• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • Adlumin Adds IBM i Support to SIEM

    March 31, 2021 Alex Woodie

    Banks that run their core banking software on IBM i servers will be interested to hear that Adlumin is now ingesting IBM i security log data into its cloud-based security information and event management (SIEM) solution, giving them another way to detect unauthorized activity from hackers and malicious users.

    Adlumin was founded five years ago with the goal of providing a low-cost SIEM and compliance solution to small and midsize banks and credit unions. The Washington, DC-based company started out by collecting log data from Windows and Linux devices, but it soon found out that customers wanted support for core banking solutions running on Unix and IBM i systems.

    “Initially when we launched, we had an agent for Windows PCs and for Linux servers, but we were not doing anything in the core banking space,” says Dan McQuade, the company’s Director of Application Development. “You can keep an eye on what everyone is doing on their personal workstations and all the servers. But if you’re not monitoring that core banking activity, you’ve got this big blind spot and it just happens to be a blind spot with some of your most crucial network data.”

    McQuade says about 10 percent of Adlumin’s customers are running IBM i-based core banking systems from vendors like Jack Henry and Associates, Fiserv, and FIS. The company developed a Java-based agent for IBM i that collects data from all the relevant logs, including the security log, the audit log, and system activity logs.

    “Essentially, every log on the system, we’re collecting,” McQuade tells IT Jungle.

    Adlumin gathers data from all the relevant systems — including PCs, laptops, servers, firewalls, network security devices, and even IoT sensors — and moves it over an encrypted connection to its cloud-based SIEM offering. Once the data is in Adlumin’s cloud, the company uses data science and machine learning techniques to detect anomalous activity that could be a sign of unauthorized access.

    When a client signs up for Adlumin’s service and the company starts collecting log data, it analyzes the data in an attempt to form a baseline. “We’ll try to establish what normal behavior looks like,” McQuade says, “and then over time, we’ll try to look for deviations from that normal behavior, and we start to alert on what we determine to be anomalous activity.”

    Examples of anomalous behavior include users who log into systems at odd times of the day or from new locations. “Maybe they’re VPN-ing in from a source IP that we haven’t seen before, from a different location,” McQuade says. “That has become particularly big over the past year.”

    Adlumin also keeps an eye on IBM i user profiles, and for sudden changes to the authorities granted in them. “If someone was granted new privileges, we’ll be able to send you an alert on that,” McQuade says.

    The IBM i server can be a prolific generator of log data, but Adlumin can help users minimize the amount of log data sent if it becomes overwhelming.

    “Some clients only want to look at security log. Some clients want to look at security logs plus system events — malfunctions and IT operations failures — and depending on the verbosity of what the client looking for, we can fine tune that,” McQuade says.

    It’s worth noting that the company’s software engineers spent some time familiarizing themselves with the IBM i platform, which was necessary in order to understand what the log data coming from the system means.

    “We’re not looking to be experts” in IBM i security, McQuade says. “But at the end of the day, we want to support this platform in a meaningful way. We want our clients to feel like, if they deploy the software, they’re actually going to get value out of it. It’s not just going to be sitting on the system doing nothing. The goal is to give you some insight that you didn’t have before.”

    The company has carved out a comfortable niche in the market with smaller financial services organizations. Ease of use and affordability are advantages that it touts as it goes up against SIEM offerings from larger vendors, such as Splunk, Securonix, or LogRhythm.

    “Let’s say you’re a bank or a small credit union. If you were to go to any other platform in the market, to get what you need out of it, first of all, you’d have to write custom queries, which often times requires someone who’s well-versed in that platform,” McQuade says. “Those type platforms are not the easiest to just dive into head-first. We pride our platform on ease of use.”

    The base price for Adlumin’s SIEM solution starts at $13,000. That includes support for 100 end-points, one of which can be an IBM i server. The company holds onto customers’ log data for 90 days, and can hold onto it for longer than that for an additional fee. For more information, see the company’s website at www.adlumin.com.

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags: Tags: AdLumin, Java, Linux, Security Information and Event Management, SIEM

    Sponsored by
    WorksRight Software

    Do you need area code information?
    Do you need ZIP Code information?
    Do you need ZIP+4 information?
    Do you need city name information?
    Do you need county information?
    Do you need a nearest dealer locator system?

    We can HELP! We have affordable AS/400 software and data to do all of the above. Whether you need a simple city name retrieval system or a sophisticated CASS postal coding system, we have it for you!

    The ZIP/CITY system is based on 5-digit ZIP Codes. You can retrieve city names, state names, county names, area codes, time zones, latitude, longitude, and more just by knowing the ZIP Code. We supply information on all the latest area code changes. A nearest dealer locator function is also included. ZIP/CITY includes software, data, monthly updates, and unlimited support. The cost is $495 per year.

    PER/ZIP4 is a sophisticated CASS certified postal coding system for assigning ZIP Codes, ZIP+4, carrier route, and delivery point codes. PER/ZIP4 also provides county names and FIPS codes. PER/ZIP4 can be used interactively, in batch, and with callable programs. PER/ZIP4 includes software, data, monthly updates, and unlimited support. The cost is $3,900 for the first year, and $1,950 for renewal.

    Just call us and we’ll arrange for 30 days FREE use of either ZIP/CITY or PER/ZIP4.

    WorksRight Software, Inc.
    Phone: 601-856-8337
    Fax: 601-856-9432
    Email: software@worksright.com
    Website: www.worksright.com

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    It’s Not Always Sunny in ERP Land Skytap To Expand IBM i Cloud Offering

    Leave a Reply Cancel reply

TFH Volume: 31 Issue: 25

This Issue Sponsored By

  • Maxava
  • New Generation Software
  • UCG Technologies
  • RPG & DB2 Summit
  • WorksRight Software

Table of Contents

  • Skytap To Expand IBM i Cloud Offering
  • Adlumin Adds IBM i Support to SIEM
  • It’s Not Always Sunny in ERP Land
  • Four Hundred Monitor, March 31
  • IBM i PTF Guide, Volume 23, Number 13

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • Security Still Top Concern, IBM i Marketplace Study Says
  • Bob Langieri Shares IBM i Career Trends Outlook for 2023
  • Kisco Brings Native SMS Messaging to IBM i
  • Four Hundred Monitor, February 1
  • 2023 IBM i Predictions, Part 4
  • Power Systems Did Indeed Grow Revenues Last Year
  • The IBM Power Trap: Three Mistakes That Leave You Stuck
  • Big Blue Decrees Its 2023 IBM Champions
  • As I See It: The Good, the Bad, And The Mistaken
  • IBM i PTF Guide, Volume 25, Number 5

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2022 IT Jungle

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.