Case Study: Mortgage Bank realizes competitive advantage using AP-Journal

Most of us have taken out a home mortgage at least once and those who have, know that it’s impossible to keep track, over the 20 or 25 year lifespan of the mortgage, of all the changes made to the mortgage!

A leading mortgage bank used Raz-Lee Security’s AP-Journal product for application auditing and security, to position themselves as unique among their competitors by periodically providing customers with a “Mortgage Timeline Report”. This report concisely lists all changes made to the customer’s mortgage since its beginning, leading customers to much better understand their mortgage life-cycle.

The mortgage bank also uses AP-Journal together with HP’s ArcSight SIEM product to provide what their auditor’s say is a “built-proof” auditing solution for all database activities taking place on their IBM i. Using this functionality, the bank was able to cancel maintenance for the IBM i component of a competitive product.

Contact marketing@razlee.com for more details.

Revolutionary Business Intelligence Capabilities in Raz-Lee’s iSecurity Visualizer

Raz-Lee Security, a leading supplier of information security solutions for IBM Power i servers (iSeries/AS/400), has enhanced its iSecurity Visualizer with revolutionary Business Intelligence capabilities which will help companies analyze and pinpoint security and management issues based upon all security and management-related queries which can be executed from the iSecurity GUI.

For the past three years, Raz-Lee has offered its customers an advanced, Eclipse-based Business Intelligence solution called Visualizer for easily analyzing network access and QAUDJRN activity in a friendly graphic user interface environment. This solution enabled users to instantaneously find the “needle in the haystack” in order to investigate potential security breaches whether originating from the network or transpiring on the IBM i itself.

With the addition of the new capabilities, Visualizer now analyzes:

• Firewall log files

• Audit log files

• AP-Journal application data

• Output of Firewall queries

• Output of Audit queries including User Profile-related queries

• Output of queries which have been run and stored on disk (Database Reports)

Of special interest, the ability to analyze User Profile based queries via Visualizer adds an essential dimension to the challenge of defining, synchronizing and managing User Profile information, especially in multiple partition environments.

In addition, Visualizer now has “Drill To” capabilities for easily defining or changing security rules based upon specific network access or QAUDJRN events, as well as for dynamically displaying a table view of BI-filtered data, enabling export to Excel, PDF, CSV and HTML files.

Raz-Lee Security sees this functional expansion of Visualizer as a major step forward in helping customers obtain real benefit from iSecurity as well as in differentiating iSecurity from ALL competitors.

“Anyone reading the professional trade press over the past year or so has undoubtedly been impressed by the ever increasing number of articles centering on the potential benefits to companies attained by using Business Intelligence technologies,” said Eli Spitz, VP Business Development, Raz-Lee Security. “Our revolutionary Visualizer BI product responds to this trend and gives our customers the cutting edge technology they deserve.”

iSecurity AP-Journal Enhanced with Full GUI Support

Raz-Lee Security, a leading supplier of information security solutions for IBM Power i servers (iSeries/AS/400), has enhanced iSecurity AP-Journal with an Eclipse-based GUI environment. This makes Application Security easier than ever to implement and use.

AP-Journal keeps managers closely informed of all changes in their valuable information assets and streamlines IBM i journaling procedures. AP-Journal’s standard features include: 

  • Addressing PCI, SOX, HIPAA, etc. requirements for closely monitoring and raising alerts when application data changes
  • Long-term storage of sensitive business information, independent of journal receiver lifecycle to adhere to storage limits
  • Output as e-mailed CSV, HTML, PDF attachments, Outfile, Print or within GUI
  • READ operations selectively added to OS/400 Journal Receivers, complying with PCI requirements for accessing sensitive data
  • Timeline & cross-application reports based upon user-defined business items
  • Real time Syslog, SNMP and Twitter alerts, in addition to alerts sent as e-mails, SMS messages, operator messages, etc.
  • “Mass” uploading of data base update information directly to SIEM systems via Syslog without I/O overhead of writing to disk

The new GUI support in AP-Journal includes:

  • Defining applications, including:
    • Journaled files
    • Business items which are common fields appearing in multiple files
    • Filtering rules for long term retention of selected data fields
    • Defining alerts based upon pre-determined field-level thresholds and activities
  • Reporting on application changes, including “before” and “after” data images based on:
    • OS/400 journal receivers
    • Special purpose journal containers which contain long term, application-specific information
  • Using the unique business intelligence interface, Visualizer, to:
    • View summary data based on any application or journal header field
    • Isolate the desired population instantaneously
    • Accessing the detailed data corresponding to the desired population

“Our AP-Journal product has proved to be an ongoing success, and has been selling successfully worldwide for several years,” said Eli Spitz, VP Business Development, Raz-Lee Security. “In fact, AP-Journal’s success was instrumental in bringing about the recent press focus on IBM i Application Security, in addition to “traditional” infrastructure security aspects like network access, QAUDJRN monitoring and reporting, and user profile auditing”.

 

Cont.

 

 

 

 

 

AP-Journal had a significant impact at Toyota Boshoku America which attained JSOX compliance by providing reports on changes in application files. Another especially interesting implementation of AP-Journal was at Promedico which included

  • Preventing undue blockage of customer orders on account of credit limitations
  • Checking the validity of updates to pharmaceutical product’s expiration dates

Accelerating the supply process

New iSecurity Release Includes Red-Hot Features: Unicode, Twitter, Syslog, SNMP, Smart Wizards

Herzliya, Israel – July 5, 2010 – Raz-Lee Security, a leading supplier of information security & compliance solutions for the IBM Power i, announced a new release of iSecurity and Scope products. This major release of iSecurity and Scope products is especially significant as it harnesses Raz-Lee’s unique technological capabilities to cover market needs and customer requests. In addition, all Raz-Lee products support IBM’s new release, 7.1.

In particular, Raz-Lee’s unique support in FileScope and CodeScope for Unicode will enable companies to easily support multi-language applications and universal source code.

The new and powerful features added to the iSecurity products in this release include:

  • GUI – including support for AP-Journal, GUI Help integration, table export to PDF, HTML, CSV, Excel, ODS and more.
  • Firewall – including inheriting in-product IFS authorities from a higher directory or file , streamlined rules support for multiple libraries, web application server performance improvements, SQL long names, using “model libraries” for defining security rules and more.
  • AP-Journal – Significant Syslog performance enhancements when sending all file updates to Syslog SIEM viewer.
  • Audit – New Raz-Lee audit types ($Q, $U, $V, $W) for monitoring and reporting, audit type C@ now includes descriptive subtypes and more.
  • Action (including all products using Action: Firewall, Audit, AOD, AP-Journal, Anti-Virus) – Authenticated e-mail, support for SNMP & Twitter added to existing Syslog support, standalone SNMP and Twitter commands.
  • Screen – supports SIGNOFF with or without ending the connection.
  • Native Object Security – Smart wizard analyzes current security-related object definitions in library and pinpoints security-level exceptions.
  • Replication – Supports Program Exceptions for Replication.
  • FileScope – Supports Unicode in all product functionality, activity tracing as in Action above, authenticated e-mail.
  • CodeScope – Supports Unicode.

“We are proud to announce this feature-rich new release,” said Shmuel Zailer, Raz-Lee Security. “With hot new features such as Unicode, Twitter, Syslog, SNMP and Smart Wizards, we are well-equipped to meet the current and future needs of our customers.”

Full iSecurity Solution for Multi-System/Multi-LPAR Environments

Raz-Lee Security, a major vendor of security solutions for IBM Power i computers, has developed a comprehensive solution for Multi-System/Multi-LPAR environments, in response to the trends to “downsize” and consolidate servers.

As the number of special-purpose systems and LPARs at enterprises worldwide grows, it is critical that user profile definitions including passwords as well as system values are synchronized between the different Power i systems, allowing for exceptions as needed in Production, Test or Development environments. Naturally, synchronization must entail minimum overhead to both systems and the personnel mandated with managing user profile information.

