Updated Japanese and German translations.
Implemented the following new Anti-Virus and ATP screens within the GUI for OS versions 7.1 and higher:
Advanced Threat Protection/Real-Time Activities Setting
Maintenance/Start a New Log file
Real-Time (“on access”)
Real-Time Detection (“on access”)/Activation
Real-Time Detection (“on access”)/Exclude Directories
Real-Time Detection (“on access”)/Include Directories
Refresh Virus Definitions/Display Last Update Time
Refresh Virus Definitions/Refresh
Refresh Virus Definitions/Schedule Refresh
Scan IFS Directory (SCANAV Command)/Exclude on Regular Scan
Scan IFS Directory (SCANAV Command)/Include on Regular Scan
Scan IFS Directory (SCANAV Command)/Schedule Scan
Sample images of updated screens:
Firewall – exit points:
- List adjusted to native with SSHD, PWDVL2 Password Dictionary and Sockets.
- Added “Check Free Style rules” to table and in the editing window
The GUI can be forced now to work in SSL by the native side.
This is controlled via STRAUD > 89 > 59:
Attempting to use a regular connection results in error message. At this time the connection that was used is already closed:
This is how it looks if you just click on “Test Connection”:
- Corrected the offset in the buffer returns from calling authorization program SMZT/GSEPWDR.
- Added support for auth level 3.
Example for auth level 3:
This is how it appears in the GUI:
New screen – Reports Index. A quick listing of ready reports which contains a mix of native and IFS reports:
There is a pre-filter to control initial period of time to display:
The index itself:
Audit & Firewall Queries: when running a query to Visualizer output, it is possible now to drill directly into the underlying Firewall or Audit log.
Status reports are not part of the feature as there is only the outfile behind them.
Example with Firewall query. First step – run the query into Visualizer output:
Second step – click on “Drill to Data” and select the “Firewall Log” link:
Third step – Firewall log screen is opened. Note the new node on the navigator tree:
When the log screen is closed, the node is deleted from the navigator tree:
In the case of a missing translated string, the string will be retrieved from the default English translation file.
- String externalization and additional German translation.
- Updated logo.
- Added a Graphics header which collapses and expands the chart.
Collapsed Filter, Results and Chart:
Expanded Results and Chart:
Firewall – System Configuration – Log/Query output order (for Firewall 17.52)
Audit – System Configuration – Log/Query output order (for Audit 14.00)
Audit Settings: added support for 7.3 new system values *NETSECURE, *NETTELSVR, *NETUDP:
Capture 5250: added Email of screens feature:
Firewall – General parameters: update to IFS Authorities (added ‘Yes, from higher dir Allowed only’):
Firewall – Incoming IP: added support for FILE SERVER for versions higher than 17.46:
Audit: Activation node is now under main Audit node:
Visualizer for Firewall & Audit: new layout for time filter:
Firewall – Server Settings: About server screen:
Firewall RECALC: adjustment to native to support *DIFFONLY and *SAMEONLY. (this will function only for future Firewall release)
Firewall – incoming IP: added capability to specify generic* *LCL-XXXXXXXX names instead of IP:
Firewall – General Parameters: Setting DB-OPEN and SQL adjusted to native. We support also ‘Files to Exclude’:
Firewall: added Activation screen that includes Suspend/Resume Activity:
Journal – Application Output
- Added a Type column to distinguish between Applications and Reports:
- The title of the wizard window says if this is an Application or a Report.
- If report, the wizard is opened directly on the Time and Date page:
Actions – Alert Messages: adjustment to native, SYSLOG is made into SIEM and address is enabled for writing for all types:
AOD Activation: until version 5.00 the subsystem was SMZODTA/ZAUTH. Newer versions use SMZTMPC/ZAUTH.
Compliance – System Values Ranking – Tooltip displaying system value information:
Compliance Plans: new Query name field is read only now and there is a new ‘Clear’ button:
Compliance: setting of base line has been moved from Audit Settings to a new node under the Compliance node.
Added a new feature: Base-Line set as per Counts in Compliance Query. This will show only for Audit release greater than 13.46.
New Replication node added to the root of the navigator tree and System Values Replication log has been moved there as a child node:
Firewall, Server Settings: adjustment to native changes for 17.52 – SMZ8/GSEPNTR has one additional parameter.
Audit – Control Message Queues: adjusted to native (support for QHST):
Firewall (native version required is 17.52):
- Added ‘Check Firewall Security’.
- Firewall Log: added recalc feature.
Audit Queries: added action field as adjustment to native.
Audit General Groups: Item length can be 20 now and can contain any character.
- AOD – added collected data.
