By implementing iSecurity’s Firewall, Audit and AP-Journal modules, Toyota Boshoku America has been
able to easily monitor exit points, prevent unauthorized access, automate report generation to meet
audit requirements as well as monitor access down to the record level, which are all critical to their
requirements for complying with J – SOX.

View the full iSecurity-Toyota Bokoshu Case Study

Raz-Lee Security drew quite a crowd around its new security enhancements at COMMON 2010, in Orlando, Florida. This year’s COMMON was attended by over 1200 people, the vast majority being Power i decision-makers focused on implementing the latest and most efficient new Power i technologies, in particular for security and compliance.

Numerous visitors flocked to Raz-Lee’s booth to learn about its innovations, and group sessions were held in order to provide information to all interested parties. Attendees were well-aware of industry regulations and auditor’s requirements, and were eager to select the right products to ensure compliance with regulations, especially products which could provide “out-of-the-box” PCI, SOX, HIPAA, etc. compliance templates and “ready-to-run” reports.

The Press also took notice of Raz-Lee’s success at COMMON, as seen in the following links:

IT Jungle: Raz-Lee Gets the Twitter Bug

System i Network: At COMMON 2010, Raz-Lee Security Says IBM i Getting Younger

System i Network: In Honor of COMMON’s 50th, Raz-Lee Offers Advanced File Editor with Full Unicode—Free to IBM i Community

MCPressonline:   Raz-Lee Freely Celebrates COMMON 50

IBMSystemsMagazine: Raz-Lee Security Releases i Twitter Solution, Other Enhancements

Among the products which were of particular interest to visitors and the Press were:

• Native Object Security – enables system administrators to easily define target security levels per object and object type, and to check for inconsistencies between actual and planned object security settings. The product also enables using generic object names, and includes full reporting features. Also, a new artificial intelligence-based wizard builds an optimal set of security rules for a group of objects, based on analysis of the current security settings of the objects in a directory.

• User Profile & System Value Replication – synchronizes user profile definitions, user passwords and system values between different systems and LPARs, allowing for exceptions as needed in Production, Test or Development systems. Synchronization is accomplished with minimum overhead to both the actual systems and the personnel mandated with managing user profile information. The product also replicates system value definitions between systems, using “optimal” system values defined in Compliance Evaluator and “baseline” site-defined values.

• Compliance Evaluator – enables managers a quick, comprehensive view of the compliance scores for all systems in the enterprise and provides detailed compliance-related reports with various levels of detail.

• Syslog/SNMP/Twitter Support – sends security alerts instantaneously to relevant SIEM systems or users through www.twitter.com. These message alerts include detailed event information and alerts on application data changes, deletes or reads, emergency changes in user authorities, IFS viruses detected, malicious access to the Power i , and much more.

• FileScope – FREE SOX and PCI compliant file editor with full Unicode (UTF-16, UCS-2) support and full activity tracing via Syslog, SNMP, Twitter, MSGQ, SMS and e-mail.

“We were flattered by the outstanding level of interest and attention our products generated at COMMON this year,” said Shmuel Zailer, CEO, Raz-Lee Security. “Customers know they can turn to Raz-Lee to achieve the level of compliance they need, as well as to continuously monitor all Power i infrastructure and application security events in their enterprise.”

Written by Shari Masafy
Email Shari at sharim@razlee.com

Customer:
Mr. Didier Brisbois
Technical manager IT of IFAC
Hôspital Sainte Thérèse

My goal was to find a tool for DB2 databases which would provide me with:

• Full and robust reporting capabilities

• An easy to learn and easy to use product

• The ability to create special-purpose ViewPoints (file-specific pre-defined scripts) which can be used by unsophisticated users

• Batch processing capabilities in order not to tie-up the user’s session

• Minimal interference with AS/400 performance

Following is the list of benefits we have achieved using FileScope/Platinum:

• Quick and Easy

• Ability to perform batch processing

• Integration of FileScope into application menus

• Speed of the software, with many more options than Query

• Ability to make mass updates

• Journaling facilities to view temporary changes to a file by any user and also to monitor deleted records. (Note: These monitoring, tracking and reporting capabilities are especially important for companies which need to be HIPAA, SOX, PCI, etc. compliant.)

• Interactively viewing and editing file contents quickly and easily

• Product uses DB2-specific concepts (such as members, logical files, etc.) which is unique among products which support ODBC

• Short learning curve for most user’s queries

About FileScope

FileScope is recognized by Power i professionals as the leading Power i product in the area of data manipulation. FileScope provides unprecedented file editing capabilities, while adhering to the highest standards of quality, reliability and performance.

