Kisco has released a new, AFFORDABLE tool that could be of interest to those requiring a high-level tool to assist in enforcing security standards like PCI.

Curbstone has no formal relationship with Kisco, but we are aware of their long history as a quality software vendor for the AS/400, then the iSeries, and now the IBM System i.

iSecMap is a new security mapping and enforcement tool for your IBM i system (Power System/i, i5, iSeries or AS400). iSecMap creates a comprehensive map of the security configuration and settings on your system and then automatically monitor your system for changes.

iSecMap works with

  • security system values
  • user profiles
  • group profiles (including supplemental groups)
  • authorization lists
  • library level security
  • library object security
  • objects stored in IFS paths
  • and more...

In each area, you establish a baseline of information about the security and then iSecMap checks for changes. Live alerts can be issued to let you know when your security has changed from the way you set it up. This lets you enforce your security environment without finding a surprise at an unexpected event.

You can see more details about iSecMap at their website: http://www.kisco.com/ism/

 

Alert notifications in iSecMap can be configured to just report to a message queue on your system (like QSYSOPR or QSYSMSG) or also to a list of email addresses. The alert points you to the security area or areas that have changed so that you can quickly zero in on the issue. You can either accept the change into your baseline of security information or you can update security to set things back the way you want them.

iSecMap can be used to enforce security on a system where you already have the configuration set, or it can be used to track security changes on a system where you are working to implement improved security. In either case, iSecMap starts where your system is currently configured and works from that point.

Comprehensive reports of your current security map are also available from iSecMap. These will be a nice plus for your auditors.

You can see more details about iSecMap at their website: http://www.kisco.com/ism/

iSecMap is available for a trial period on your own system. If you're interested in taking it out for a spin, fill in the order form at the website or contact Rich Loeber at Kisco.