The PowerTech Group Inc. has announced Version 2.0 of PowerTech Interact, the industry leading solution for capturing real-time security events for System i servers.
Interact is a critical enterprise security management component for organizations operating System i servers, the company says. Without Interact, enterprises running System i servers do not have real-time visibility to the intrusion and penetration attempts targeted at their System i servers, which leaves this critical part of their infrastructure unmonitored, according to the company.
Interact protects an organization’s existing investment in security products and training by forwarding OS/400 security events to its existing security infrastructure. When used in conjunction with leading security information management (SIM) consoles or Intrusion Detection Systems (IDS), Interact forwards OS/400 security event information to the attention of enterprise security professionals. With Version 2.0, PowerTech has extended and enhanced Interact to integrate with a variety of industry leading SIM consoles, such as ArcSight, Cisco, IBM (ISS), Symantec, TriGeo, and OpenService among others.
The PCI standard requires event logs be reviewed daily and three months of data is to be kept online. System i servers can generate extremely large log files that are expensive to store on System i. Interact provides a comprehensive filtering capability so only the most relevant events are sent to enterprise consoles, where the data can then be stored more cost effectively. "The PCI Data Security Standard and other privacy regulations insist you store and monitor security event logs for a longer time frame than most organizations are used to,” said John Earl, CTO of PowerTech. "If organizations haven’t made plans for this change, the cost and the burden of managing all that data on the System i could quickly overwhelm them."
Interact harvests and filters events from these sources: the IBM security audit journal (QAUDJRN); the IBM system (QSYSMSG) and system operator (QSYSOPR) message queues; and from other PowerTech security solutions. New features in Version 2.0 include:
- Support for the Syslog industry standard. Syslog is now the most widely accepted vehicle for communicating system information between disparate systems and applications. Every leading Security Information Management console, including open source and shareware products, can already read Syslog data formats, making Interact the most interoperable OS/400 solution on the market.
- Simplified reporting for non-System i users. Seasoned IT security professionals often have difficulty deciphering System i security and technology terminology. PowerTech understands the need to translate this technical jargon to meaningful phrases that can be understood and acted upon by any security administrator.
- Support for real time paging and alerting mechanisms. In addition to standard Syslog support, Interact can also forward security events to any paging, messaging, or emailing service used on an organization’s System i today. If an organization has already invested in a paging or notification solution, Interact will enhance its value and usefulness.
About The PowerTech Group, Inc.
PowerTech is a security expert in managing evolving compliance and data privacy threats with automated security solutions for IBM midrange servers. The company's ServerProven security solutions are straightforward and save valuable IT resources, giving ongoing protection and peace of mind. Because System i and AS/400 servers are used to host particularly sensitive corporate data, it is imperative that IT administrators practice proactive compliance security. As an IBM Advanced Business Partner with more than 800 customers worldwide, PowerTech understands corporate vulnerability and the risks associated with data privacy and access control.
LATEST COMMENTS
MC Press Online