Raz-Lee’s YouTube Channel: More than 5,000 Views!

Have you recently accessed our 25 YouTube videos? With a total of more than 5,000 views, our videos are just what the Facebook-Twitter-LinkedIn-WhatsApp generation wants in order to become quickly acquainted with our security, auditing and compliance solutions.

We’ve got loads of interesting “How-To”  and “Tips and Tricks” videos which solve real day-to-day issues. Most of our videos are based upon our GUI which covers 100% of the green-screen solutions, as well as on our Visualizer Business Intelligence solution.

Visualizer is a great “slice-and-dice” tool which uses our proprietary IBM i security data warehouse to enable you to quickly analyze many millions (and tens and hundreds of millions) of system journal (QAUDJRN) records and network access events. Investigating suspicious security-related events to find the “needle-in-the-haystack” takes seconds using Visualizer!

We highly recommend you access Raz-Lee’s YouTube Channel today!

Contact marketing@razlee.com for more details.


Field & PGP Encryption Article in IT Jungle

Raz-Lee Security’s NEW Field and PGP Encryption product (see http://www.razlee.com/products/security/encryption_tokenization_o.php ) is already being used successfully at companies worldwide.

The latest (good!) news is that Alex Woodie of IT Jungle interviewed Raz-Lee’s CEO/CTO, Shmuel Zailer, at the COMMON US conference in May in New Orleans.

We recommend you read Alex’s great write-up of the interview at http://www.itjungle.com/tfh/tfh072016-story03.html .

Contact marketing@razlee.com for more details.

Case Study: Industrial giant purchases Change Tracker following a 1-week Proof of Concept (POC)!

Raz-Lee’s Change Tracker product, which automatically tracks object and source changes made to production libraries, was recently presented to a publicly-traded household care products manufacturer and wholesaler.

Towards the end of a one-week POC, the company’s CFO and CIO received Change Tracker’s reports; they commented that after having invested in writing an in-house product without success, they were glad to see output which was exactly what the auditor’s requested!

These C-level execs, impressed by the minimal amount of product set up required, authorized the immediate purchase of Change Tracker for their numerous servers.

Contact marketing@razlee.com for more details.

Case Study: Mortgage Bank realizes competitive advantage using AP-Journal

Most of us have taken out a home mortgage at least once and those who have, know that it’s impossible to keep track, over the 20 or 25 year lifespan of the mortgage, of all the changes made to the mortgage!

A leading mortgage bank used Raz-Lee Security’s AP-Journal product for application auditing and security, to position themselves as unique among their competitors by periodically providing customers with a “Mortgage Timeline Report”. This report concisely lists all changes made to the customer’s mortgage since its beginning, leading customers to much better understand their mortgage life-cycle.

The mortgage bank also uses AP-Journal together with HP’s ArcSight SIEM product to provide what their auditor’s say is a “built-proof” auditing solution for all database activities taking place on their IBM i. Using this functionality, the bank was able to cancel maintenance for the IBM i component of a competitive product.

Contact marketing@razlee.com for more details.

Raz-Lee Contributes FREE Anti-Virus Solution to AS/400 Community

Raz-Lee Security is offering the worldwide AS/400 community its recently-released 2012 Anti-Virus product for FREE with a permanent license.

iSecurity Anti-Virus is an AS/400-specific product that keeps the system clean of viruses, Trojan horses and malicious code. Anti-Virus incorporates the ClamAV open source anti-virus engine and is engineered to provide full protection to the server, its file contents and resident or dedicated software.

Click here for details on the offer and download instructions

iSecurity Approved for IBM Tivoli Netcool/OMNIbus Certification

IBM has certified Raz-Lee’s iSecurity for integration with their Tivoli Netcool/OMNIbus, part of Tivoli’s Security Operations Manager, to consolidate complex IT and network operation management tasks. The integration with Tivoli’s SIEM capabilities will enable it to receive Syslog real-time alerts from iSecurity and to consolidate security event information from other IBM i servers, and indeed from multiple hardware platforms, into its single console environment.

Click here to read the full details about the new IBM Tivoli Certification

Verizon Business Report: Most Organizations Slipping out of PCI Compliance Within One Year

Interesting reading: This report states that out of 100 organizations which were certified as PCI compliant in 2010, 75 are no longer compliant in 2011!

To me this means that software such as Raz-Lee’s Compliance Evaluator needs to be used on an ongoing basis in order ensure compliance over time.

Also interesting are the “basic requirements” of PCI Compliance listed in the report, including many supported by Raz-Lee’s other products; these include using firewalls and antivirus, implementing strong passwords and access control, protecting the database, tracking all activity, etc.

In summation, compliance needs to be an “everyday, ongoing process” and organizations need “continuous adherence” to the standard.


PCI Compliance Anyone?

Face-to-face meetings with customers often lead to “real-world” enhancement requests which we at Raz-Lee take seriously…

At recent meetings in the Midwest, we were asked to enhance our iSecurity Firewall product to allow network access to PCI business critical files from ONLY certain IPs addresses.

Our initial intent was to restrict access to these files based upon whether or not specific users are allowed to access such files. That is, if the user tries to access the file from a specific IP address or address-range, their identity will be checked using the definitions of an alternative user.

After discussing this solution with a select group of Firewall customers, we decided to implement a more streamlined, less error-prone solution using Firewall’s Object Security features, to define Location Groups for each file or set of generic files. A Location Group is defined as a set of IP addresses or address-ranges and/or generic device names, from which access to these sensitive files will be either allowed or rejected.

Defining access rights using Files rather than Users greatly simplifies the solution and will serve as the basis for future related improvements based upon PCI auditor’s ongoing requests, which, as always, we intend to implement!

For purposes of monitoring actual access to these sensitive files, which PCI auditors will obviously require/demand, we provide iSecurity Audit, which is based upon the QAUDJRN and uses ZC and ZR audit types. Using iSecurity’s unique Group/Item filter feature, the user can easily define the relevant items which must (or should not- NITEM) appear in the specified Group.

Toyota Boshoku America Inc. Uses iSecurity to Comply with International Regulatory Requirements

By implementing iSecurity’s Firewall, Audit and AP-Journal modules, Toyota Boshoku America has been
able to easily monitor exit points, prevent unauthorized access, automate report generation to meet
audit requirements as well as monitor access down to the record level, which are all critical to their
requirements for complying with J – SOX.

View the full iSecurity-Toyota Bokoshu Case Study