Raz-Lee Security, a major vendor of security solutions for IBM Power i computers, has developed a comprehensive solution for Multi-System/Multi-LPAR environments, in response to the trends to “downsize” and consolidate servers.

As the number of special-purpose systems and LPARs at enterprises worldwide grows, it is critical that user profile definitions including passwords as well as system values are synchronized between the different Power i systems, allowing for exceptions as needed in Production, Test or Development environments. Naturally, synchronization must entail minimum overhead to both systems and the personnel mandated with managing user profile information.

Raz-Lee has identified this trend and consequently tailored a full security solution for multi-system/multi-LPAR environments. The solution, integrated in the iSecurity product suite, includes:

•  Replication – duplicates user profiles including passwords and other user profile definitions, as well as system values, from one system/LPAR to another, and synchronizes all parameters such as user authorities in all systems.
• Compliance Evaluator – compares compliance of different systems/LPARs
• Centralized Reporting – references and collects data from several systems/LPARs and creates reports in “merged” or individual format
• SYSLOG – the ability to interface with all leading SEM (Security Event Management) products is supported by iSecurity
• Central Administration – exports and imports product definitions & logs between different systems

“In order to uphold our status as a top-notch Power i security provider, we make it our business to identify relevant market trends and provide our customers with the exact solutions they are looking for,” said Eli Spitz, VP Business Development, Raz-Lee Security. “No other company has our abundance of features for Multi-System/Multi-LPAR environments, which is yet another unique feature for our iSecurity solution.”

Join our select team of experts and discover the lucrative Power i (iSeries/AS/400) market. Distribute Raz-Lee’s advanced security software products around the world.

In addition to marketing and supporting Raz-Lee’s products, our partners provide profitable professional services and projects, such as security software implementation, configuration and assessments, all based around our field-proven products.

We provide our partners with solid support, technical training, regular updates and a wide array of marketing and sales tools.

For more information contact marketing@razlee.com

Herzliya, Israel – March 25, 2010 – Raz-Lee Security will demonstrate its advanced Power i security solutions at Common 2010, Booth 610, on May 3-6 at the Hilton Orlando in Orlando, Florida.

COMMON is the annual meeting of the COMMON membership and the largest gathering of the Power Systems user community. COMMON 2010 will mark a significant milestone of 50 years – a true testament to the strength and vibrancy of this professional user community.

The Annual Meeting is COMMON’s largest educational event of the year, with four full days of in-depth IBM i and AIX education that includes all-day pre-conference workshops, all-day Integrated Seminars, open labs and a wide variety of regular-length sessions.

The conference’s Opening Session will demonstrate an unprecedented level of support and recognition of COMMON by IBM, with a special message from Sam Palmisano, IBM’s Chairman of the Board, President and Chief Executive Officer, as well as a keynote address by Mark Shearer, VP, Marketing, Communications and Sales Support, IBM Systems and Technology Group.  

Raz-Lee Security will take the opportunity to display, among other products and capabilities:

• Native Object Security – enables system administrators to easily define target security levels per object and object type, and to check for inconsistencies between actual and planned object security settings. The product also enables using generic object names, and includes full reporting features.
• User Profile & System Value Replication - synchronizes user profile definitions, user passwords and system values between different systems and LPARs, allowing for exceptions as needed in Production, Test or Development systems. Synchronization is accomplished with minimum overhead to both the actual systems and the personnel mandated with managing user profile information. The product also replicates system value definitions between systems, using “optimal” system values defined in Compliance Evaluator and “baseline” site-defined values.
• Compliance Evaluator – enables managers a quick, comprehensive view of the compliance scores for all systems in the enterprise and provides detailed compliance-related reports with various levels of detail.

 ”The 50^th anniversary of COMMON and IBM’s ever-increasing participation at COMMON both attest to the solid position of the Power i in today’s enterprises,” said Shmuel Zailer, CEO, Raz-Lee Security. “As renowned Power i experts and enthusiastic supporters of iManifest (the international initiative promoting the Power i), we are delighted to witness this development and are confident that it will lift this unique platform to new heights.”

