• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • Trinity Guard Gives Audit Tool A Friendly GUI

    June 25, 2018 Alex Woodie

    IT professionals who are tired of using 5250 greenscreens to manually conduct regulatory audits of their IBM i systems may be interested in a colorful piece of software from Trinity Guard. The company recently launched TGCentral, which is a unified HTML interface designed to simplify the configuration and execution of security and regulatory audits across multiple IBM i servers.

    As the spiritual and intellectual successor to PentaSafe, Trinity Guard understands how beloved those old PentaSafe products were. Even though NetIQ/Attachmate/Micro Focus has not added any new features to its IBM i security suite for over a decade, there were still hundreds of companies – including some very sizable Fortune 500 firms – that relied on them to secure their businesses.

    The first PentaSafe product to be rewritten was PS-Audit. In early 2016, the Houston, Texas-based company rolled out TGAudit, which was based on the old PS-Audit product but supported the latest IBM i auditing features, specifically the Authority Collection features that IBM shipped in IBM i 7.3.

    TGAudit was developed in a combination of RPG, C, and C++, and provided numerous functionality and performance benefits over PS-Audit. However, one of the new features that TGAudit lacked was a graphical user interface (GUI). While the core underlying auditing capabilities– like reviewing changes to security settings regarding the system, users, and jobs — were strong, users still interacted with the product through a greenscreen interface.

    That changed in March with the launch of TGCentral. The new product delivers a colorful GUI for TGAudit that lowers the barrier of entry for working with the product’s auditing and security functions. Not only do TGCentral users get a graphical dashboard that shows them the state of security on one or more IBM i servers, but it gives them access to TGAudit’s report scheduling capabilities.

    TGCentral provides an intuitive user interface for executing viewing the results of security audit checks on IBM i systems.

    TGCentral also delivers report cards that depict a “pass/fail” grade for eight major regulations, including GDPR, SOX, HIPAA, PCI DSS, GLBA, FISMA, Standards Australia, and ISO 27001. Trinity Guard did the hard work of mapping hundreds of security controls dictated by those regulations into IBM i terms, and then presenting those checks in an easy-to-use and repeatable manner.

    TGCentral can save users lots of time and hassle by centralizing the execution of those auditing checks and generating report cards for each IBM i environment they’re in charge of, says Pauline Ayala, co-founder and vice president of operations for Trinity Guard.

    “Sometimes it’s just one lone server,” Ayala said during a press conference at COMMON‘s recent POWERUp18 conference. “But oftentimes, it’s many LPARs in many locations. So you’ve got a lot of data to work with and it can be a challenge to corral all that information when you need to produce audit reports for those audit requirements.”

    TGCentral’s regulatory report cards monitor whether the technical controls are in place for specific regulatory requirements. Each report card covers a specific regulation (e.g. PCI DSS version 3.2) and may run 35 or more individual reports that correspond to the that regulations specific security requirements. For each requirement, TGCentral’s report card gives it a “pass/fail” grade.

    When TGCentral gives a failing grade, it will provide the user with a link to a page that lists the reasons why the security controls for that particular requirement were deficient. It’s all about helping to educate the users, which could be internal security officers, internal auditors, or external auditors, said Tony Perrera, the president and co-founder of Trinity Guard.

    “We spend a lot of time trying to describe the reports, what they return, what the problem is, and if it’s a failure, then what are the remediation steps they should be focused on,” Perrera told IT Jungle.

    Just getting those English-language descriptions of what caused the failure and a free pass from having to dig through cryptic journal records may be worth the price of admission for TGCentral (which is actually free for TGAudit users who are current on maintenance).

    “It can be extremely time consuming when you have a file change and you have to go back through journal and try to identify through those journal enters what the change was, and create your own reports, and then SQLing over them and finding out what the changes were,” Ayala said. “It’s a nightmare.”

    TGCentral runs on a Windows or a Linux server, and connects to TGAudit via an agent that deploys next to TGAudit on the IBM i server. The agent must be installed from a TGAudit greenscreen, but once the agent is in place, users can access security and audit-related data for each IBM i server from the centralized TGCentral GUI.

