PowerTech Updates Interact -- Real-time Security for IBM System i

Gives enterprises visibility into intrusion, penetration attempts targeting System i (AS/400) hardware

The PowerTech Group Inc. has released Version 2.0 of PowerTech Interact. The product captures real-time security events for IBM System i (AS/400) servers so enterprises can have visibility into the intrusion and penetration attempts targeted at their System i servers.

Interact forwards OS/400 security events to its existing security infrastructure. When used in conjunction with leading security information management (SIM) consoles or intrusion detection systems (IDS), Interact forwards OS/400 security event information to enterprise security professionals. Version 2.0 extends and enhances PowerTech’s integration with a variety of leading SIM consoles, including ArcSight, Cisco, IBM (ISS), Symantec, TriGeo, and OpenService.

The PCI standard requires event logs be reviewed daily; a three-month archive of data must be kept online. Since the log files of System i servers can be very large, storing such data can be expensive. Interact’s filtering capability sends only the most relevant events to enterprise consoles, where the data can then be stored more cost effectively.

"The PCI Data Security Standard and other privacy regulations insist you store and monitor security event logs for a longer time frame than most organizations are used to," said John Earl, CTO of PowerTech, in a statement. "If organizations haven't made plans for this change, the cost and the burden of managing all that data on the System i could quickly overwhelm them."

Interact harvests and filters events from the IBM security audit journal (QAUDJRN); the IBM system (QSYSMSG) and system operator (QSYSOPR) message queues; and from other PowerTech security solutions.

New features in Version 2.0 include:

  • Support for the Syslog, a widely accepted method for communicating system information between disparate systems and applications

  • Simplified reporting for non-System i users; PowerTech translates technical jargon to meaningful phrases that can be understood by security administrators

  • Support for real-time paging and alerts; Interact can forward security events to any paging, messaging, or e=mailing service used on an organization's System i

More information is available at http://www.powertech.com.

About the Author

James E. Powell is the former editorial director of Enterprise Strategies (esj.com).

Must Read Articles