Here’s an actual case of where iSecurity, Raz-Lee’s Power i Security solution, could have saved a European bank, LGT, a lot headaches, expenses and bad press.

On February 26th, 2008 it was reported that at least eight countries were investigating their citizens for allegedly hiding financial assets at LGT Liechtenstein, an offshore bank.

The investigations were based upon the details of the bank’s clients obtained by the German secret service from a former bank employee. Using these details, German authorities investigated and prosecuted hundreds of people listed in the stolen data. At least one of the people who were investigated committed suicide, others were imprisoned, and still others were forced to leave their job at LGT. Naturally, Germany was able to make many millions of dollars in unpaid tax revenue on these non-reported assets.

On February 8th, 2010, in a decision described as “Awesome” in Business Insider website, a German court ordered the LGT subsidiary to pay more than $10M in damages to a client for failing to inform him that his confidential details had been stolen and handed to authorities, thereby harming his chances of escaping criminal penalties for tax evasion!

The remarkable part of this story is that back in February 2008, Raz-Lee’s Swiss distributor had spoken to this bank about iSecurity and reported the following:

“This bank has iSeries systems, and we spoke with the IT Managers, staff and other managers there. Their response to our presentation of iSecurity’s auditing, security and compliance solutions was something like “We have security, we don’t think we need security, maybe in the future.”

So now, LGT encountered this terrible mess!

Let’s hope that YOUR company installs iSecurity before the worst happens…

For more information click here

Raz-Lee Security, a leading supplier of information security solutions for IBM Power i servers (iSeries/AS/400) together with its North American business partner, Software Engineering of America, participated in the IBM i Essentials Virtual Conference held on March 9-10th.

This unique online event included top-notch educational webcasts live from industry experts, exhibitor booths staffed with live team members holding online chats, and networking with industry peers. As many as 16 webcasts will be held, by Jeff Uehling from IBM, Mike Pavlak from Zend and others, covering all the information required for keeping up-to-date in the IBM i world. The show was attended by many prominent players in the AS/400 security market.

At the show, Raz-Lee and SEA showcased the iSecurity Compliance Evaluator solution, which enables managers to quickly check the compliance of their systems with industry and corporate policies using customizable user-friendly reports. In addition, Application Security, Authority on Demand, Native Object Security and User & System Value Replication solutions will be spotlighted.

“This virtual show extends the reach of a traditional conference, providing us with globe-spanning opportunities to show off our advanced technology,” said Eli Spitz, VP Business Development, Raz-Lee Security. “I am confident that in such a venue, our advanced Power i security solutions will generate far-ranging awareness.”

Raz-Lee Security will be participating in the 11th Information Security Conference, to be held on March 17^th, in Petach Tikva, Israel.

The conference will be attended by CEOs, IT Security managers and experts, IT Managers, Industrial companies’ managers, business development managers and others. A multitude of lectures will be offered by top experts from IBM, Juniper Networks, Bezeq Telecommunications and NetApp, as well as by the President of the Israeli IT Security and Auditing Association. In addition, a panel will be held on the subject of the Revolution in IT Security Regulation.

At the conference, Raz-Lee will showcase nuBridges Protect, a state-of-the-art encryption and tokenization solution distributed in Israel. nuBridges Protect secures sensitive data at rest in database fields, files, applications and associated backup storage, to help companies comply with mandates like the Payment Card Industry’s Data Security Standard (PCI-DSS) and government privacy acts.

This conference is Raz-Lee’s second local event this quarter, following the IT GRC (Government, Risk Management & Compliance) annual event in Tel Aviv on February 18th.

“Raz-Lee is highly active and well-established in Israel, boasting prominent customers, including the largest banks and health funds in the country,” said Eli Spitz, VP Business Development, Raz-Lee Security. “Our nuBridges Protect solution is the only solution in Israel combining both encryption & tokenization, and there is ever-growing interest in the solution among the leading enterprises in Israel.”

