Trinity Guard Gives Audit Tool A Friendly GUI
June 25, 2018 Alex Woodie
IT professionals who are tired of using 5250 greenscreens to manually conduct regulatory audits of their IBM i systems may be interested in a colorful piece of software from Trinity Guard. The company recently launched TGCentral, which is a unified HTML interface designed to simplify the configuration and execution of security and regulatory audits across multiple IBM i servers.
As the spiritual and intellectual successor to PentaSafe, Trinity Guard understands how beloved those old PentaSafe products were. Even though NetIQ/Attachmate/Micro Focus has not added any new features to its IBM i security suite for over a decade, there were still hundreds of companies – including some very sizable Fortune 500 firms – that relied on them to secure their businesses.
The first PentaSafe product to be rewritten was PS-Audit. In early 2016, the Houston, Texas-based company rolled out TGAudit, which was based on the old PS-Audit product but supported the latest IBM i auditing features, specifically the Authority Collection features that IBM shipped in IBM i 7.3.
TGAudit was developed in a combination of RPG, C, and C++, and provided numerous functionality and performance benefits over PS-Audit. However, one of the new features that TGAudit lacked was a graphical user interface (GUI). While the core underlying auditing capabilities– like reviewing changes to security settings regarding the system, users, and jobs — were strong, users still interacted with the product through a greenscreen interface.
That changed in March with the launch of TGCentral. The new product delivers a colorful GUI for TGAudit that lowers the barrier of entry for working with the product’s auditing and security functions. Not only do TGCentral users get a graphical dashboard that shows them the state of security on one or more IBM i servers, but it gives them access to TGAudit’s report scheduling capabilities.
TGCentral also delivers report cards that depict a “pass/fail” grade for eight major regulations, including GDPR, SOX, HIPAA, PCI DSS, GLBA, FISMA, Standards Australia, and ISO 27001. Trinity Guard did the hard work of mapping hundreds of security controls dictated by those regulations into IBM i terms, and then presenting those checks in an easy-to-use and repeatable manner.
TGCentral can save users lots of time and hassle by centralizing the execution of those auditing checks and generating report cards for each IBM i environment they’re in charge of, says Pauline Ayala, co-founder and vice president of operations for Trinity Guard.
“Sometimes it’s just one lone server,” Ayala said during a press conference at COMMON‘s recent POWERUp18 conference. “But oftentimes, it’s many LPARs in many locations. So you’ve got a lot of data to work with and it can be a challenge to corral all that information when you need to produce audit reports for those audit requirements.”
TGCentral’s regulatory report cards monitor whether the technical controls are in place for specific regulatory requirements. Each report card covers a specific regulation (e.g. PCI DSS version 3.2) and may run 35 or more individual reports that correspond to the that regulations specific security requirements. For each requirement, TGCentral’s report card gives it a “pass/fail” grade.
When TGCentral gives a failing grade, it will provide the user with a link to a page that lists the reasons why the security controls for that particular requirement were deficient. It’s all about helping to educate the users, which could be internal security officers, internal auditors, or external auditors, said Tony Perrera, the president and co-founder of Trinity Guard.
“We spend a lot of time trying to describe the reports, what they return, what the problem is, and if it’s a failure, then what are the remediation steps they should be focused on,” Perrera told IT Jungle.
Just getting those English-language descriptions of what caused the failure and a free pass from having to dig through cryptic journal records may be worth the price of admission for TGCentral (which is actually free for TGAudit users who are current on maintenance).
“It can be extremely time consuming when you have a file change and you have to go back through journal and try to identify through those journal enters what the change was, and create your own reports, and then SQLing over them and finding out what the changes were,” Ayala said. “It’s a nightmare.”
TGCentral runs on a Windows or a Linux server, and connects to TGAudit via an agent that deploys next to TGAudit on the IBM i server. The agent must be installed from a TGAudit greenscreen, but once the agent is in place, users can access security and audit-related data for each IBM i server from the centralized TGCentral GUI.
“When you install our agent, it has the communication protocol which communicates and says ‘Hey I’m available. Do you want to manage this through TGCentral?'” Perrera said. “We’re trying to make it easier, so users don’t have to log onto 100 servers.”
There’s another handy feature that TGCentral users will appreciate: an unalterable PDF summary of the findings in the audit report. “That’s the thing that auditors want,” Perrera said.
TGCentral implements its own strict authentication controls, and will not allow users without the proper authority to access reports. TGCentral reports cannot be customized, but users can use the reports as the basis for their own reports, Ayala said.
For more information, see the company’s website at www.trinityguard.com.