- Change Tracker: added ‘Maintain CT Log Files’.
Journal Application – Visualizer tab: the command prompter is used for collecting latest data. This enables a recreate of the statistical file.
Journal: added activation screen.
AOD: Pin Code field was removed from wizard page
Compliance Queries – a fix for cases where Firewall is not installed on the AS400 .
Compliance queries have references to SMZTMPA that are checked now.
Also there is a UI fix: upon editing a Compliance query, Firewall query radio button will be kept disabled:
Compliance – a fix for listing $T and $S Audit queries when ‘Topic of values’ is selected. The fix is by proper CCSID handling.
- Capture 5250: Fix the problem of Capture displaying wrong screens.
- Compliance – displaying of screens data: a bug fix to prevent “SQL Exception: An undefined column name was detected” due to field name SVV#IT. (related to #20180055)
Capture 5250: Capture Data – all buttons controlling frames navigation are disabled upon data retrieval. When in slide show only the Play/Stop button is enabled.
This is a bug fix. In previous state when navigation buttons were pressed during data retrieval it resulted in displaying the wrong frames (the meta data of the frame showing on the frames combo did not match the frame).
As per customer request we bring back the ‘Export to Excel’ feature of the results table:
New iSecurity images:
- The structure of the Compliance Node was updated from:
- The Central Administration was adjusted to native from:
- Output Fields per File > Fields to ignore – a bug fix where in cases where there was a single field, it was presented as a Not Checked field.
- Adjustment was made to the native (“green”) program.
When the screens are compressed, a call was added to the native program to make them available.
- Also, a test was added for existence of member to enable more accurate message when screens are not found.
Authority on Demand (AOD)
- Active jobs – Node is properly assigned now to Authority on Demand™ (AOD).
Scheduler for Firewall/Audit/AP‐Journal
- Bug fix regarding the synchronization between the GUI and IBM’s prompter.
User input was saved incorrectly.
- Bug fix regarding authority of the Change‐Tracker module – If library
SMZTwas missing, Anti‐Virus module’s menu option did not show on the iSecurity™ Navigator Window’s Menu tree.
Audit Real Time Detection Rules and Queries and Reports
- A warning message for empty filter, in Audit (and other applications) Queries and
Reports and was added.
For computability reasons (with the native/”green” version), two (2) changes were
made to the iSecurity™ Navigator Window:
- In the Authority on Demand (AOD) menu item, and
- In the Queries and Reports menu item.
Authority on Demand (AOD)
Instead of the old Authority on Demand Log menu item, now there is a Log menu item which presents three (3) sub‐menu items:
- The old Authority On Demand Log menu item,
- Two (2) new Print Log menu items:
- i. Print Log + Attachments
- ii. Print Log + Entered Commands
Queries and Reports
In the Queries and Reports menu item, under the Queries sub‐menu item, an Authority on Demand Queries was added.
In the Visualizer Business Intelligence products, both Audit and Firewall (and other applications as well), instead of the old Tab management system, now there is a new button ( > ) in the Tools Menu.
When clicked upon, it opens a drop‐down list box allowing selection of the Active Tab.
To save time on searching for the specific Tab name:
Once in the list box’s search bar (marked with yellow in the screen capture below), the user may type the letters included in the required Tab Name.
As a result, the list of Tabs will minimize to present the Tab Names which include
The new button in the Tools Menu:
The new drop‐down list box:
- The default for command output was adjusted to native.
Journal Application Definitions
- Adjusted to native with support for IASP, Auto Backup older data and Exit program (after filter).
- Added verification of journal when editing an application or a report.
User profile Report in Visualizer Business Intelligence
- ● Drill‐down feature extended to support:
$A, $B, $C, $D, $G, $P, $Qqueries types.
Compliance – Run Plan
- Adjustment to native changes.
The Excel output file was created with a name other than GUI requested.
- Updated to display GUI only specific content.
Visualizer™ Business Intelligence
- The constant String
**No value**is displayed now as
- Session Properties now includes a list of installed modules, found in the Versions tab.
- In Scheduler for Audit, Firewall and AP‐Journal, the list of commands for a report
was adjusted to native.
- A new ‘Type’ column has been added to the Report/Application definitions, in the Application definition tree.
Editing Report or Application Definitions
NOTE: This can be done with Report/Application definitions that are not enabled.
- The AP‐Journal can now be modified, while the user can switch between the two ‘Types’.
- When editing a file that belongs to a Report, only the Filters dialogue box is available.
- When editing a file that belongs to an Application, only the filter and alerts are available.
New Application Wizard
Report creation was added.
Application Output – Containers
Subsets which required the native command
DSPAPJRN to be supplied as a PTF have been fixed.
