Slide1 l.jpg
This presentation is the property of its rightful owner.
Sponsored Links
1 / 39

AP-Journal Application Security & Business Analysis PowerPoint PPT Presentation


AP-Journal Application Security & Business Analysis. Part 1 Overview. Overview. Application Security & Business Analysis tool Keeps managers constantly informed on database changes Produces reports on changes over numerous years. Relax. AP-Journal Will Check it for You. . Features.

Related searches for AP-Journal Application Security & Business Analysis

Download Presentation

AP-Journal Application Security & Business Analysis

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Slide1 l.jpg

AP-JournalApplication Security & Business Analysis


Slide2 l.jpg

Part 1 Overview


Overview l.jpg

Overview

  • Application Security & Business Analysis tool

  • Keeps managers constantly informed on database changes

  • Produces reports on changes over numerous years

Relax. AP-Journal Will Check it for You.


Features l.jpg

Features

Reports- based on changes to business-critical application data

Alerts (e.g. “Item price increased by more than 10%”)

Keeps selected updates in intermediate storage for long periods

Cross-application activity tracking (based on common identifiers in ERP, Finance, Shipment applications)

Instantaneous access to data covering numerous years

Used to meet regulatory requirements - SOX, HIPAA, PCI (Ensures only authorized programs update production data)

Based on patent-pending technology

Logging of Database Read Operations


Reports conditions created with ap journal l.jpg

Reports & Conditions Created with AP-Journal

  • Who modified file PAYMENTS between 20:00 and 06:00 during vacation; among those, who reduced the PAYMENT_AMOUNT by more than 15%?

  • Who made changes to production file LOANS using a non-approved program?

  • Who worked on the SALARY file during non-standard business hours, and accessed records of employees whose salaries exceed $5K monthly?

  • Provide John with a timeline report of all changes made to John's MORTGAGE (covering the dozens of files in the MORTGAGE system), during the past 25 years?

  • Send an SMS message and e-mail to the company's Chief Security Officer, Manager of IT and Internal Auditor when the PRICE_OF_ITEM changes by more than 4%.

  • Send a SYSLOG message and operator message when the PRICE_OF_ITEM for an ITEM shipped last month changes by more than $6.20

  • Send an e-mail whenever an employee record whose SALARY is less than $5000 is read from file SALARIES.

  • Which users who are not in the HR department, modified the SALARIES table?

  • What changes to the hospital's PATIENTS file were made via utility application DFU?

  • Who made changes to field DISCOUNTS since last Sunday?


What does ibm db journal support l.jpg

What does IBM DB-Journal Support?

IBM DB-Journal is generally used for:

  • Data integrity – handling commitment control to ensure that a transaction involving several updates is complete

  • High Availability – enabling Hot Backup to ensure instantaneous access to updated business-critical application data

  • Incremental backup – saving “before” and “after” images of file updates

If IBM DB-Journal is enabled, and functioning

Use it to its best advantage with AP-Journal


Ap journal added value l.jpg

AP-Journal Added Value

Reports integrating data

from multiple applications

Powerful

Quickly generates user-friendly printed/online reports from journals

Convenient

Real-time threshold-activated alerts

Efficient

No programming or changes to applications, no performance impact

Reliable

Effective storage of only user-selected data in special “containers”

Cost-effective

Flexible filters based on field data (e.g. Price increased by over 10%)

Adaptable


Slide8 l.jpg

AP-Journal Real-Life Applications

Alerts to Enforce Changing Business Rules and Policies

  • Corporate management often changes customer and discount policies

  • AP-Journal alerts ensure each salesperson handles only specific customers and doesn’t give customers discounts over a certain percentage

    Long-Term Reports

  • Mortgage bank uses AP-Journal to monitor the long-term history of all changes madeto loans

  • Clerks have a user-friendly interface to produce “single-click” AP-Journal reports

    PCI Compliance

  • Credit card company is required by PCI regulations & auditors to save many files

  • Accumulates 10M entries per hour, but monitors and issues alerts on only 5K entries per day using AP-Journal advanced filtering capabilities

    Using AP-Journal Containers to Save Disk Space

  • Company that needs weekly reports based on information from journal receivers

  • Limited disk capacity won’t allow saving information from receivers for more than 1 day

  • Uses AP-Journal Containers as temporary storage until weekly report is produced

!