    “When you install our agent, it has the communication protocol which communicates and says ‘Hey I’m available. Do you want to manage this through TGCentral?'” Perrera said. “We’re trying to make it easier, so users don’t have to log onto 100 servers.”

    There’s another handy feature that TGCentral users will appreciate: an unalterable PDF summary of the findings in the audit report. “That’s the thing that auditors want,” Perrera said.

    TGCentral implements its own strict authentication controls, and will not allow users without the proper authority to access reports. TGCentral reports cannot be customized, but users can use the reports as the basis for their own reports, Ayala said.

    For more information, see the company’s website at www.trinityguard.com.

    RELATED STORIES

    Trinity Guard Fills Gap In IBM i Network Security

    Trinity Guard Gives PentaSafe Customers a Lifeline

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags: Tags: 5250, C, FISMA, GDPR, GLBA, HIPAA, IBM i, IBM i 7.3, ISO 27001, Linux, PCI DSS, POWERUp18, RPG, SOX, SQL, Standards Australia, Windows

    Sponsored by
    WorksRight Software

    Do you need area code information?
    Do you need ZIP Code information?
    Do you need ZIP+4 information?
    Do you need city name information?
    Do you need county information?
    Do you need a nearest dealer locator system?

    We can HELP! We have affordable AS/400 software and data to do all of the above. Whether you need a simple city name retrieval system or a sophisticated CASS postal coding system, we have it for you!

    The ZIP/CITY system is based on 5-digit ZIP Codes. You can retrieve city names, state names, county names, area codes, time zones, latitude, longitude, and more just by knowing the ZIP Code. We supply information on all the latest area code changes. A nearest dealer locator function is also included. ZIP/CITY includes software, data, monthly updates, and unlimited support. The cost is $495 per year.

    PER/ZIP4 is a sophisticated CASS certified postal coding system for assigning ZIP Codes, ZIP+4, carrier route, and delivery point codes. PER/ZIP4 also provides county names and FIPS codes. PER/ZIP4 can be used interactively, in batch, and with callable programs. PER/ZIP4 includes software, data, monthly updates, and unlimited support. The cost is $3,900 for the first year, and $1,950 for renewal.

    Just call us and we’ll arrange for 30 days FREE use of either ZIP/CITY or PER/ZIP4.

    WorksRight Software, Inc.
    Phone: 601-856-8337
    Fax: 601-856-9432
    Email: software@worksright.com
    Website: www.worksright.com

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Guru: Table Value Constructors Build Tables On The Fly Lamps Plus Sheds Light On Modernization Integration

    Leave a Reply Cancel reply

TFH Volume: 28 Issue: 44

This Issue Sponsored By

  • Profound Logic Software
  • ARCAD Software
  • RPG & DB2 Summit
  • OCEAN TechCon18
  • WorksRight Software

Table of Contents

  • Lamps Plus Sheds Light On Modernization Integration
  • Trinity Guard Gives Audit Tool A Friendly GUI
  • Guru: Table Value Constructors Build Tables On The Fly
  • A Better Way To Skin The IBM i Cloud Cat
  • IT Spending To Boom In 2018, Tails Off In 2019

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • Liam Allan Shares What’s Coming Next With Code For IBM i
  • From Stable To Scalable: Visual LANSA 16 Powers IBM i Growth – Launching July 8
  • VS Code Will Be The Heart Of The Modern IBM i Platform
  • The AS/400: A 37-Year-Old Dog That Loves To Learn New Tricks
  • IBM i PTF Guide, Volume 27, Number 25
  • Meet The Next Gen Of IBMers Helping To Build IBM i
  • Looks Like IBM Is Building A Linux-Like PASE For IBM i After All
  • Will Independent IBM i Clouds Survive PowerVS?
  • Now, IBM Is Jacking Up Hardware Maintenance Prices
  • IBM i PTF Guide, Volume 27, Number 24

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2025 IT Jungle