Command-line Control & Monitoring
iSecurity Command provides total control over system and user defined CL commands, regardless of how the CL command was entered. iSecurity Command provides the ability to control CL commands, their parameters, origin, context, the user issuing the CL command, etc., and provides easy-to-define ways to react to these situations. During CL command processing, iSecurity Command can Allow, Allow with Changes, Execute Different or Reject the CL command.
CL commands control nearly all IBM i functionality. As such, monitoring, controlling and logging CL commands is essential for both the on-going functioning of the company as well as to comply with regulations such as GDPR, SOX, HIPAA, PCI and auditor-mandated policies.
To properly analyze a CL command parameter, accurate referral is required. iSecurity Command is the only product that has the ability to refer to each part of a complex parameter separately, as well as to the parameter as a whole. Command includes a variety of selection criteria which enable replacing, adding or removing qualifiers, elements and list elements!
- System or User Defined CL commands can be filtered according to the relationship between parameters, originator (job, user, IP) and context (from which program, environment)
- Reference to a specific qualifier or element allows differentiating between “PAYROLL” as part of the file name or the library name itself
- Selection criteria include EQ, LIST, LIKE, START, etc. and ITEM, which ensures the existence of a specific user in an external table to verify that the user has, for example, special authority
- CL command Reject or Allow with or without modifications may initiate alerts by e-mail, Syslog, Tweeter, etc.
- Replace, prior to execution, an element, a qualifier, an entire parameter or the CL command itself
- Extensive log with a full Report Generator produces HTML and PDF reports and sends them by e mail