Slide9 l.jpg

Part 2 Alert Scenario


Monday morning l.jpg

Monday Morning

“OK… Let’s define salary thresholds.

Assistants: Alert at over 10%...”

Mr. Bryan Fields

HR Audit Manager

Insurance Company


Three days later l.jpg

Three days later…

“Finally… I got a 20% raise!”

Ms. Jane Smith

Administrative Assistant

Insurance Company


One second later l.jpg

One second later…

Mr. Bryan Fields

HR Audit Manager

Insurance Company


At the greenspan residence l.jpg

At the Greenspan Residence

“Dear… Shouldn’t we be done

with our mortgage already?

It’s been 35 years…”

Mr. & Mrs. Greenspan

Retired Senior Citizens


At the bank l.jpg

At the Bank

Mortgage Timeline:

Greenspan family

“In just a minute, I will produce

a report that covers all the information

about all 35 years of your mortgage:

payments, interest rates, guarantors…”

15 Aug 1973

Mortgage start

1 Oct. 1975

Change of interest rate +4%

Standard payment $800

1 June 1978

Mortgage frozen

30 Nov 1981

4 Mar 1992

$15,000 installment

1 Apr 1996

Guarantor replaced

Change of property

6 Jul 2001

2nd mortgage added

Standard payment $1000

8 Jan 2007

1 Apr 2003

Mr. Michael Hill

Mortgage Consultant


Back at the greenspan residence l.jpg

Back at the Greenspan Residence

“Goodness! All that information in a single report.

This bank sure gives great service. “

Mr. & Mrs. Greenspan

Retired Senior Citizens


Slide16 l.jpg

Part 3 About AP-Journal


Facts about ap journal l.jpg

Facts about AP-Journal

  • Based on IBM DB-Journal receivers

  • Real-time – operates as soon as database update occurs

  • No programming

  • No maintenance – fully automated receivers and containers transfer, backup and removal

  • Not Based on Triggers – no delay in application, works asynchronous to the application, can operate during off-peak hours

  • Not intended to support QUADJRN (Security Audit Journal); for this see iSecurity/Audit


Reporting features l.jpg

Content

From either Receivers or Containers

Processes information (Who, What, When…)

Records changes to data (“transfer-to account” changed)

Compares with previous value (Quantity decreased > 100)

Covers dozens of years of application history

Format

Flexible filters, various levels of detail

Timeline reporting

Online – enables extension of filters

Printed – upon request or via included Scheduler

Emailed- in PDF or HTML formats

Reporting Features

18


Alerts features l.jpg

Alerts Features

  • Content

    • Real-time

    • Threshold-activated

    • Enables defining complex rules

    • Supports comparison to group of items

    • Fully editable message with field values

    • Field values appear in Before/After images

  • Format

    • Email including alert details

    • Message queue with alert details

    • CL script with access to event fields


Business analysis features l.jpg

Business Analysis Features

  • Patent Pending

  • Traces customer activities throughout all applications:

    • Mortgage bank: reports containing timeline of all mortgage activity (payments, returns, guarantors) across 7 years

    • Insurance Company: reports integrating data from policy, collection, claims and accounting applications

  • Accesses data exceptionally fast

  • Special-purpose Containers store and index customer-selected business items for quick retrieval

  • Can also function based upon the IBM Journal Receivers


Slide21 l.jpg

Part 4 Technology


Slide22 l.jpg

Business Analysis: Integrating Data from Multiple Databases

Payments

Guarantors

Interest Rates

Loan No. 1

Loan No. field is identified in all databases & indexed

Time Operation DB Loan No. Output

20 Apr 01

03 Jan 03

17 Feb 05

12 Mar 05

24 Jun 07

11 May 08

Update

Add

Add

Change

Update

Update

Interest

Payments

Guarantors

Payment

Interest

Payments

1

2

1

8

9

1

Screen

Report

All changes to Loan No. 1 are integrated into a single report


Slide23 l.jpg

Processing of

Receivers in

Real time

(or at night)

AP-Journal Technical Overview

DB1

DB2

DB3

Business Items

B

Journal

A

Long-time storage

for critical data

DB-Reads

C

D

Alert

Before

E

F

Alert

After

Receivers

Containers

G

Reporting

System

G

Reporting

System

Screen

Email & HTML

Print-out


Slide24 l.jpg

Annotation of Technical Overview

  • DB changes are journaled into journal receivers using OS/400 facilities.