For more information (Hebrew) click here.

Getting PCI Compliant can be a hassle… or it can be a quick & effortless task. Find out how to easily check your Power i’s compliance status, customize a built-in report, receive summary or detailed reports, and much more. Click here to View the iSecurity Compliance Evaluator Demo

  The Banco di Sardegna, a major Italian bank, deployed the following iSecurity Power i Security products from Raz-Lee Security:

• User & Password Management
• Firewall
• System Control
• Screen
• Visualizer
• Action
• Audit
• Assessment

Click here to view the case study
Click here for more information on Raz-Lee & iSecurity
Email Raz-Lee at marketing@razlee.com

Raz-Lee’s iSecurity Anti-Virus product is based upon ClamAV, an open source toolkit. We often enconter questions from customers and distributors alike about its qualities, and about how it compares with commercial Anti-Virus solutions.

 So first – some basic info:

ClamAV is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tools for automatic database updates. The core of the package is an anti-virus engine available as a shared library. For more information click here.  

 ClamAV has won the following awards:

• InfoWorld best of open source in security, September 10th, 2007
• 2006 SourceForge.net Community Choice Awards, April 5th, 2006
• Linux Format Magazine chose ClamAV as the best AV, January 16th, 2006

And most important –  ClamAV is held in high esteem by its users. Some examples of this can be viewed in ClamAV.net forum, where users expressed their appreciation for ClamAV:

On Tue, Nov 24, 2009 at 4:27 PM, Scott Mohnkern mohnkern@gmail.com wrote:

“In our particular environment (a government server farm), we were asked  to deploy the Mcafee virus scanning tools for Linux. After several months of  frustration, we concluded given our particular configuration (A very large Storage Area Network) that McAfee would never meet our needs.

We tested and deployed ClamAV across 63 machines with over 24 terabytes  of  network storage and have found that it fits our needs extremely well. We  don’t do “on the fly” scanning, but do scanning on a cycling basis per   machine, to avoid overtaxing our network”.

 On Fri, Dec 4, 2009 at 4:10 AM, Robin diilbert.atlantis@gmail.com wrote:

 ”…I tested < McAfee CommandLine > Scanner scanning a simple file and it was 10x slower than ClamAV. “ 

On Fri, Dec 4, 2009 at 5:32 AM, Dennis Peterson dennispe@inetnw.com wrote:

 <ClamAV> is so good that TrendMicro thought it worth going to court to stop it.

For more information on iSecurity Anti-Virus please contact marketing@razlee.com

Written by Shari Masafy, MarCom Manager at Raz-Lee Security.
Email Shari at marketing@razlee.com

Raz-Lee Security, a leading supplier of information security solutions for the IBM Power i, has enhanced its iSecurity product suite with a new Native Object Security management module.

Defining security rights for native objects is the basis for all Power i security. However, these activities are work-intensive and therefore very susceptible to errors and oversights.

 iSecurity’s Native Object Security capabilities enable system administrators to easily define target security levels per object and object type, and to check for inconsistencies between actual and planned object security settings. They also enable using generic object names, and include full reporting features.

 Native Object Security capabilities include:

• Setting up multiple object security rules simultaneously, using generic naming capabilities
• Checking target (planned) settings with the current object security status, and showing inconsistencies
• Setting the current security status to the planned status
• Defining Object Owner, Authorization List, Primary Group, and specific user authorities (Add/Replace)
• Setting Audit value and Reset usage count
• Full reporting capabilities including OUTFILE

 ”We strive to maximize the user’s flexibility and variety of options,” said Eli Spitz, VP Business Development, Raz-Lee Security. “Accordingly, iSecurity supports both general and specific security settings, be it individual security levels for each and every object, or special temporary authorities for emergency cases. This allows the security settings to reflect the customer’s exact needs, with little or no constraints”.

Written by Shari Masafy, MarCom Manager at Raz-Lee
Email Shari Masafy at sharim@razlee.com