A modification to enable work with large amount of users was added.
The Members table displays initially only included members.
The ‘Add’ button now prompts for multiple user additions.
By unchecking a checkbox, a user will be removed from the group.
Same table is available when editing all aspects of the group.
- Users and Groups – The Group Security table is now sorted by checked members.
Visualizer Business Intelligence for Audit and Firewall
- An initial time filter was added –
'By last n days'.It is set as the default option.
Firewall/Audit New Query Wizard
- Firewall/Audit New Query – when selected output format is
'Textual Description'the output fields page is not displayed.
- Firewall/Audit Edit Query – when selected output format is
'Textual Description'the output fields tab although displayed, allows for empty selectionof output fields.
- Bug fix for error that is caused due the previous addition of output fields length.
In Audit Query (as well as other applications), the default
'From time' and
'To time' for Run Query for most products was adjusted to native side. Default time covers 24 hours a day.
Next to the time controls there is now a link that allows for convenient reset of the time to that default.
- In Audit Query, the users can now browse
“Type of access”by Field or Value, using textual or numeric code.
- IFS Security ensures upper‐case only for file system and directory names.
- In Queries, the ability to edit output fields’ length was added.
Copy IFS file to PC
- A possible fix for rare cases of ‘Sharing violation’ was added when attempting to
access an IFS file.
Workspace Location Prompt
- This feature is part of iSecurity GUI version 4.7.10. It enables ease of selection of user’s workspace.
This feature is useful mainly for shared environments where the same installation is used simultaneously by two or more users.
Each can set his own private accessible location without blocking other members.
NOTE: There is a slight difference between new installations and existing installations that perform an update.
New Installation Scenario
When the GUI starts, the Workspace Launcher screen is the workspace location prompt.
Historically, Raz‐Lee used
isecurity_workspace3 located in the user’s home directory – that is the initial location.
Users can browse or type to select a different directory.
If the location specified does not exist, the system will make an attempt to create it.
The prompt is displayed each time the GUI starts unless the ‘
workspace as the default and do not ask again' button is
The prompt will display if the system is unable to set the requested location.
Access per Instance
Access per Instance, as the next step following setup of the location, is to lock it to ensure access by a single instance only.
If this step fails, the application will terminate.
Failure to lock a default location will pop up the following error message:
"Could not launch the product because the associated workspace is currently in use by another application,
or is either invalid or read-only. Application will exit.
Would you like to delete default location?".
The user has the option to delete the default location, causing the location prompt to display at the next application restart.
Activating the GUI™ for the first time following an update, the system tries to set the previous workspace location.
- If accomplished successfully, the GUI will show as usual but the location is saved and upon next restart the prompt will show pointing to last workspace used.
- If failed to set the location, the location prompt will display just as it does for a new installation.
Setting the prompt from within the application
This can be set also from the Preferences window – This is a global preferences that effects the installation itself rather than the workspace and thus useful mainly for use in a single user scenario.
The Audit Settings was adjusted to match the native (“green‐screen”) options, including support for the latest OS/400™ releases:
*SECURITY– Security related events
|*SECCFG– Security configuration is audited
|*SECDIRSRV– Changes done by directory service functions
|*SECIPC– Changes to inter‐process communications
|*SECNAS– Network authentication service actions
|*SECRUN– Security run tine functions
Queries and Reports>QueriesAudit Queries – Support for
$H audit types was added, with a dedicated
'initial object selection' screen.
Authority on Demand (AOD)
Authority on Demand (AOD) log support was enhanced to match native (“greenscreen”) options.
In addition, the constant
CMDNOTPGM was changed to
CMDAODINT to solve a Trace
The Firewall – IFS Security directory subtree settings for generic names (new in native) was added.
Adding and Editing Queries was adjusted to native; not more than 100 fields can be selected for output and sort.
Visualizer™ Business Intelligence
- Assorted improvements and bug fixes for Visualizer Business Intelligence.
- Cache feature is commented as per this release.
Visualizer Business Intelligence operation might situate substantial load on the memory of the PC.
- Bug fix – When set to Collect latest data on start, the initial query that is executed when activating Visualizer™ Business Intelligence ran twice.
- Visualizer Settings – Selection of date intervals in various screens – the initial interval uses dynamic instead of absolute dates.
In Control Message Queues users can now work with any
CCSID that maps the
@ character to a different symbol.
In Firewall>Users and Groups node, in Application Groups, Location Groups, and User Groups, users can now work with any CCSID that maps the
# characters to a different symbol.
Visualizer Business Intelligence
In Drill to Log from Firewall, date values are now displayed correctly.