1 audit next generation monitoring, compliance & qaudjrn reporting
Post on 22-Dec-2015
217 Views
Preview:
TRANSCRIPT
1
AuditNext Generation Monitoring, Compliance & QAUDJRN Reporting
22
iSecurity Logs / Protects Systems and Applications
• Logging system and application activities is the basis for:• Monitoring• Reporting• Auditing• Compliance• Investigations• “Keeping People Honest”- Behavioral changes when people
know their activities are being recorded• Increase in quality of work
• iSecurity can protect from problems by either:• Preventing their occurrence• Reacting immediately upon discovery
iSecurity Mission
3
Mandatory Security Regulations
• Government and Industry Regulations• SOX Financial• COBIT IT compliance framework• HIPAA Health care• PCI Credit cards• ISO 27000 Information Security• Basel II Banking• SAS70 Auditing Standards• Italian Privacy Code 196.2003• Other European regulations• External auditor’s demands• Internal security policies
4
Sample Regulatory Requirements
• Limit user capabilities to the applications for which they are authorized
• Provide user & object authorities on an as-needed basis
• Monitor and trace operating system settings and system values
• All changes to data must be recorded and accessible for auditing, often for periods of many years.
• All data must be protected against illegal modification and/or erasing.
• Only application programs may access application data and not special purpose utility programs.
• READ access to data is often suggested but not mandated because of the difficulty in implementing READ protection
5
iSecurity Audit: Information Sources
OS/400 Objects•Users •Authorities •Objects•Scheduled Jobs•Etc.
Report Generator & Visualizer: Screen, GUI, PDF, HTML (by email)
AuditFiltered Data
Receivers``
I5/OS
QAUDJRN Current Activity•Active Jobs•System Status•Sharepools
Message Queues•QSYSOFR•Any otherMessage Queue
SIEM Support:Syslog, SNMP
LogAlert via Action
6
Audit QAUDJRN Flow Diagram
Audit
Audit Files
Audit
Screen, Print. HTML, PDF, CSV, OutFile, Excel via GUI
Alert• Email• MSGQ• SMS• CL Script (with parameters)
• Call PGNS• CHGUSRPRF *DISABLED
Report SchedulerAuto Maintenance
VisualizerData Warehouse
Business Intelligence
Receivers
``
I5/OS
QAUDJRN
QAUDJRN is the log of OS/400
7
Displaying Events from the Audit Log
8
User Profile Report
9
All Authority Changes Report
10
Audit Features
• At-a-glance, user-friendly display of QAUDJRN activity covering all 75 audit types
• Reduces disk space by filtering system audit data, leaving only requested data
• Easy definition of audit related security rules• Query Wizard enables creating queries quickly without programming• Various report formats include e-mail/HTML/PDF/CSV • Powerful Report Generator includes over 200 predefined reports• Ready-made reports suited to SOX• Enables selecting, sorting and filtering fields in reports• Advanced scheduler runs reports at specified times, e-mailing results
to your desktop• Real-time initiation of responses to potential threats and security
violations
11
Firewall & Audit built-in Queries
Report Generator and Scheduler
Display on green screen or
GUI workstation
Spool file IFS storage
Execute query over single or multiple
systems
View in GUI and e-mail PDF, HTML, CSV attachments
Native DB files
FileScope SHWFC or native DB viewers
View GUI table
Print or Export as Excel, CSV,
HTML, PDF, ODF
Individual Product’s User Defined Queries
iSecurity Reports and Queries
12
Various Report Formats
HTML Report CSV Report PDF Report
Email with Attachment
13
Advanced Scheduler
14
Filter
Flexible Reporting: Filter, Select, Sort Output Fields
SelectSort
15
User-Friendly Query Wizard
16
At-a-Glance View of All Audit Journal Files
17
Displays Compliance related Explanation
18
Defining Action in Response to Specific Threats
19
Formatted Audit Log Entry
20
Please visit us at www.razlee.com
Thank You !
top related