Raz-Lee Security, a leading supplier of information security solutions for IBM System i Servers, announced that AIG-Israel, a leading Direct Insurance company affiliated with the AIG group, has selected an information security solution from Raz-Lee Security for the protection of AIG’s server infrastructure.

AIG-Israel attaches high importance to the protection of its System i (IBM-AS/400) servers, as they are the central servers of the organization. The insurance company chose iSecurity based on their previous experience with Raz-Lee Security’s products, and following the recommendation of independent professional advisors.

The iSecurity system selected by AIG-Israel provides a comprehensive security solution for preventing breaches and potential damage to the organization’s activities. iSecurity enables AIG to block break-in attempts from external sources, to receive detailed reports on employee activities (including actual screen captures of user activity), and to control user’s rights to view data. In addition, the system continuously informs relevant staff regarding changes in the business-critical databases of the company, using real-time alerts and timeline reports displaying all changes relating to any subject. These reports can integrate information from all the company’s systems (financial, purchase and manufacturing).

“iSecurity significantly simplifies the protection of our centralized computer systems, especially in the TCP/IP environment,” said Mr. Etzion Yatsiv, VP and Chief Information Officer, AIG-Israel. “Considering all the flexible option it offers, iSecurity is extremely easy to use”, added Mr. Yatsiv.

“We are proud to cooperate with a large international insurance company such as AIG,” said Eli Spitz, VP Business Development, Raz-Lee Security. “iSecurity was designed to supply the numerous insurance companies within our clientele with the rock-solid protection they need, as well as with advanced monitoring capabilities, which enable their business operations to be conducted properly and safely”, added Mr. Spitz.

About AIG
AIG-Israel is one of Israel’s leading insurance companies, operating since 1997 under the joint ownership of Aurec and the AIG group. The company is licensed for general and life insurance activities. AIG Israel offers personal insurance (auto, home health), commercial insurance (including property, employer’s liability, professional and director’s liability), and life insurance. For more information visit http://www.aig.co.il.

About Raz-Lee Security Inc.
Raz-Lee Security, headquartered in Nanuet, New York, is the leading security solution provider for IBM’s System i (AS/400) computers. Drawing upon its 25 years of expertise in the System i Performance and Optimization market, the company designs, develops and markets a comprehensive suite of advanced security software solutions – iSecurity.

For more information please contact:

Eli Spitz
VP Business Development
Raz-Lee Security
Tel: 1-888-729-5334
Email: eli.spitz@razlee.com
Website: www.razlee.com

Before selecting a System i Security solution, you must first determine the best security approach for your needs. Some systems offer an Object-level security approach, while others have a Transaction-based approach. What does this difference really mean?

Essentially, Object-level security enables you to define a “white list” of the objects (such as files) which can be accessed by all or specific users; such an approach enables specifying the exact access type (Read, Write, Update,…) for each object as well.

Transaction-based security, however, does not have this capability. Instead, this approach uses a mechanism called Memorized Transactions. With this mechanism, certain transactions are kept in a separate area (not in the log), and analyzed to check if the a pattern or particular template can be used as a security rule, or as the structural basis for allowing or disallowing access to objects. Naturally, pattern recognition is a CPU intensive task which can negatively affect process time for each transaction.

Our flagship product, iSecurity, uses Object-level security together with an intuitive algorithm in which more specific rules are analyzed before generic ones are referenced. Using this algorithm, iSecurity requires only one successful I/O with minimal CPU to find the exact rule.

The advantages of Object-level security are:

Better Performance
Object-level security is far superior in the area of performance. With Transaction-based security, the greater the number of memorized transactions, the larger the number of comparisons needed for each incoming TCP transaction (FTP, SQL, etc.). And more applications in use means more transactions generated, more rules that need to be defined, and more transactions that need to be memorized.

Less Security Exposures
Unlike Object-based security, Transaction-based security compares transactions character by character, which means that unimportant differences between transactions may render important security rules useless.

Installation & Maintenance Issues
With Transaction-based security, the administrator needs to carefully review each transaction, determine which transactions require rules, and memorize those transaction definitions. The above procedure is time consuming and, more importantly, extremely error prone. Errors in defining the rules can easily lead to actual security breaches and serious monetary and reputation losses to your company.

Written by Eli Spitz, VP Business Development, Raz-Lee Security
Email Eli Spitz at marketing@razlee.com