Features

• Cross-product Unicode UTF-16, UCS-2 support enables viewing SAP, JDE, MOVEX, BPCS, etc. files.

• Single e-mail contains all session changes

• Export to XML-format files

• Security, SOX and PCI support

• Full-Screen editor

• Save file-specific pre-defined scripts

• Field calculations

• Report generator

• Batch processing facility

• Multiple file management

• File scan and subset

• Special printing capabilities

• Log file changes

Written by Shari Masafy
Email Shari Masafy at sharim@razlee.com

Raz-Lee Security, a major vendor of security solutions for IBM Power i computers, has developed a comprehensive solution for Multi-System/Multi-LPAR environments, in response to the trends to “downsize” and consolidate servers.

As the number of special-purpose systems and LPARs at enterprises worldwide grows, it is critical that user profile definitions including passwords as well as system values are synchronized between the different Power i systems, allowing for exceptions as needed in Production, Test or Development environments. Naturally, synchronization must entail minimum overhead to both systems and the personnel mandated with managing user profile information.

Raz-Lee has identified this trend and consequently tailored a full security solution for multi-system/multi-LPAR environments. The solution, integrated in the iSecurity product suite, includes:

•  Replication – duplicates user profiles including passwords and other user profile definitions, as well as system values, from one system/LPAR to another, and synchronizes all parameters such as user authorities in all systems.
• Compliance Evaluator – compares compliance of different systems/LPARs
• Centralized Reporting – references and collects data from several systems/LPARs and creates reports in “merged” or individual format
• SYSLOG – the ability to interface with all leading SEM (Security Event Management) products is supported by iSecurity
• Central Administration – exports and imports product definitions & logs between different systems

“In order to uphold our status as a top-notch Power i security provider, we make it our business to identify relevant market trends and provide our customers with the exact solutions they are looking for,” said Eli Spitz, VP Business Development, Raz-Lee Security. “No other company has our abundance of features for Multi-System/Multi-LPAR environments, which is yet another unique feature for our iSecurity solution.”

Raz-Lee Security, a major world-wide vendor of security solutions for IBM Power i computers, has enhanced its feature-rich SOX and PCI compliant file editor, FileScope, with full Unicode (UTF-16, UCS-2) support, to comply with the prevalent international standard. Unicode support is totally unique in the Power i data manipulation market and encompasses ALL FileScope facilities including Substring, Scan and Subset functions.

Unicode, a fundamental building block for international e-business, allows data from many different languages to be stored in one repository. Today’s business world demands that IT systems be able to present content and conduct transactions in all major worldwide languages. Unicode enables a single set of application source code to be written to process data in any language. It also makes the addition of new language support to an existing e-business application relatively simple since character processing and storage remains unchanged. This results in lower costs of implementation, faster time to market, and higher customer satisfaction.

FileScope is packaged in both Gold and Platinum versions, both of which support the new Unicode capability. While technologically similar, the Platinum version supports more SOX, PCI, auditing and file journaling capabilities, making it more appropriate for large and mid-sized shops.

As part of the announcement, Raz-Lee will provide, for a limited time, FileScope/Gold with Unicode Support at $0(!) including free maintenance for up to three months.

FileScope’s Unicode support enables viewing SAP, JDE, MOVEX, BPCS, and other files. The following functions are supported for these and similar files:

• Display file contents
• Print file contents
• Update records (single record, full screen, global changes)
• Scan for fields
• Subset records (OPNQRYF) including all Tests such as EQ….LIKE 
• Substring field values
• Undo changes (up to 99 days)

Raz-Lee also offers FileScope Platinum, an upgraded version, which includes (in addition to the Gold Edition features):

• Improved SOX/PCI support
  • SYSLOG/SNMP Messages for SIEM – transmits up to 1000 lines per second.
  • User Activity List Email – including users, times and actions.
• XML support
• Report Generator
• Full Screen Update

 ”A Unicode-supporting file editor is a highly desirable product, unrivaled by any other company, and we’ve already witnessed the demand for it” said Shmuel Zailer, CEO, Raz-Lee Security. “It is a fitting enhancement for our FileScope product, which is already well-stocked with unique features such as Undo, Join and User activity list emails – also unique to Raz-Lee’s technology.”

Raz-Lee Security, a leading global supplier of information security & compliance solutions for the IBM Power i, has released iTweet, a product enabling instant messaging over Twitter for the Power i.

iTweet sends selected messages to relevant users through www.twitter.com. These messages are sent effortlessly and instantaneously to users. These messages include event information, message queues, alerts on changes, deletes or reads, emergency changes in user authorities, IFS viruses detected, field-level changes to data and even VIEW of pre-defined “unreadable” data object deletion.

