Guard got access to IBM resources and developers in Rochester, Minnesota through the ISV Advisory Council group, TGAudit actually supported the Authority Collection when IBM i 7.3 went GA last year.
“As soon as IBM launched Authority Collection, we were able to support it,” Perera says. “Those are the kinds of things we’ll deliver in the future to show our current and future customers we’re serious and we’re going to be ahead of the curve against our competitors.”
Perera, who is Trinity Guard’s president, says existing PentaSafe users are happy. “I talk to NetIQ customers a lot. We are showing them the roadmap and they’re loving what we’ve done for them to get new features,” he says. “We want to stay focused primarily on iSeries. When you’re trying to do too many things I think you lose focus.”
The revitalization of a respected security product is a good thing for IBM i customers, who will benefit from the increased level of competition that Trinity Guard represents. It’s also a warning to other security firms in the IBM i space that they should not rest on their laurels.