Case Study: Mortgage Bank realizes competitive advantage using AP-Journal

Most of us have taken out a home mortgage at least once and those who have, know that it’s impossible to keep track, over the 20 or 25 year lifespan of the mortgage, of all the changes made to the mortgage!

A leading mortgage bank used Raz-Lee Security’s AP-Journal product for application auditing and security, to position themselves as unique among their competitors by periodically providing customers with a “Mortgage Timeline Report”. This report concisely lists all changes made to the customer’s mortgage since its beginning, leading customers to much better understand their mortgage life-cycle.

The mortgage bank also uses AP-Journal together with HP’s ArcSight SIEM product to provide what their auditor’s say is a “built-proof” auditing solution for all database activities taking place on their IBM i. Using this functionality, the bank was able to cancel maintenance for the IBM i component of a competitive product.

Contact marketing@razlee.com for more details.

Visualizer in the News!

Following System i Network’s recent focuson Raz-Lee’s YouTube channel, iSecurity’s acceptance into IBM Italy’s Smart Business Program and MCPress Online’s article on Visualizer, IBM Systems Magazine’s January 2011 Product News features our Visualizer Business Intelligence product which assists companies worldwide to analyze and pinpoint security and management issues in a user-friendly, slice-and-dice GUI.

Raz-Lee Security Joins IBM Smart Business Program in Italy

iSecurity™ is now available on the IBM Smart Market applications portal, and is integrated into the IBM Smart Cube, a Power i server preloaded with all required applications to best serve customer needs.

Raz-Lee Security, a leading supplier of information security & compliance solutions for the IBM Power i, announced that it has been included in the IBM Smart Business Program, the business program launched in Italy for Power i and based on a concept of an integrated solution, easy to find, install, manage and support. This certification is a significant official milestone in terms of Raz-Lee’s cooperation with IBM in the Italian market. Raz-Lee’s iSecurity packs are the only 3rd-party compliance & data security solutions listed on the IBM Smart Business portal. With iSecurity, Raz-Lee succeeds in covering all customer business needs in the areas of Security and Data Protection, providing help and support for the IT Dept for better management of system and applications.

“By installing our iSecurity™ software solutions, IBM Power i customers instantaneously receive an important advantage over hardware platforms competing with IBM Power i – they immediately become compliant with the most important local and international security regulations,” said Nicola Fusco, Southern Europe Area Manager, Raz-Lee Security. “The IBM i Smart Business program’s integration of software and services creates a solution that is much more convenient for the customer, without having to search for separate solutions, pay for them and then spend hours on integrating them. Instead, the customer just plugs in and activates an already-secured and configured Smart Cube in a quarter of the time normally required to get business applications up and running”.

Below are the iSecurity packs listed in IBM Smart Business Portal:

Logs & User Control Package – the basic iSecurity™ package for System Administrators, which provides data security and compliance with the Italian regulation concerning System Administrators activities with reports generation, allowing the export of SYSLOG.

System Administrator Package – the complete solution for meeting the requirements of system administrators regulation and company regulation for protecting corporate data, providing optimized centralized control of assets in cases of infrastructure “multi-system”.

Power i Resources Management Package – this package covers company security needs, including modules that control and manage the system (resources, accounting users, rehabilitation activities) which usually involves the direct activity of the technical staff. It also represents an always-available automatic operator, which, by setting rules and controls, provides for corrective actions and/or warning also by integrating messaging services (email, fax, sms).

Power i Applications Package – contains modules that provide services to facilitate and accelerate activities related to user applications: delivery time, rollout and testing of new applications, user accounts, displaying changes in fields without changing the code of the applications, and monitoring data changes in certain fields with real-time notification of administrators.

Raz-Lee’s Power i Security Innovations Draw Crowds at COMMON 2010

Raz-Lee Security drew quite a crowd around its new security enhancements at COMMON 2010, in Orlando, Florida. This year’s COMMON was attended by over 1200 people, the vast majority being Power i decision-makers focused on implementing the latest and most efficient new Power i technologies, in particular for security and compliance.

Numerous visitors flocked to Raz-Lee’s booth to learn about its innovations, and group sessions were held in order to provide information to all interested parties. Attendees were well-aware of industry regulations and auditor’s requirements, and were eager to select the right products to ensure compliance with regulations, especially products which could provide “out-of-the-box” PCI, SOX, HIPAA, etc. compliance templates and “ready-to-run” reports.

