Raz-Lee Security, a leading supplier of information security solutions for IBM Power i servers (iSeries/AS/400), has enhanced its iSecurity Visualizer with revolutionary Business Intelligence capabilities which will help companies analyze and pinpoint security and management issues based upon all security and management-related queries which can be executed from the iSecurity GUI.

For the past three years, Raz-Lee has offered its customers an advanced, Eclipse-based Business Intelligence solution called Visualizer for easily analyzing network access and QAUDJRN activity in a friendly graphic user interface environment. This solution enabled users to instantaneously find the “needle in the haystack” in order to investigate potential security breaches whether originating from the network or transpiring on the IBM i itself.

With the addition of the new capabilities, Visualizer now analyzes:

• Firewall log files

• Audit log files

• AP-Journal application data

• Output of Firewall queries

• Output of Audit queries including User Profile-related queries

• Output of queries which have been run and stored on disk (Database Reports)

Of special interest, the ability to analyze User Profile based queries via Visualizer adds an essential dimension to the challenge of defining, synchronizing and managing User Profile information, especially in multiple partition environments.

In addition, Visualizer now has “Drill To” capabilities for easily defining or changing security rules based upon specific network access or QAUDJRN events, as well as for dynamically displaying a table view of BI-filtered data, enabling export to Excel, PDF, CSV and HTML files.

Raz-Lee Security sees this functional expansion of Visualizer as a major step forward in helping customers obtain real benefit from iSecurity as well as in differentiating iSecurity from ALL competitors.

“Anyone reading the professional trade press over the past year or so has undoubtedly been impressed by the ever increasing number of articles centering on the potential benefits to companies attained by using Business Intelligence technologies,” said Eli Spitz, VP Business Development, Raz-Lee Security. “Our revolutionary Visualizer BI product responds to this trend and gives our customers the cutting edge technology they deserve.”

Raz-Lee’s iSecurity Anti-Virus product is based upon ClamAV, an open source toolkit. We often enconter questions from customers and distributors alike about its qualities, and about how it compares with commercial Anti-Virus solutions.

 So first – some basic info:

ClamAV is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tools for automatic database updates. The core of the package is an anti-virus engine available as a shared library. For more information click here.  

 ClamAV has won the following awards:

• InfoWorld best of open source in security, September 10th, 2007
• 2006 SourceForge.net Community Choice Awards, April 5th, 2006
• Linux Format Magazine chose ClamAV as the best AV, January 16th, 2006

And most important –  ClamAV is held in high esteem by its users. Some examples of this can be viewed in ClamAV.net forum, where users expressed their appreciation for ClamAV:

On Tue, Nov 24, 2009 at 4:27 PM, Scott Mohnkern mohnkern@gmail.com wrote:

“In our particular environment (a government server farm), we were asked  to deploy the Mcafee virus scanning tools for Linux. After several months of  frustration, we concluded given our particular configuration (A very large Storage Area Network) that McAfee would never meet our needs.

We tested and deployed ClamAV across 63 machines with over 24 terabytes  of  network storage and have found that it fits our needs extremely well. We  don’t do “on the fly” scanning, but do scanning on a cycling basis per   machine, to avoid overtaxing our network”.

 On Fri, Dec 4, 2009 at 4:10 AM, Robin diilbert.atlantis@gmail.com wrote:

 ”…I tested < McAfee CommandLine > Scanner scanning a simple file and it was 10x slower than ClamAV. “ 

On Fri, Dec 4, 2009 at 5:32 AM, Dennis Peterson dennispe@inetnw.com wrote:

 <ClamAV> is so good that TrendMicro thought it worth going to court to stop it.

For more information on iSecurity Anti-Virus please contact marketing@razlee.com

Written by Shari Masafy, MarCom Manager at Raz-Lee Security.
Email Shari at marketing@razlee.com

I’d like to share a very informative article by Gary Palgon, who is VP Product Management at nuBridges, a leading data protection software vendor. The article clearly outlines the concept of tokenization, including examples of its implementation.

Click here to view the article.

Check out our new white paper on Achieving PCI Compliance with IBM Power i. PCI-DSS consists of 12 requirements within six categories which cover best security practices. This white paper includes a summary of PCI requirements, focusing on the relevant items to Power i security. Each requirement is followed by a guideline specifying how to actually implement the requirement.

Download PCI Compliance White Paper  (Free)

Before selecting a System i Security solution, you must first determine the best security approach for your needs. Some systems offer an Object-level security approach, while others have a Transaction-based approach. What does this difference really mean?

Essentially, Object-level security enables you to define a “white list” of the objects (such as files) which can be accessed by all or specific users; such an approach enables specifying the exact access type (Read, Write, Update,…) for each object as well.

Transaction-based security, however, does not have this capability. Instead, this approach uses a mechanism called Memorized Transactions. With this mechanism, certain transactions are kept in a separate area (not in the log), and analyzed to check if the a pattern or particular template can be used as a security rule, or as the structural basis for allowing or disallowing access to objects. Naturally, pattern recognition is a CPU intensive task which can negatively affect process time for each transaction.

Our flagship product, iSecurity, uses Object-level security together with an intuitive algorithm in which more specific rules are analyzed before generic ones are referenced. Using this algorithm, iSecurity requires only one successful I/O with minimal CPU to find the exact rule.

The advantages of Object-level security are:

Better Performance
Object-level security is far superior in the area of performance. With Transaction-based security, the greater the number of memorized transactions, the larger the number of comparisons needed for each incoming TCP transaction (FTP, SQL, etc.). And more applications in use means more transactions generated, more rules that need to be defined, and more transactions that need to be memorized.

Less Security Exposures
Unlike Object-based security, Transaction-based security compares transactions character by character, which means that unimportant differences between transactions may render important security rules useless.

Installation & Maintenance Issues
With Transaction-based security, the administrator needs to carefully review each transaction, determine which transactions require rules, and memorize those transaction definitions. The above procedure is time consuming and, more importantly, extremely error prone. Errors in defining the rules can easily lead to actual security breaches and serious monetary and reputation losses to your company.

Written by Eli Spitz, VP Business Development, Raz-Lee Security
Email Eli Spitz at marketing@razlee.com