1 / 30

OZ Global Software, Inc. Bsafe Presentation

2. Company Vision. To become the global security

ashanti
Download Presentation

OZ Global Software, Inc. Bsafe Presentation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


    1. 1

    2. 2 Company Vision To become the global security & monitoring solutions market leader on IBM platforms:

    3. 3 Bsafe/Enterprise Security Suite For System i: Management Access Control Audit Alerts For System z (CICS): Management Access Control Audit Alerts

    4. 4 Bsafe Company Profile

    5. 5 Sample Customers

    6. 6 The Challenges of Regulatory Compliance To be compliant, Security Officers must quantify that: Users with out a demonstrable need to access data should be prevented from accessing such data. A clear recognizable audit trail exists for transactions. A real-time intrusion alerting mechanism has been implemented.

    7. 7 The Problem The OS/400 was architected before the advent of PC connectivity. Therefore, it can not inherently track or secure all of a PC users transactions without additional assistance. Without such assistance a user is able to access the iSeries through the network, change or delete any data he wants without being detected

    8. 8

    9. 9 System i Vulnerability

    10. 10 System i Vulnerability

    11. 11 System i Vulnerability

    12. 12 System i Vulnerability

    13. 13 System i Vulnerability

    14. 14 System i Vulnerability

    15. 15 System i Vulnerability

    16. 16 System i Vulnerability

    17. 17 System i Vulnerability

    18. 18 What Doesnt Get Logged Earlier we saw how easily users can download sensitive files to their PCs via FTP

    19. 19 What Doesnt Get Logged No indication of the PC that accessed the file No indication that the file was downloaded No indication that this was breach rather than legitimate access

    20. 20 What Doesnt Get Logged We saw also how easily users can update data via ODBC

    21. 21 What Doesnt Get Logged No indication of the PC that accessed the file No indication of the SQL statement No separation of field values No display of non-character fields No indication that this was breach rather than legitimate update

    22. 22 The Challenges To be compliant, Security Officers must quantify that: Users with out a demonstrable need to access data should be prevented from accessing such data. A clear recognizable audit trail exists for transactions. A real-time intrusion alerting mechanism has been implemented.

    23. 23 The Result Companies will not be able to attain compliance without a vendor-supplied or in-house created solution.

    24. 24 The Solution is Bsafe/Enterprise Security Bsafe enables Security Administrators and Auditors to: Regulate (secure) users activities Monitor users activities Automate the creation of clear and concise audit reports Receive real-time security and system related alerts Designed to be managed through Windows like Management Console

    25. 25 Bsafe/Enterprise Security modules

    26. 26 Policy Compliance Manager We have created a solution that will help you implement the company policy. In this circle of compliance we show you the major steps for implementing a compliance policy. The first step is to actually create the policy. The second step is to capture the policy into a policy template Once you implemented the policy You can check the policy compliance by comparing the policy template to the actual system & bsafe configurations And produce deviation reports that show you how does the policy implementation deviate from policy And, finally, to fix those deviations in order to achieve a complete policy compliance We have identified the major steps that your organization requires in order to address your compliance needs. We will now take one example, of finding deviations from object authority policy. We will follow this example through the different stages in the circle of compliance.We have created a solution that will help you implement the company policy. In this circle of compliance we show you the major steps for implementing a compliance policy. The first step is to actually create the policy. The second step is to capture the policy into a policy template Once you implemented the policy You can check the policy compliance by comparing the policy template to the actual system & bsafe configurations And produce deviation reports that show you how does the policy implementation deviate from policy And, finally, to fix those deviations in order to achieve a complete policy compliance We have identified the major steps that your organization requires in order to address your compliance needs. We will now take one example, of finding deviations from object authority policy. We will follow this example through the different stages in the circle of compliance.

    27. 27 Cross-Platform Central Audit

    28. 28 Cross Platform Audit

    29. 29 Benefits Focus on customers which maintain System i and/or System z as their mission critical systems Comprehensive operating system and database security & monitoring suite Single console enabling central management for multiple server platforms Comprehensive Cross Platform Audit Trail GUI enabling green screen empowering non-green screen personnel -Freeing up green-screen experts for mission critical tasks Highly granular functionality for securing and monitoring IBM platforms

    30. 30

    31. 31 Why a product like Bsafe is needed? Regulations & industry standards such as Sarbanes-Oxley Complex environments make security on the i5 platform difficult to manage (networks, OS, hardware, applications) Constant changes in users, systems and the way users access applications New risks introduced by external partners, customers & remote employees accessing the i5 network, using diverse platforms and devices Availability of experienced i5 administrators

More Related