1 audit next generation monitoring, compliance & qaudjrn reporting

1

AuditNext Generation Monitoring, Compliance & QAUDJRN Reporting

22

iSecurity Logs / Protects Systems and Applications

• Logging system and application activities is the basis for:• Monitoring• Reporting• Auditing• Compliance• Investigations• “Keeping People Honest”- Behavioral changes when people

know their activities are being recorded• Increase in quality of work

• iSecurity can protect from problems by either:• Preventing their occurrence• Reacting immediately upon discovery

iSecurity Mission

3

Mandatory Security Regulations

• Government and Industry Regulations• SOX Financial• COBIT IT compliance framework• HIPAA Health care• PCI Credit cards• ISO 27000 Information Security• Basel II Banking• SAS70 Auditing Standards• Italian Privacy Code 196.2003• Other European regulations• External auditor’s demands• Internal security policies

4

Sample Regulatory Requirements

• Limit user capabilities to the applications for which they are authorized

• Provide user & object authorities on an as-needed basis

• Monitor and trace operating system settings and system values

• All changes to data must be recorded and accessible for auditing, often for periods of many years.

• All data must be protected against illegal modification and/or erasing.

• Only application programs may access application data and not special purpose utility programs.

• READ access to data is often suggested but not mandated because of the difficulty in implementing READ protection

5

iSecurity Audit: Information Sources

OS/400 Objects•Users •Authorities •Objects•Scheduled Jobs•Etc.

Report Generator & Visualizer: Screen, GUI, PDF, HTML (by email)

AuditFiltered Data

Receivers``

I5/OS

QAUDJRN Current Activity•Active Jobs•System Status•Sharepools

Message Queues•QSYSOFR•Any otherMessage Queue

SIEM Support:Syslog, SNMP

LogAlert via Action

6

Audit QAUDJRN Flow Diagram

Audit

Audit Files

Audit

Screen, Print. HTML, PDF, CSV, OutFile, Excel via GUI

Alert• Email• MSGQ• SMS• CL Script (with parameters)

• Call PGNS• CHGUSRPRF *DISABLED

Report SchedulerAuto Maintenance

VisualizerData Warehouse

Business Intelligence

Receivers

``

I5/OS

QAUDJRN

QAUDJRN is the log of OS/400

7

Displaying Events from the Audit Log

8

User Profile Report

9

All Authority Changes Report

10

Audit Features

• At-a-glance, user-friendly display of QAUDJRN activity covering all 75 audit types

• Reduces disk space by filtering system audit data, leaving only requested data

• Easy definition of audit related security rules• Query Wizard enables creating queries quickly without programming• Various report formats include e-mail/HTML/PDF/CSV • Powerful Report Generator includes over 200 predefined reports• Ready-made reports suited to SOX• Enables selecting, sorting and filtering fields in reports• Advanced scheduler runs reports at specified times, e-mailing results

to your desktop• Real-time initiation of responses to potential threats and security

violations

11

Firewall & Audit built-in Queries

Report Generator and Scheduler

Display on green screen or

GUI workstation

Spool file IFS storage

Execute query over single or multiple

systems

View in GUI and e-mail PDF, HTML, CSV attachments

Native DB files

FileScope SHWFC or native DB viewers

View GUI table

Print or Export as Excel, CSV,

HTML, PDF, ODF

Individual Product’s User Defined Queries

iSecurity Reports and Queries

12

Various Report Formats

HTML Report CSV Report PDF Report

Email with Attachment

13

Advanced Scheduler

14

Filter

Flexible Reporting: Filter, Select, Sort Output Fields

SelectSort

15

User-Friendly Query Wizard

16

At-a-Glance View of All Audit Journal Files

17

Displays Compliance related Explanation

18

Defining Action in Response to Specific Threats

19

Formatted Audit Log Entry

20

Please visit us at www.razlee.com

Thank You !