The tool provides a bi-directional interface between Twitter and the Power i, so that users can reply from Twitter to the Power i, for example when an error/inquiry message appears.

Messages can be received through PCs, cell phones or PDAs. A secure environment can be configured, ensuring that only relevant users can view them.

iTweet is available both as a standalone tool and as a feature integrated into other iSecurity products such as Audit, Authority on Demand, AP-Journal, Anti Virus and more. Security alert support via iTweet is in addition to existing support for alerts in the form of e-mails, MSGQ, SNMP messages, SYSLOG, SMS, etc.

In order to adapt to Twitter’s limitation of up to 100 messages per hour, the iSecurity SYSLOG assigns security levels to each message in order to decide which messages to send.

“Twitter, a highly popular social marketing tool, is mostly used for recreational or marketing purposes. iTweet, however, utilizes its easy and immediate qualities for purely technical and functional purposes. iTweet can be a real help for System Administrators and Power i users, speed up processes and streamline knowledge flow.”

Raz-Lee Security Inc., a major vendor of security solutions for IBM Power i computers, announced that SYSLOG real-time notification messages are now supported in all iSecurity products, including Audit, AP-Journal, Authority on Demand and Anti-Virus.

iSecurity’s SYSLOG feature sends events from various Power i facilities (such as logs and message systems) to remote Security Information and Event Management (SIEM) servers.

The advanced iSecurity SYSLOG capacity enables the system administrator to categorize events according to a range of severities such as emergency, alert, critical, error, warning, notice, informational and debug. It also enables the user to decide under which conditions the Power i should send a SYSLOG message, to choose the IP address of the SYSLOG server, the facility from which the message is sent, the severity range and the recipients, as well as decide whether the SYSLOG message should contain all events from iSecurity Firewall or only the rejected entries. Another useful feature is the ability to easily define the message structure, rather than receiving the standard long message and having to manually divide it into intelligible parts.

One of Raz-Lee’s Israeli customers, among the largest insurance firms in the country, makes extensive use of iSecurity SYSLOG, and transmits the entire journal receiver log using SYSLOG messages. Approximately 1000 alerts are transmitted per second, utilizing only 1% of the CPU.

“Our SYSLOG facility is not only spreading to additional products, but also to more and more customers worldwide,” said Eli Spitz, VP Business Development, Raz-Lee Security. “It gives customers the utmost flexibility to control both message conditions and content, thereby making security in the organization considerably more efficient.”

Join our select team of experts and discover the lucrative Power i (iSeries/AS/400) market. Distribute Raz-Lee’s advanced security software products around the world.

In addition to marketing and supporting Raz-Lee’s products, our partners provide profitable professional services and projects, such as security software implementation, configuration and assessments, all based around our field-proven products.

We provide our partners with solid support, technical training, regular updates and a wide array of marketing and sales tools.

For more information contact marketing@razlee.com

Raz-Lee Security will be involved in two exciting Power i events in the upcoming weeks – a Webcast and a Press Conference at COMMON.

Raz-Lee, together with its US distributor, Software Engineering of America (SEA), is sponsoring a one-hour webcast by Mel Beckman, senior technical editor for System iNEWS. The topic of the webcast is “Managing Security in Multi-System and Multi-LPAR Environments”, and it will take place on April 22, 2010 at 12:00PM EST. Click here for more information.

In addition, Shmuel Zailer, CEO of Raz-Lee Security, will hold a Press Conference entitled: “The Power i – Getting Younger Daily!” at the upcoming COMMON 2010 conference in Orlando, Florida. The press conference will focus on some of the fresh, modern features available for the Power i in Raz-Lee’s products, which enhance the users’ experience and streamlines their workflow. These features, include an ever-improving GUI interface, advanced business intelligence analysis of a network access and QAUDJRN data warehouse, extended SYSLOG support, time-saving wizards and soon to be announced support for SNMP and Twitter alerts.

“We do indeed believe the Power i is getting younger every day, while still preserving its status as a long-time favorite amongst its users,” said Shmuel Zailer, CEO, Raz-Lee Security. “The Power i’s user experience is ever changing and improving, thanks to companies like Raz-Lee, which continually investigates users’ needs in and develops new tools to accommodate them.”

This case study/product review offers the the point of view of Promedico, a large Israeli pharmaceuticals company, on iSecurity AP-Journal - the applications it is used for and how it makes business more efficient.

Click here to view.