Command Level Security
What is iSecurity Command?
iSecurity Command monitors and filters commands and its parameters before they are run, enabling you to control each parameter, qualifier or element, in conjunction with the context in which it executes. Options include Allow, Allow with Changes, and Reject. Product includes a comprehensive log, proactive alerting and easily integrates with SIEM.
- Makes defining commands rules more flexible as opposed to an all or nothing approach
- Real-Time Alerting enables companies to ensure commands usage policy aren’t being violated
- Full reporting capabilities ensures that security compliances are being met
Features of iSecurity Command
The AS/400 or IBM i is a command driven OS. Commands can be executed via a command line, program (RPG, Cobol, C etc.), Qshell, FTP, SQL, SSH, ODBC etc. With iSecurity Command you now have the capability to protect against command usage outside your security policy for Power Systems including AS/400, iSeries, and System i. The flexibility exists where rules can be setup to control the commands usage at the parameter level as opposed to just having the option of giving authorization or not to the command which is generally is the only option available without a product like iSecurity Command. Therefore, an IBM i command can be made available for the end-user to use in a restricted and secured way, for example; Using iSecurity Command, you may implement a rule for developers to change approved objects in specified TEST libraries only and restrict the command usage for the CHGPF command against production libraries.
Setup iSecurity COMMAND Rules
iSecurity COMMAND allows admins to setup command rules by adding the command using F6. A default rule is generated and is reflected in the color magenta. A specific ALLOW or DENY rule can then be generated based on this rule with full filter conditions available using multiple Boolean operators for the required combinations of command parameters (such as; profile name, ip address, library etc.) to restrict access.
Real-Time Alerting and Logging
iSecurity COMMAND can send Real Time Alerts & process CL commands based command usage activity. If a command is executed in a restricted fashion we can generate alerts via e-mail, MSGQ, SMS, Syslog, Twitter, SNMP; alert messages can be event-specific, including replacement variables, or standard alert messages. Logs can be viewed online or sent to output queue or outfile.
Full Report Capabilities
iSecurity COMMAND comes with a powerful Report Generator allows users to quickly and easily create audit reports without programming. Queries employ robust selection criteria such as AND/OR, equal/not equal, greater/less than, like/not like, included in list, etc. Only the information that you really need is included. Report formats are fully customizable. Scheduler can be defined to automatically send weekly, monthly, yearly etc. reports based on a predefined reporting plan.