Raz-Lee has identified this trend and consequently tailored a full security solution for multi-system/multi-LPAR environments. The solution, integrated in the iSecurity product suite, includes:

  •  Replication – duplicates user profiles including passwords and other user profile definitions, as well as system values, from one system/LPAR to another, and synchronizes all parameters such as user authorities in all systems.
  • Compliance Evaluator – compares compliance of different systems/LPARs
  • Centralized Reporting – references and collects data from several systems/LPARs and creates reports in “merged” or individual format
  • SYSLOG – the ability to interface with all leading SEM (Security Event Management) products is supported by iSecurity
  • Central Administration – exports and imports product definitions & logs between different systems

“In order to uphold our status as a top-notch Power i security provider, we make it our business to identify relevant market trends and provide our customers with the exact solutions they are looking for,” said Eli Spitz, VP Business Development, Raz-Lee Security. “No other company has our abundance of features for Multi-System/Multi-LPAR environments, which is yet another unique feature for our iSecurity solution.”

Raz-Lee Introduces iTweet, Supporting Bi-Directional Messaging Between Twitter & Power i

Raz-Lee Security, a leading global supplier of information security & compliance solutions for the IBM Power i, has released iTweet, a product enabling instant messaging over Twitter for the Power i.

iTweet sends selected messages to relevant users through www.twitter.com. These messages are sent effortlessly and instantaneously to users. These messages include event information, message queues, alerts on changes, deletes or reads, emergency changes in user authorities, IFS viruses detected, field-level changes to data and even VIEW of pre-defined “unreadable” data object deletion.

The tool provides a bi-directional interface between Twitter and the Power i, so that users can reply from Twitter to the Power i, for example when an error/inquiry message appears.

Messages can be received through PCs, cell phones or PDAs. A secure environment can be configured, ensuring that only relevant users can view them.

iTweet is available both as a standalone tool and as a feature integrated into other iSecurity products such as Audit, Authority on Demand, AP-Journal, Anti Virus and more. Security alert support via iTweet is in addition to existing support for alerts in the form of e-mails, MSGQ, SNMP messages, SYSLOG, SMS, etc.

In order to adapt to Twitter’s limitation of up to 100 messages per hour, the iSecurity SYSLOG assigns security levels to each message in order to decide which messages to send.

“Twitter, a highly popular social marketing tool, is mostly used for recreational or marketing purposes. iTweet, however, utilizes its easy and immediate qualities for purely technical and functional purposes. iTweet can be a real help for System Administrators and Power i users, speed up processes and streamline knowledge flow.”

All iSecurity Products Now Support SYSLOG Real-Time Monitoring

Raz-Lee Security Inc., a major vendor of security solutions for IBM Power i computers, announced that SYSLOG real-time notification messages are now supported in all iSecurity products, including Audit, AP-Journal, Authority on Demand and Anti-Virus.

iSecurity’s SYSLOG feature sends events from various Power i facilities (such as logs and message systems) to remote Security Information and Event Management (SIEM) servers.

The advanced iSecurity SYSLOG capacity enables the system administrator to categorize events according to a range of severities such as emergency, alert, critical, error, warning, notice, informational and debug. It also enables the user to decide under which conditions the Power i should send a SYSLOG message, to choose the IP address of the SYSLOG server, the facility from which the message is sent, the severity range and the recipients, as well as decide whether the SYSLOG message should contain all events from iSecurity Firewall or only the rejected entries. Another useful feature is the ability to easily define the message structure, rather than receiving the standard long message and having to manually divide it into intelligible parts.

One of Raz-Lee’s Israeli customers, among the largest insurance firms in the country, makes extensive use of iSecurity SYSLOG, and transmits the entire journal receiver log using SYSLOG messages. Approximately 1000 alerts are transmitted per second, utilizing only 1% of the CPU.

“Our SYSLOG facility is not only spreading to additional products, but also to more and more customers worldwide,” said Eli Spitz, VP Business Development, Raz-Lee Security. “It gives customers the utmost flexibility to control both message conditions and content, thereby making security in the organization considerably more efficient.”

Meuhedet, a Major Israeli Health Fund, Chooses iSecurity!

meuhedet_logoMehuhedet, one of Israel’s major health funds, has selected our very own iSecurity solution for protecting its System i environment. Meuhedet’s iSecurity implementation includes Firewall, a solution supplying complete protection from infiltrations and unauthorized access, covering all relevant protocols. It also includes an IDS (Intrusion Detection System generating real time alerts) and Screen, a solution for protection of unattended workstations.

And how do they use it? First and foremost, for monitoring internal and external access to the server, blocking unauthorized users and checking problems with the entry attempts of users who have proper permissions. iSecurity also enables monitoring the entries into the system and watching the data on each entry through a user-friendly log.

