1 / 20

Audit Next Generation Monitoring, Compliance & QAUDJRN Reporting

Audit Next Generation Monitoring, Compliance & QAUDJRN Reporting. iSecurity Mission. iSecurity Logs / Protects Systems and Applications Logging system and application activities is the basis for: Monitoring Reporting Auditing Compliance Investigations

yori
Download Presentation

Audit Next Generation Monitoring, Compliance & QAUDJRN Reporting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. AuditNext Generation Monitoring, Compliance & QAUDJRN Reporting

  2. iSecurity Mission • iSecurityLogs / Protects Systems and Applications • Logging system and application activities is the basis for: • Monitoring • Reporting • Auditing • Compliance • Investigations • “Keeping People Honest”- Behavioral changes when people know their activities are being recorded • Increase in quality of work • iSecurity can protect from problems by either: • Preventing their occurrence • Reacting immediately upon discovery 2

  3. Mandatory Security Regulations • Government and Industry Regulations • SOX Financial • COBIT IT compliance framework • HIPAA Health care • PCI Credit cards • ISO 27000 Information Security • Basel II Banking • SAS70 Auditing Standards • Italian Privacy Code 196.2003 • Other European regulations • External auditor’s demands • Internal security policies

  4. Sample Regulatory Requirements • Limit user capabilities to the applications for which they are authorized • Provide user & object authorities on an as-needed basis • Monitor and trace operating system settings and system values • All changes to data must be recorded and accessible for auditing, often for periods of many years. • All data must be protected against illegal modification and/or erasing. • Only application programs may access application data and not special purpose utility programs. • READ access to data is often suggested but not mandated because of the difficulty in implementing READ protection

  5. iSecurity Audit: Information Sources SIEM Support: Syslog, SNMP • OS/400 Objects • Users • Authorities • Objects • Scheduled Jobs • Etc. QAUDJRN • Current Activity • Active Jobs • System Status • Sharepools • Message Queues • QSYSOFR • Any other • Message Queue Audit Filtered Data I5/OS ` Receivers Log Alert via Action Report Generator & Visualizer: Screen, GUI, PDF, HTML (by email)

  6. Audit QAUDJRN Flow Diagram Audit • Alert • Email • MSGQ • SMS • CL Script (with parameters) • Call PGNS • CHGUSRPRF *DISABLED I5/OS Audit QAUDJRN ` Audit Files Receivers Visualizer Data Warehouse Business Intelligence Screen, Print. HTML, PDF, CSV, OutFile, Excel via GUI Report Scheduler Auto Maintenance QAUDJRN is the log of OS/400

  7. Displaying Events from the Audit Log

  8. User Profile Report

  9. All Authority Changes Report

  10. Audit Features • At-a-glance, user-friendly display of QAUDJRN activity covering all 75 audit types • Reduces disk space by filtering system audit data, leaving only requested data • Easy definition of audit related security rules • Query Wizard enables creating queries quickly without programming • Various report formats include e-mail/HTML/PDF/CSV • Powerful Report Generator includes over 200 predefined reports • Ready-made reports suited to SOX • Enables selecting, sorting and filtering fields in reports • Advanced scheduler runs reports at specified times, e-mailing results to your desktop • Real-time initiation of responses to potential threats and security violations

  11. iSecurity Reports and Queries Individual Product’s User Defined Queries Firewall & Audit built-in Queries Report Generator and Scheduler Execute query over single or multiple systems IFS storage Display on green screen or GUI workstation Spool file Native DB files FileScope SHWFC or native DB viewers View GUI table View in GUI and e-mail PDF, HTML, CSV attachments Print or Export as Excel, CSV, HTML, PDF, ODF

  12. Various Report Formats HTML Report CSV Report PDF Report Email with Attachment

  13. Advanced Scheduler

  14. Flexible Reporting: Filter, Select, Sort Output Fields Filter Select Sort

  15. User-Friendly Query Wizard

  16. At-a-Glance View of All Audit Journal Files

  17. Displays Compliance related Explanation

  18. Defining Action in Response to Specific Threats

  19. Formatted Audit Log Entry

  20. Thank You! Please visit us at www.razlee.com

More Related