-
For
Security Administrators only - Take a look at a quick
andeasy intrusion exercise....
Are
you protected from existing iSeries/400 users?
Secure/Net+ is a unique
iSeries/400 product designed to enhance security in the
client server arena. It provides additional security
checks when remote requests are received by an iSeries/400
computer. These security checks are designed to stop
authorized users from performing "unauthorized"
functions on the iSeries/400. By capturing incoming requests
from clients attempting to access server functions,
Secure/Net+ reacts and performs a series of checks based on
defined rules, creating an audit trail of all remote
requests received and rejected.
WIZARD
MODE... an exiting new enhancement!
Prior to now
- when a company was testing Secure/Net+, all users were
set at 'security level 1', which meant Secure/Net+ would
accept all exit point access requests.
Now - if
Secure/Net+ has been put in Wizard Mode, instead of
Level 1, the Wizard will automatically create the
necessary rules and allow the transaction to be accepted
before switching to Security Level 3. By automating
the majority of the rule creation process, the Wizard
significantly reduces the setup time for installing and
testing Secure/Net+
Key
Benefits
- Secure/Net+ was developed
to address the security issues involved in networking
iSeries/400 computers and PCs. It will significantly
improve remote access security.
- Secure/Net+ operates in
conjunction with iSeries/400 security. It checks each
remote request for the required level of remote access
authority before the request is executed by the
operating system. This security check is in addition
to, but independent of, normal iSeries/400 authority
checking. Users can be authorized to iSeries/400 database
files, while, at the same time, being prevented from
copying files to or from other computers.
- Secure/Net+ highlights
- Utilizes the exit
program facility provided by the iSeries/400 network
attributes.
- Prevents fraud and
malicious damage.
- Security database is
set up and controlled by a system administrator.
- Operates in
conjunction with standard iSeries/400 security
- Protection from
unwanted and unauthorized access via network
connections.
- Protects against
unwanted Client Access/400 requests
- Recognizes Group and
*PUBLIC authorities.
- Easy to use and
install.
- IP address
restrictions.
- Provides an audit trail of all
remote instructions encountered. This audit trail
shows the date and time of the request, the user,
the remote instruction string and whether or not
Secure/Net+ rejected the request. A hard copy of this
audit trail is readily available.
In a typical network
environment, a standard PC connected to the iSeries/400 with MS
Office and CA/400, can perform a number of functions
jeopardizing iSeries/400 data. Authorized users can
perform the following unauthorized tasks:
- Download confidential or
sensitive data to a PC file. Once on the PC, it is no
longer under the control of OS/400.
- Transfer data back to
the iSeries/400, replacing any data that may have been in
the target file with data from the PC.
- Use ODBC to connect PC
software to the iSeries/400 database
All of the above functions
are, of course, subject to iSeries/400 security, however,
removing authority to a command, library, or file may
prevent your users from doing their job. In addition, many
applications use group profiles to provide users with
read/write authority to the entire database. These
applications rely on front-end menus to control
application security.
SECURE/NET+ was
developed to circumvent this problem and will
significantly improve remote access security for the iSeries/400.
Copyright
© 1999-2001 Palace Guard Software. SECURE/NET is registered
trademark of Castlehill Computer Services LTD., UK. The IBM
logo, AS400 and OS/400 are registered trademarks of IBM Corporation