What does the customer have to say about iSecurity? “iSecurity gets the job done,” said Itsik Rejiniano, a System Programmer at Meuhedet Health Fund. “It provides total protection for the server, but on the other hand, offers the user easy and effective management capabilities.”

For more information visit our site www.razlee.com

Written by Shari Masafy, MarCom Manager at Raz-Lee Security
Email Shari Masafy at
marketing@razlee.com

Choosing the Right Security Approach: Object-level Security vs. Transaction-based Security

Before selecting a System i Security solution, you must first determine the best security approach for your needs. Some systems offer an Object-level security approach, while others have a Transaction-based approach. What does this difference really mean?

Essentially, Object-level security enables you to define a “white list” of the objects (such as files) which can be accessed by all or specific users; such an approach enables specifying the exact access type (Read, Write, Update,…) for each object as well.

Transaction-based security, however, does not have this capability. Instead, this approach uses a mechanism called Memorized Transactions. With this mechanism, certain transactions are kept in a separate area (not in the log), and analyzed to check if the a pattern or particular template can be used as a security rule, or as the structural basis for allowing or disallowing access to objects. Naturally, pattern recognition is a CPU intensive task which can negatively affect process time for each transaction.

Our flagship product, iSecurity, uses Object-level security together with an intuitive algorithm in which more specific rules are analyzed before generic ones are referenced. Using this algorithm, iSecurity requires only one successful I/O with minimal CPU to find the exact rule.

The advantages of Object-level security are:

Better Performance
Object-level security is far superior in the area of performance. With Transaction-based security, the greater the number of memorized transactions, the larger the number of comparisons needed for each incoming TCP transaction (FTP, SQL, etc.). And more applications in use means more transactions generated, more rules that need to be defined, and more transactions that need to be memorized.

Less Security Exposures
Unlike Object-based security, Transaction-based security compares transactions character by character, which means that unimportant differences between transactions may render important security rules useless.

Installation & Maintenance Issues
With Transaction-based security, the administrator needs to carefully review each transaction, determine which transactions require rules, and memorize those transaction definitions. The above procedure is time consuming and, more importantly, extremely error prone. Errors in defining the rules can easily lead to actual security breaches and serious monetary and reputation losses to your company.

Written by Eli Spitz, VP Business Development, Raz-Lee Security
Email Eli Spitz at
marketing@razlee.com

5 "Must-Have"s for System i IT Managers

checklist2I’ve often wondered about what IT Managers – and their superiors – really need in the areas of security and compliance.

The importance of security is pretty obvious: A security breach, be it a hacking trick done by a teenage kid from across the globe or an embezzlement carried out by “an enemy from within“, can easily make the company’s stock value and “bottom line” take a huge nose dive. And don’t forget the personal damage to the manager’s career… That alone is enough to get you to make sure that systems are totally secure and that audit trails exist!

Also, as auditors become more and more powerful in their organization, demanding answers, figures and proof of everything that happens, IT Managers have no choice but to “supply the goods” and the means for these auditors to get their jobs done.

So here are my thoughts on the 5 “must-haves” for IT Managers these days:

1) Click Click – Single click access to a single page summary report, presenting, in a “top-down” manner, all exceptions to security policies on all systems in the environment. One example of such an interface is Raz-Lee’s iSecurity GUI.

2) Take it Easy – Easily enable system administrators, auditors- and managers!- to define, run and schedule compliance reports running over selected systems in their environment.

3) A Picture’s Worth a Thousand Words – Single screen graphical (i.e. business intelligence oriented) access to security-oriented data warehouse with on-line drill down capabilities to isolate and identify security breaches and related events. See iSecurity GUI Screens for an example of this.

4) Know Where you StandSingle click assessment of how the site is complying with defined policies (either IBM’s, best practices or the site’s defined baseline policies).

5) Automate It – Automatic responses to potential security breaches and events which will enable identifying the intruder and accumulating court-acceptable evidence.

Raz-Lee’s iSecurity, an advanced System i Security product suite, addresses all 5 “Must Haves” .  Email marketing@razlee.com for a free consultation on the best security solution for you.

Written by Shmuel Zailer, CEO, Raz-Lee Security
Email Shmuel Zailer at marketing@razlee.com