Cilasoft, one of the fastest-growing security and compliance solution vendors in the IBM i marketplace, announces several enhancements to its CONTROLER and EAM Solutions that are the first to provide a comprehensive data-centric security policy.
Enhanced Exit Point Security with Cilasoft CONTROLER
IBM’s recent enhancement to the Open Database File exit point can be used to complement or even replace the traditional way in which exit points are used. However, until now this feature has not been utilized by IBM i security software vendors to enable a full data-centric policy instead of the traditional method based solely on individual protocols. Covering any eventuality of access in a single data-centric policy revolutionizes the access control landscape.
Additionally, with IBM’s introduction of Socket Exit points in iOS 7.1, access to this socket activity was not captured by any exit point and this was considered an ignored topic that security software vendors often didn’t talk about. CONTROLER’s new data-centric policy capabilities, however, automatically provides a solution for securing access to socket activity.
A comprehensive data-centric policy is an enormous breakthrough, but it must be tempered with a robust rules-based vocabulary to provide granular control of access under complex, multi-environment conditions. With this new release, the vocabulary in CONTROLER has been further expanded to include port and SQL attributes, providing yet another way the product has a distinct advantage over its competitors.
Controlling Performance of SQL Statements with Cilasoft CONTROLER
The latest release of CONTROLER also includes the ability to identify CPU consumption for its SQL queries and then adjust job priority, kill the job or take any other action if usage exceeds preset limits. This is useful when you want to improve database access performance and also avoid long running queries that dramatically slow down machine performance.
ODBC and JDBC Compatibility Added to Cilasoft EAM
Enhancements to Cilasoft’s Elevated Authority Manager (EAM), a solution for controlling user activity and managing user profiles on IBM i, now provides full compatibility with 5250 and ODBC/JDBC environments, making it the first IBM i security software vendor to do so. Elevated authority is granted in a rule-based way, allowing users to perform some SQL tasks, while keeping a history of user’s actions, down to the SQL statement level.
“Expert users and security managers will readily appreciate this announcement as a significant one,” comments Guy Marmorat, President of Cilasoft. “Once again, our blend of IBM i security solutions continue to stay ahead of new security threats while providing up-to-date and easy-to-use compliance, auditing and data control software products. At Cilasoft, our focus is actively and solely centered on the security of IBM i environments. Some security vendors in the community collect maintenance fees without doing significant product improvements, yet we continuously invest in expanding the capabilities of our security products so they provide our customers the best possible protection.”
CONTROLER is a global access control product that complements IBM i OS security, either in classic mode or through the use of adopted authorities. The product not only covers exit points using all the traditional access methods, such as FTP, ODBC, DDM, DRDA, Netserver, etc. but also all system or user commands (whether issued remotely or directly from a 5250 interface), jobs, SQL instructions from the SQE engine, and files invoked by the CQE engine and file opening.
EAM (Elevated Authority Manager), the newest Cilasoft product, allows you to provide additional authorities on an as needed basis, which reduces the number of permanent powerful user profiles (administrator, security officer, etc) on your system. With EAM you can efficiently control user activity on the IBM i platform to help meet your companies’ compliance with regulations such as Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standards (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA), etc.