securing iseries 400

5 Star Awardfor DetectIT fromSecure ComputingDetectIT has achieved the maximum5 Star Award by Secure ComputingMagazine “All in all, this is avery comprehensive system ofwhich we have only just scrapedthe surface. If you are usingAS/400’s, while you may alreadyhave some security eitherfrom OS/400 or from othersecurity applications, none thatwe have so far seen, deliversecurity and management ascomprehensive as DetectIT.”SafeStone Technologies PLC isa global leader in securitysystems management providingorganizations with secure accesscontrols across the extendedenterprise, enabling effectivemanagement and compliance ofthe corporate IT and e-businessinfrastructure.SafeStone solutions are enterprisewideproviding policy compliance,auditing facilities, vulnerabilityassessment, intrusion detection,user access management andweb access control.thesecuringiseries 400®DetectIT QualityGuaranteeSafeStone’s product quality andall the company proceduresare audited by BVQI externalauditors twice a year to ensureconformance. DetectIT has beenregistered with BS EN ISO9001and TickIT for quality since 1993.TickIT is awarded to companieswho follow a quality softwaredevelopment process.SafeStone’s software is alsoprotected by an Escrowarrangement, currently lodgedwith the NCC underagreement 5609.The Americas HeadquartersInternational Head OfficeDeveloped from over 15 years ofspecialized experience in the ITsecurity marketplace, SafeStone’ssolution suite is comprised ofthe award-winning DetectIT forthe iSeries 400 and AxcessITwhich delivers secure accessand Web-based control forthe enterprise.The Americas HeadquartersSafeStone Technologies, Inc.600 Alexander Park, Suite 303Princeton, NJ 08540Tel: 1 800 558 3544Fax: 1 609 750 8655enquiries.usa@safestone.comInternational Head OfficeSafeStone Technologies, PLCSafeStone House, Church StreetOld Amersham, Bucks HP7 0DBTel: +44 1494 723 372Fax: +44 1494 723 377enquiries@safestone.comwww.safestone.comThe IBM logo is a registered trademark and the IBM Business Partner emblem is a trademarkof International Business Machines Corporation and are used together under license.

tionaSystems•People•AdministrManage Your IT Security Policy for theiSeries withSafeStone’s DetectIT eliminates securityexposures while greatly enhancing securitymanagement and access efficiency forthe IBM iSeries 400 (AS/400). Administratorsgain precise control over systems andinterdependent security environments.Automated, easy-to-use interfaces providesimple, centralized control of iSeries 400networks, profiles and users. You spend lesstime struggling with complex proceduresand more time delivering secure dataand applications to your enterprise.DetectIT automates time-consuming tasks,centralizes iSeries 400 security control acrossnetworks of iSeries 400’s, manages howother platforms access the iSeries, andprovides granular security for objects,applications and databases.ManageEAuditxamine•Assess•ReportAccess•UsControlPowerful BenefitsDetectIT provides total confidence thatsystems are properly protected.• Easy implementation of security policies• Quick and intuitive graphical user interfaces(GUI’s) allow easy administration• Seamless integration of the best technologyavailable to provide enterprise-widesecurity for multiple operating systems,applications and databases• Central control of access and securitywith remote delegation capabilitiesvia Local Security Administrators• Modular, cost-effective system• OS upgrades do not affect the DetectITdeploymentEnvironmentss•MultipleMonitorMessages•Profiles•ObjectsIn order to meet the needs ofcomplex and changing securityenvironments, DetectIT is modularby design. Each module providesdistinct security control, andthey integrate into a seamless,complementary, impassable layer.®Access Security systems oftenControl lack the flexibility tomirror the way youwork,making it difficult toreflect the security requirementsof different departments andworkgroups. By design,DetectIT Access Controlprovides enhanced flexibility,customization and centralizedcontrol.• Subdivide iSeries 400’s toflexibly manage separatesecurity environments• Enroll users on multipleiSeries 400’s with singlesign-on capability• Synchronize passwordsand profiles• Customize time-out, activesessions, password controland profile control for eachsecurity environment• Delegate tasks to “localsecurity administrators”without compromisingcentral control of security• Comprehensive interrogation• Automated activation,suspension and deletionof profiles• Increase access securitylevels with RSA SecurID*• Easily manage profiles• Simplify administration* DetectIT and RSA Securityprovide the only two-factoruser identification andauthentication solutionfor the iSeries 400.Audit &DetectIT AuditMonitor Control and Monitorhelps simplifythe process of extracting andexamining activity data onthe iSeries 400.• Total monitoring of all systemactivities, security violations,breaches and unauthorizedevents• Monitor all security messages• Monitor specific profiles• Monitor files and objectsfor changes• Automated alerts• Interrogate files for anyfield-level changes• Filtered, summary anddetailed audit reports• Event-driven reportingenterprise-wide• Print audit reports• User-friendly GUIExaminer Policy EveryCompliance organizationControlneeds todefine securitypolicy and then monitor andmanage compliance withthat policy. DetectIT Examinerautomatically checkscompliance of iSeries 400settings against a pre-definedpolicy.• Create new policies withoutprogramming or SQL skills• Templates included forstandardor recommended policies• Add new policy groups asnew functions to the iSeries400 are added• Flexible reporting forcorporate-wide, groupor item complianceAdvanced DetectITIntegration for interfaces withMulit-Platforms a number ofcomplementaryenterprise security systemsincluding Symantec’s EnterpriseSecurity Manager (ESM) andIntruder Alert, RSA’s SecurID ® ,and J.D. Edwards throughQSoftware’s Aquila. With thesesystems, DetectIT can securethe entire enterprise, fromthe iSeries 400 to the desktop.Client/Server DetectITControl Client/ Servercontrols howrequests received from clientmachines are processed onyour iSeries 400. It monitorsall the exit points for requestsgenerated by different typesof servers by creating aseparate Client/Server securityenvironment and overcomingany conflicts with the authorityprocessing in the iSeries 400legacy system.• Control how clients accesscritical data on the iSeries 400• Control all server tasks, ODBC,DDM and DRDA file accessesand data queue applications• Control TCP/IP access, FTP filetransfers, remote commandsand REXEC• Activate a file monitor onthe iSeries 400 to keep aclose watch on sensitive files