I?ve been given the task of trying to determine the best method(s) for detecting and auditing access to our AS/400 systems via the TCP/IP servers. Traditional AS/400 object security doesn?t seem to be the answer, and I do not feel we have the time to develop a ?home grown? solution. The only product that I have come across is PowerLock by PowerTech. This product seems to address our concerns. Does anybody have experience (good/bad) with this product? Are there other products that you would recommend? Thank you for your time, Chris
Unconfigured Ad Widget
Collapse
Announcement
Collapse
No announcement yet.
AS/400 intrusion detection & auditing of TCP/IP servers
Collapse
X
-
AS/400 intrusion detection & auditing of TCP/IP servers
Hi Chris, Try http://www.pentasafe.com/products/as400s.htm Look for chapter "Secure". Vadim
Comment
-
AS/400 intrusion detection & auditing of TCP/IP servers
Chris - Although we don't use a product like this, I suppose the two best-known companies in this area are Powertech (www.400security.com) and Pentasafe (www.pentsafe.com). One of the main architects of the Powertech product is John Earl, who is a well-known figure in /400 security circles, a security advisor (or some cool title) to Midrange Computing, and a contributor to this forum. I think Powertech offers only /400 products, but I could be wrong. Pentasafe offers products that run on the /400, NT, and Unix. To my knowledge, they were the first 3rd party security product offered for the AS/400 (FWIW). They offer a 10 point security check for free on their Web site (or they will send you a CD) that everyone should download and run, if only to see where your vulnerabilities are. (Beware - downloading or requesting a CD is closely followed by a call from a salesman but I guess you should expect that when you 'register' to download, right?) From the demos that I've seen, both company's products perform similar function. They both secure most exit points and allow you to specify authorized users to the functions secured by exit points. I'll let you determine the differences and their significance to your environment. HTH, Steve
Comment
-
AS/400 intrusion detection & auditing of TCP/IP servers
Steve, Thank you for your time and thoughts...I appreciate your input. We will be checking out PowerLock this week, and I'll look in to the other. By the way, what does "FWIW" and "HTH" mean (if you don't mind me asking)? I'm kind of new at this(obviously!?). Thanks again! Chris
Comment
-
AS/400 intrusion detection & auditing of TCP/IP servers
I forgot to write the link: http://www.kisco.com/safenet.htm
Comment
-
AS/400 intrusion detection & auditing of TCP/IP servers
You sent your problem long time ago and I assume that you have already had your answers. But anyway there is another solution and I think it's worth checking. It's called Bsafe/400e and you can find details about it at :www.bsafesolutions.com
Comment
Comment