The Press also took notice of Raz-Lee’s success at COMMON, as seen in the following links:

IT Jungle: Raz-Lee Gets the Twitter Bug

System i Network: At COMMON 2010, Raz-Lee Security Says IBM i Getting Younger

System i Network: In Honor of COMMON’s 50th, Raz-Lee Offers Advanced File Editor with Full Unicode—Free to IBM i Community

MCPressonline:   Raz-Lee Freely Celebrates COMMON 50

IBMSystemsMagazine: Raz-Lee Security Releases i Twitter Solution, Other Enhancements

Among the products which were of particular interest to visitors and the Press were:

• Native Object Security – enables system administrators to easily define target security levels per object and object type, and to check for inconsistencies between actual and planned object security settings. The product also enables using generic object names, and includes full reporting features. Also, a new artificial intelligence-based wizard builds an optimal set of security rules for a group of objects, based on analysis of the current security settings of the objects in a directory.

• User Profile & System Value Replication – synchronizes user profile definitions, user passwords and system values between different systems and LPARs, allowing for exceptions as needed in Production, Test or Development systems. Synchronization is accomplished with minimum overhead to both the actual systems and the personnel mandated with managing user profile information. The product also replicates system value definitions between systems, using “optimal” system values defined in Compliance Evaluator and “baseline” site-defined values.

• Compliance Evaluator – enables managers a quick, comprehensive view of the compliance scores for all systems in the enterprise and provides detailed compliance-related reports with various levels of detail.

• Syslog/SNMP/Twitter Support – sends security alerts instantaneously to relevant SIEM systems or users through www.twitter.com. These message alerts include detailed event information and alerts on application data changes, deletes or reads, emergency changes in user authorities, IFS viruses detected, malicious access to the Power i , and much more.

• FileScope – FREE SOX and PCI compliant file editor with full Unicode (UTF-16, UCS-2) support and full activity tracing via Syslog, SNMP, Twitter, MSGQ, SMS and e-mail.

“We were flattered by the outstanding level of interest and attention our products generated at COMMON this year,” said Shmuel Zailer, CEO, Raz-Lee Security. “Customers know they can turn to Raz-Lee to achieve the level of compliance they need, as well as to continuously monitor all Power i infrastructure and application security events in their enterprise.”

Written by Shari Masafy
Email Shari at
sharim@razlee.com

Raz-Lee Offers Advanced File Editor with Full Unicode – FREE!

Raz-Lee Security, a major world-wide vendor of security solutions for IBM Power i computers, has enhanced its feature-rich SOX and PCI compliant file editor, FileScope, with full Unicode (UTF-16, UCS-2) support, to comply with the prevalent international standard. Unicode support is totally unique in the Power i data manipulation market and encompasses ALL FileScope facilities including Substring, Scan and Subset functions.

Unicode, a fundamental building block for international e-business, allows data from many different languages to be stored in one repository. Today’s business world demands that IT systems be able to present content and conduct transactions in all major worldwide languages. Unicode enables a single set of application source code to be written to process data in any language. It also makes the addition of new language support to an existing e-business application relatively simple since character processing and storage remains unchanged. This results in lower costs of implementation, faster time to market, and higher customer satisfaction.

FileScope is packaged in both Gold and Platinum versions, both of which support the new Unicode capability. While technologically similar, the Platinum version supports more SOX, PCI, auditing and file journaling capabilities, making it more appropriate for large and mid-sized shops.

As part of the announcement, Raz-Lee will provide, for a limited time, FileScope/Gold with Unicode Support at $0(!) including free maintenance for up to three months.

FileScope’s Unicode support enables viewing SAP, JDE, MOVEX, BPCS, and other files. The following functions are supported for these and similar files:

  • Display file contents
  • Print file contents
  • Update records (single record, full screen, global changes)
  • Scan for fields
  • Subset records (OPNQRYF) including all Tests such as EQ….LIKE 
  • Substring field values
  • Undo changes (up to 99 days)

Raz-Lee also offers FileScope Platinum, an upgraded version, which includes (in addition to the Gold Edition features):

  • Improved SOX/PCI support
    • SYSLOG/SNMP Messages for SIEM – transmits up to 1000 lines per second.
    • User Activity List Email – including users, times and actions.
  • XML support
  • Report Generator
  • Full Screen Update

 ”A Unicode-supporting file editor is a highly desirable product, unrivaled by any other company, and we’ve already witnessed the demand for it” said Shmuel Zailer, CEO, Raz-Lee Security. “It is a fitting enhancement for our FileScope product, which is already well-stocked with unique features such as Undo, Join and User activity list emails – also unique to Raz-Lee’s technology.”

All iSecurity Products Now Support SYSLOG Real-Time Monitoring

Raz-Lee Security Inc., a major vendor of security solutions for IBM Power i computers, announced that SYSLOG real-time notification messages are now supported in all iSecurity products, including Audit, AP-Journal, Authority on Demand and Anti-Virus.

iSecurity’s SYSLOG feature sends events from various Power i facilities (such as logs and message systems) to remote Security Information and Event Management (SIEM) servers.

