Raz-Lee Contributes FREE Anti-Virus Solution to AS/400 Community

Raz-Lee Security is offering the worldwide AS/400 community its recently-released 2012 Anti-Virus product for FREE with a permanent license.

iSecurity Anti-Virus is an AS/400-specific product that keeps the system clean of viruses, Trojan horses and malicious code. Anti-Virus incorporates the ClamAV open source anti-virus engine and is engineered to provide full protection to the server, its file contents and resident or dedicated software.

Click here for details on the offer and download instructions

iSecurity Now Supports QSH and PASE Logging, Reporting & Alerting

OS/400’s inability to log QSHELL activity left an opening in the overall IBM i auditing process and imposed a serious security risk to an organization. This lack of functionality has become significantly more serious with the ever-increasing use of this environment in IBM i shops. In response, Raz-Lee has developed the unique ability to log QSHELL for QSH and PASE in the IBM i.

Until now, people using native OS/400 could log standard OS/400 commands, but there was no way to log QSHELL commands. Now, companies using iSecurity Audit can run commands – entered during an interactive session as well as when entered as parameters in the QSH and STRQSH commands – that are part of the QSHELL environment to delete and write to files, create directories and more.

Click here to read the full details about iSecurity’s added support for QSH and PASE Logging, Reporting & Alerting

iSecurity Approved for IBM Tivoli Netcool/OMNIbus Certification

IBM has certified Raz-Lee’s iSecurity for integration with their Tivoli Netcool/OMNIbus, part of Tivoli’s Security Operations Manager, to consolidate complex IT and network operation management tasks. The integration with Tivoli’s SIEM capabilities will enable it to receive Syslog real-time alerts from iSecurity and to consolidate security event information from other IBM i servers, and indeed from multiple hardware platforms, into its single console environment.

Click here to read the full details about the new IBM Tivoli Certification

Verizon Business Report: Most Organizations Slipping out of PCI Compliance Within One Year

Interesting reading: This report states that out of 100 organizations which were certified as PCI compliant in 2010, 75 are no longer compliant in 2011!

To me this means that software such as Raz-Lee’s Compliance Evaluator needs to be used on an ongoing basis in order ensure compliance over time.

Also interesting are the “basic requirements” of PCI Compliance listed in the report, including many supported by Raz-Lee’s other products; these include using firewalls and antivirus, implementing strong passwords and access control, protecting the database, tracking all activity, etc.

In summation, compliance needs to be an “everyday, ongoing process” and organizations need “continuous adherence” to the standard.


PCI Compliance Anyone?

Face-to-face meetings with customers often lead to “real-world” enhancement requests which we at Raz-Lee take seriously…

At recent meetings in the Midwest, we were asked to enhance our iSecurity Firewall product to allow network access to PCI business critical files from ONLY certain IPs addresses.

Our initial intent was to restrict access to these files based upon whether or not specific users are allowed to access such files. That is, if the user tries to access the file from a specific IP address or address-range, their identity will be checked using the definitions of an alternative user.

After discussing this solution with a select group of Firewall customers, we decided to implement a more streamlined, less error-prone solution using Firewall’s Object Security features, to define Location Groups for each file or set of generic files. A Location Group is defined as a set of IP addresses or address-ranges and/or generic device names, from which access to these sensitive files will be either allowed or rejected.

Defining access rights using Files rather than Users greatly simplifies the solution and will serve as the basis for future related improvements based upon PCI auditor’s ongoing requests, which, as always, we intend to implement!

For purposes of monitoring actual access to these sensitive files, which PCI auditors will obviously require/demand, we provide iSecurity Audit, which is based upon the QAUDJRN and uses ZC and ZR audit types. Using iSecurity’s unique Group/Item filter feature, the user can easily define the relevant items which must (or should not- NITEM) appear in the specified Group.

Why Insider Threats are so Dangerous and Prevalent

Disgruntled employees, recently fired or not given raises can do the biggest damage to the company. They know the organization from the inside and know exactly were the sensitive information is stored.

A case like that happened in Vodafone who has fired several staff in NSW for breaking into databases to steal customer information.

Read more here: http://www.smh.com.au/technology/security/vodafone-sacks-staff-over-database-breaches-20110114-19q0y.html

Visualizer in the News!

Following System i Network’s recent focuson Raz-Lee’s YouTube channel, iSecurity’s acceptance into IBM Italy’s Smart Business Program and MCPress Online’s article on Visualizer, IBM Systems Magazine’s January 2011 Product News features our Visualizer Business Intelligence product which assists companies worldwide to analyze and pinpoint security and management issues in a user-friendly, slice-and-dice GUI.

