|Partner TechTip: IBM i Security: The Simple Truth About IBM i's Network Exit Points|
|Tips & Techniques - Security|
|Written by Robin Tatam|
|Monday, 15 October 2012 00:00|
Are you still debating the argument surrounding network exit points?
PowerTech began selling a network exit point solution more than 16 years ago. Since then, hundreds of customers have embraced the concept of exit points, making Network Security our best-selling solution. However, many people remain unaware of the existence of exit points while others declare that they don't need them. Why is there such a marked difference of opinion? And who's right?
What's An Exit Point?
An exit point is the stage in a process when a user-written program, known as an exit program, can be invoked in order to enhance the functionality of the original process. Some exit points only allow the exit program to perform an auxiliary function. Others return a pass/fail code that directs the original process to continue or to stop processing.
Software vendors sometimes provide exit points within their applications to enable functionality that can't be provided in the base application, and IBM i contains exit points for many system functions and for pre-processing transactions coming through network interfaces, such as FTP and ODBC.
So What's the Big Deal?
The mere presence of an exit program does not make the exit point more secure. To add value to the security infrastructure, a network exit program should perform two basic functions:
Why Wouldn’t Everyone Want Them?
So why do some people believe that network exit programs are unnecessary? At first glance, users accessing data via network protocols appear to be utilizing a "back door" into the database. While some interfaces surprisingly do allow commands to be executed by limited-capability users, the reality is that IBM i object authorization still reigns supreme, regardless of the access methodology.
The problem is that many organizations base "security" solely on legacy techniques and ignore object-level controls. Legacy techniques work well for green-screen users but fall short against powerful desktop access tools.
I contend that a solid foundation provides the best chance of securing your server, but often circumstances prevent its full implementation. An exit program can facilitate access control and auditing, leaving the original legacy security to effectively control 5250 users.
However, even well-secured systems running without exit programs could suffer in two areas:
Performance is a consideration when deploying an exit program, and steps should be taken to minimize the overhead. First, ensure that the exit program is coded optimally to handle large volumes of transactions. Then, consider the types of applications in use. Use an exit program that can switch off functionality so that the performance impact can be gauged before activating all features.
Build vs. Buy
Significant evidence supports the fact that well-written exit programs add value to an organization. Experts agree that commercial exit program solutions, such as PowerTech Network Security, are typically far more robust and functional than programs developed in-house.
In the 2012 "State of IBM i Security" study, 66% of audited servers had no exit programs, and nearly 10% of those that did had only one exit point covered. It's rare for internal programmers to include the necessary functionality in their exit programs. Auditors frown upon self-policing, and writing exit programs to monitor one's own activity is a conflict of interest that fails the separation-of-duties requirement of most compliance standards.
Make a Dramatic Exit
My suggested action items include:
|Last Updated on Thursday, 11 October 2012 15:51|