The advanced iSecurity SYSLOG capacity enables the system administrator to categorize events according to a range of severities such as emergency, alert, critical, error, warning, notice, informational and debug. It also enables the user to decide under which conditions the Power i should send a SYSLOG message, to choose the IP address of the SYSLOG server, the facility from which the message is sent, the severity range and the recipients, as well as decide whether the SYSLOG message should contain all events from iSecurity Firewall or only the rejected entries. Another useful feature is the ability to easily define the message structure, rather than receiving the standard long message and having to manually divide it into intelligible parts.

One of Raz-Lee’s Israeli customers, among the largest insurance firms in the country, makes extensive use of iSecurity SYSLOG, and transmits the entire journal receiver log using SYSLOG messages. Approximately 1000 alerts are transmitted per second, utilizing only 1% of the CPU.

“Our SYSLOG facility is not only spreading to additional products, but also to more and more customers worldwide,” said Eli Spitz, VP Business Development, Raz-Lee Security. “It gives customers the utmost flexibility to control both message conditions and content, thereby making security in the organization considerably more efficient.”

Raz-Lee Security to Sponsor a Webcast and Host a Press Conference at COMMON 2010

Raz-Lee Security will be involved in two exciting Power i events in the upcoming weeks – a Webcast and a Press Conference at COMMON.

Raz-Lee, together with its US distributor, Software Engineering of America (SEA), is sponsoring a one-hour webcast by Mel Beckman, senior technical editor for System iNEWS. The topic of the webcast is “Managing Security in Multi-System and Multi-LPAR Environments”, and it will take place on April 22, 2010 at 12:00PM EST. Click here for more information.

In addition, Shmuel Zailer, CEO of Raz-Lee Security, will hold a Press Conference entitled: “The Power i – Getting Younger Daily!” at the upcoming COMMON 2010 conference in Orlando, Florida. The press conference will focus on some of the fresh, modern features available for the Power i in Raz-Lee’s products, which enhance the users’ experience and streamlines their workflow. These features, include an ever-improving GUI interface, advanced business intelligence analysis of a network access and QAUDJRN data warehouse, extended SYSLOG support, time-saving wizards and soon to be announced support for SNMP and Twitter alerts.

“We do indeed believe the Power i is getting younger every day, while still preserving its status as a long-time favorite amongst its users,” said Shmuel Zailer, CEO, Raz-Lee Security. “The Power i’s user experience is ever changing and improving, thanks to companies like Raz-Lee, which continually investigates users’ needs in and develops new tools to accommodate them.”

Raz-Lee Security to Showcase iSecurity User Profile & System Value Replication, Native Object Security at Common 2010

common1Herzliya, Israel – March 25, 2010 – Raz-Lee Security will demonstrate its advanced Power i security solutions at Common 2010, Booth 610, on May 3-6 at the Hilton Orlando in Orlando, Florida.

COMMON is the annual meeting of the COMMON membership and the largest gathering of the Power Systems user community. COMMON 2010 will mark a significant milestone of 50 years – a true testament to the strength and vibrancy of this professional user community.

The Annual Meeting is COMMON’s largest educational event of the year, with four full days of in-depth IBM i and AIX education that includes all-day pre-conference workshops, all-day Integrated Seminars, open labs and a wide variety of regular-length sessions.

The conference’s Opening Session will demonstrate an unprecedented level of support and recognition of COMMON by IBM, with a special message from Sam Palmisano, IBM’s Chairman of the Board, President and Chief Executive Officer, as well as a keynote address by Mark Shearer, VP, Marketing, Communications and Sales Support, IBM Systems and Technology Group.  

Raz-Lee Security will take the opportunity to display, among other products and capabilities:

  • Native Object Security – enables system administrators to easily define target security levels per object and object type, and to check for inconsistencies between actual and planned object security settings. The product also enables using generic object names, and includes full reporting features.
  • User Profile & System Value Replication - synchronizes user profile definitions, user passwords and system values between different systems and LPARs, allowing for exceptions as needed in Production, Test or Development systems. Synchronization is accomplished with minimum overhead to both the actual systems and the personnel mandated with managing user profile information. The product also replicates system value definitions between systems, using “optimal” system values defined in Compliance Evaluator and “baseline” site-defined values.
  • Compliance Evaluator – enables managers a quick, comprehensive view of the compliance scores for all systems in the enterprise and provides detailed compliance-related reports with various levels of detail.

 ”The 50th anniversary of COMMON and IBM’s ever-increasing participation at COMMON both attest to the solid position of the Power i in today’s enterprises,” said Shmuel Zailer, CEO, Raz-Lee Security. “As renowned Power i experts and enthusiastic supporters of iManifest (the international initiative promoting the Power i), we are delighted to witness this development and are confident that it will lift this unique platform to new heights.”