Revolutionary Business Intelligence Capabilities in Raz-Lee’s iSecurity Visualizer

Raz-Lee Security, a leading supplier of information security solutions for IBM Power i servers (iSeries/AS/400), has enhanced its iSecurity Visualizer with revolutionary Business Intelligence capabilities which will help companies analyze and pinpoint security and management issues based upon all security and management-related queries which can be executed from the iSecurity GUI.

For the past three years, Raz-Lee has offered its customers an advanced, Eclipse-based Business Intelligence solution called Visualizer for easily analyzing network access and QAUDJRN activity in a friendly graphic user interface environment. This solution enabled users to instantaneously find the “needle in the haystack” in order to investigate potential security breaches whether originating from the network or transpiring on the IBM i itself.

With the addition of the new capabilities, Visualizer now analyzes:

• Firewall log files

• Audit log files

• AP-Journal application data

• Output of Firewall queries

• Output of Audit queries including User Profile-related queries

• Output of queries which have been run and stored on disk (Database Reports)

Of special interest, the ability to analyze User Profile based queries via Visualizer adds an essential dimension to the challenge of defining, synchronizing and managing User Profile information, especially in multiple partition environments.

In addition, Visualizer now has “Drill To” capabilities for easily defining or changing security rules based upon specific network access or QAUDJRN events, as well as for dynamically displaying a table view of BI-filtered data, enabling export to Excel, PDF, CSV and HTML files.

Raz-Lee Security sees this functional expansion of Visualizer as a major step forward in helping customers obtain real benefit from iSecurity as well as in differentiating iSecurity from ALL competitors.

“Anyone reading the professional trade press over the past year or so has undoubtedly been impressed by the ever increasing number of articles centering on the potential benefits to companies attained by using Business Intelligence technologies,” said Eli Spitz, VP Business Development, Raz-Lee Security. “Our revolutionary Visualizer BI product responds to this trend and gives our customers the cutting edge technology they deserve.”

iSecurity AP-Journal Enhanced with Full GUI Support

Raz-Lee Security, a leading supplier of information security solutions for IBM Power i servers (iSeries/AS/400), has enhanced iSecurity AP-Journal with an Eclipse-based GUI environment. This makes Application Security easier than ever to implement and use.

AP-Journal keeps managers closely informed of all changes in their valuable information assets and streamlines IBM i journaling procedures. AP-Journal’s standard features include: 

  • Addressing PCI, SOX, HIPAA, etc. requirements for closely monitoring and raising alerts when application data changes
  • Long-term storage of sensitive business information, independent of journal receiver lifecycle to adhere to storage limits
  • Output as e-mailed CSV, HTML, PDF attachments, Outfile, Print or within GUI
  • READ operations selectively added to OS/400 Journal Receivers, complying with PCI requirements for accessing sensitive data
  • Timeline & cross-application reports based upon user-defined business items
  • Real time Syslog, SNMP and Twitter alerts, in addition to alerts sent as e-mails, SMS messages, operator messages, etc.
  • “Mass” uploading of data base update information directly to SIEM systems via Syslog without I/O overhead of writing to disk

The new GUI support in AP-Journal includes:

  • Defining applications, including:
    • Journaled files
    • Business items which are common fields appearing in multiple files
    • Filtering rules for long term retention of selected data fields
    • Defining alerts based upon pre-determined field-level thresholds and activities
  • Reporting on application changes, including “before” and “after” data images based on:
    • OS/400 journal receivers
    • Special purpose journal containers which contain long term, application-specific information
  • Using the unique business intelligence interface, Visualizer, to:
    • View summary data based on any application or journal header field
    • Isolate the desired population instantaneously
    • Accessing the detailed data corresponding to the desired population

“Our AP-Journal product has proved to be an ongoing success, and has been selling successfully worldwide for several years,” said Eli Spitz, VP Business Development, Raz-Lee Security. “In fact, AP-Journal’s success was instrumental in bringing about the recent press focus on IBM i Application Security, in addition to “traditional” infrastructure security aspects like network access, QAUDJRN monitoring and reporting, and user profile auditing”.








AP-Journal had a significant impact at Toyota Boshoku America which attained JSOX compliance by providing reports on changes in application files. Another especially interesting implementation of AP-Journal was at Promedico which included

  • Preventing undue blockage of customer orders on account of credit limitations
  • Checking the validity of updates to pharmaceutical product’s expiration dates

Accelerating the supply process