QMessage Monitor Now Offers Option-Level Security

Development Tools / Utilities
Typography
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

New features in V7 can both limit and audit internal user access.

CCSS has announced new security features in V7 of QMessage Monitor (QMM), the company's real-time message monitoring and escalation solution. The latest version of QMM has option-level security, which gives administrators greater power to limit both individual and group use of functions and individual records.

Using the new functions, security lists can be created and maintained by administrators who can assign other users to form a particular group (e.g. Support) and dictate its level of access to QMM functions. Once a security list has been defined, these lists can be entered against a range of options including: Automated Responses, Events, Escalation Procedures and Exit Programs, among others. For each option, there is a separate create and access authority which is indicated with the list name. For example, the members of security list known as "Support" may be able to access escalation procedures, but only members of the "Administrator" list will be able to create new records or procedures. Users can easily determine who has access to delete, change or copy individual records in the QMM database.

Should a user who has access to a particular system record but does not have the authorization to create or change records (because he is not on the list of users allowed to perform these actions) then he will be prevented from doing so if he tries to breach the limits of his authorization.  Access attempts of this nature can be audited for full compliance, ensuring the highest levels of visibility—regardless of whether the attempt was benign or malevolent. By adding this to the usual message queues being monitored by QMM, real-time insight of security violations can be identified with full details (including user, type of violation and result) and escalated for the immediate attention of administrators.

The new option level security features are extended further with an ability to secure sequence number ranges. In this case, IT Managers or administrators can use the Auto-Reply Specifications maintenance screen in QMM to add a group (e.g. Support) and include a sequence number with this "Support" security list to prevent unauthorized users from updating or adding records within this range. Again, any user attempts to update, change, copy, add or delete any records within this range will be blocked and the attempt can generate an audit message which is sent to the security message queue.

"These new security features go to the heart of how users work in demanding real-world environments," says Paul Ratchford, product manager for CCSS. "In large scale environments, data centers in multiple locations for instance, you might have three or more administrators at each site—so in theory, that’s nine people with the ability to make one small change that could impact everyone. These new features focus on four key access areas: Option, Create, Record, and Auto-Reply. All of it is auditable and that’s extremely important in creating and maintaining a transparent and accountable environment."

The enhancements seen in V7, which include the new Database Monitoring function, are most distinguished by their focus on security, but additionally, CCSS has included several time-saving features relating to the installation and PC user interface. V7 supports an ability to easily export rules, shortcuts, and even the "look and feel" of a PC configuration, much like a customized template, which is particularly useful and time-saving for managed services environments or sites with a large number of users. Users will also benefit from the new capability which automatically checks to ensure the latest version of the PC software is installed for any PC connected to the central iSeries system. If an older version is running, then the newer version will be automatically downloaded to the PC. This feature will increase consistency of PC-to- iSeries software throughout the environment, reducing the chance of errors, requirement for support assistance and time spent on upgrading PCs.

For more information about QMessage Monitor V7 and a guided tour of all the new features hosted by product manager Ratchford, click here.


CCSS has announced new security features in V7 of QMessage Monitor (QMM), the company's real-time message monitoring and escalation solution. The latest version of QMM has option-level security, which gives administrators greater power to limit both individual and group use of functions and individual records.

Using the new functions, security lists can be created and maintained by administrators who can assign other users to form a particular group (e.g. Support) and dictate its level of access to QMM functions. Once a security list has been defined, these lists can be entered against a range of options including: Automated Responses, Events, Escalation Procedures and Exit Programs, among others. For each option, there is a separate create and access authority which is indicated with the list name. For example, the members of security list known as "Support" may be able to access escalation procedures, but only members of the "Administrator" list will be able to create new records or procedures. Users can easily determine who has access to delete, change or copy individual records in the QMM database.

Should a user who has access to a particular system record but does not have the authorization to create or change records (because he is not on the list of users allowed to perform these actions) then he will be prevented from doing so if he tries to breach the limits of his authorization.  Access attempts of this nature can be audited for full compliance, ensuring the highest levels of visibility—regardless of whether the attempt was benign or malevolent. By adding this to the usual message queues being monitored by QMM, real-time insight of security violations can be identified with full details (including user, type of violation and result) and escalated for the immediate attention of administrators.

The new option level security features are extended further with an ability to secure sequence number ranges. In this case, IT Managers or administrators can use the Auto-Reply Specifications maintenance screen in QMM to add a group (e.g. Support) and include a sequence number with this "Support" security list to prevent unauthorized users from updating or adding records within this range. Again, any user attempts to update, change, copy, add or delete any records within this range will be blocked and the attempt can generate an audit message which is sent to the security message queue.

"These new security features go to the heart of how users work in demanding real-world environments," says Paul Ratchford, product manager for CCSS. "In large scale environments, data centers in multiple locations for instance, you might have three or more administrators at each site—so in theory, that’s nine people with the ability to make one small change that could impact everyone. These new features focus on four key access areas: Option, Create, Record, and Auto-Reply. All of it is auditable and that’s extremely important in creating and maintaining a transparent and accountable environment."

The enhancements seen in V7, which include the new Database Monitoring function, are most distinguished by their focus on security, but additionally, CCSS has included several time-saving features relating to the installation and PC user interface. V7 supports an ability to easily export rules, shortcuts, and even the "look and feel" of a PC configuration, much like a customized template, which is particularly useful and time-saving for managed services environments or sites with a large number of users. Users will also benefit from the new capability which automatically checks to ensure the latest version of the PC software is installed for any PC connected to the central iSeries system. If an older version is running, then the newer version will be automatically downloaded to the PC. This feature will increase consistency of PC-to- iSeries software throughout the environment, reducing the chance of errors, requirement for support assistance and time spent on upgrading PCs.

For more information about QMessage Monitor V7 and a guided tour of all the new features hosted by product manager Ratchford, click here.


BLOG COMMENTS POWERED BY DISQUS