  • Read access actions are added to journal receivers. This unique AP-Journal feature allows for filtering only the necessary Reads.

  • For performance purposes, AP-Journal reads only the required files from the journal receivers.

  • Alerts can be generated using strong filtering capabilities; alerts sent as operator messages, SMS, SYSLOG, etc.

  • Important journaled data is kept for long periods in database files which are protected and emulate journal receivers.

  • Alerts on data stored in containers; alerts sent as in 4 above.

  • Single report definition can run on either journal receivers or containers.


Technical features l.jpg

Technical Features

  • *BEFORE / *AFTER journal types

  • Remote Journal

  • Performance optimized for High Availability (HA) Journals containing tens of millions of entries

  • Operates in parallel to HA software

  • Automatic exchange of Journal Receivers

  • Automatic exchange of Containers (AP-Journal’s proprietary database)

  • Automatic backup of containers

  • Tracking offline containers


Slide26 l.jpg

Part 5 AP-Journal Screens


Slide27 l.jpg

AP-Journal Filtering Interface

See explanation on following slides.

Either price or quantity differences of more than 10% will trigger this event.

Both header (pink) and fields (black) can be filtered. Note “RR” in Entry field, enabling filter of Reads in addition to Deletes, Updates, etc.


Slide28 l.jpg

AP-Journal Filtering Capabilities

Column "BEFORE=B" in the previous slide is used to specify if the field value to be compared is the value Before or After the field update.

Further explanations to the line in the previous slide beginning “Test:” :

  • EQ NE LE GE LT GT are standard Boolean operators

  • N/LIST checks whether the field value appears in the supplied list of values

  • N/LIKE checks if the field value resembles the value entered. If the % wildcard (signifying any number of characters) is not the first character, the value to be compared is position specific (i.e. the first character in the field will be compared to the first character specified in the filter condition).

  • N/START checks that the field value does not begin with the characters entered


Slide29 l.jpg

AP-Journal Filtering Capabilities

Explanations Continued:

  • N/ITEM checks if the field value appear as an item in the GROUP/MEMBER specified

  • N/SAME checks that the Before and After values are the same

  • DIFxx checks if the difference between the Before and After values as entered in the Value column complies with the Boolean operator xx (EQ, NE, LE, etc.)

  • DIF%xx checks if the difference in percentage between the Before and After values as entered in the Value column complies with the Boolean operator xx (EQ, NE, LE, etc.)


Alert message definition screen l.jpg

Alert Message Definition Screen

Define a Generic Alert message


Alert recipient format l.jpg

Alert Recipient & Format

Define who receives alerts and in what format (email, message queue, SYSLOG, etc.)


Optional alert action script l.jpg

Optional Alert Action Script

Capture the offending user’s screens and after 5 minutes terminate the session.


Display of database update l.jpg

Display of Database Update

Display data before & after any changes which were made from a specific IP address


Full report displaying all changes l.jpg

Full Report Displaying All Changes

Printable report highlighting the before &

after data in fields which were changed


Defining journal file operations l.jpg

Defining journal file operations

Easy to read summary table of journalactivities per file/library.


Modify file operations l.jpg

Modify file operations

Define file operations and relatedparameters.


Alert conditions and syslog message l.jpg

Alert conditions and SYSLOG message

Define alert conditions and appropriate message for SYSLOG/e-mail/msg.


View syslog real time alerts l.jpg

View SYSLOG real-time alerts

Note SYSLOG messages as receivedin SIEM product.


Slide39 l.jpg

Thank You!

Please visit us at

www.razlee.com


  • Login