IBM i and Tripwire Enterprise: What you need to know
This blog was originally published here: https://www.tripwire.com/state-of-security/ibm-i-and-tripwire-enterprise-what-you-need-know
The IBM i is a midrange server that is used across many industries and businesses varying in size. Backed by its long history and support by IBM, a world-class innovator, the IBM i platform stands alone in the midrange server offerings. Some of the largest companies in the world use IBM i running on the IBM Power server as their strategic platform for manufacturing planning, retail, distribution, logistics, banking, healthcare, insurance, hospitality management, government management, and legal case management.
Tripwire Enterprise and the IBM i platform
With the growing threats against critical infrastructure organizations in the financial, energy, and healthcare sectors, the ability to monitor this platform is extremely important. Whether it's change auditing or integrity monitoring, Fortra’s Tripwire Enterprise is the perfect solution to boost security and compliance when using the IBM i. Organizations that rely on IBM i can realize the benefits of Tripwire Enterprise through a Secure Shell (SSH) connection.
The SSH connection is configurable to use public-key encryption, ensuring the security of the commands sent across the network. A connection is easily established using a Tripwire Enterprise Network Device and an SSH direct connection to the IBM i’s Portable Application Solutions Environment (PASE for i) which provides an AIX shell that can be used to run commands. This connection approach requires no code installs or changes on the system and offers scalability and manageability while minimizing the need for an IBM i administrator oversight. The PASE shell has features that can be used to run system commands and pull desired information directly into the Tripwire Enterprise console using Command Output Validation Rules (COVRs).?
It is important to note that implementing this solution can be further streamlined with the expertise of Tripwire Professional Services, ensuring smooth integration tailored to your organization’s needs.
Depending on the attributes that are within the scope of your monitoring requirements, these rules can be configured using one or more commands to capture specific data and information from many configuration settings. When the rules are run, they generate a point-in-time snapshot and capture output for comparison against previous runs. Using COVRs provides the capability of monitoring the most critical objects, their attributes, and configuration settings for the IBM i operating system.
领英推荐
A few examples include Job Descriptions (JOBD), Subsystem descriptions (SBSD), Controller Descriptions (CTLD), License Key Info (LICKEY), Hardware & Software Inventory, PTFs, Registry Exit Points and nearly all other IBM i objects can be monitored using CL commands passed thru the shell. Additionally, attributes for application and user libraries, programs, physical files and logical, as well as DB2 objects can be monitored.
Tripwire COVRs can be tuned to filter out noisy data from the captured output that is not needed for monitoring such as date of capture and page info. Whether you are monitoring the state of the system or confirming information gathered for an audit, Tripwire Enterprise can add a secondary assurance that your information is valid and in-line with organizational, as well as compliance requirements .
Tripwire can also be used to capture a robust collection of security values as well as user and group profile attributes from the IBM i OS. Using CL commands executed via Tripwire COVRs, it can be used to analyze default passwords, active profile lists, authorized profiles, group members and profiles, and many other recommended audits involving user access.
Many organizations that are subject to regulations need to use the best tools available to gather information and insight into their mission critical systems. Even organizations that are not subject to regulatory authority still want to ensure the security of their systems for their customers. Whether it is CIP , CIS , PCI, or other requirements , Tripwire Enterprise can help you manage the integrity and security of your environment.
For those organizations that use the IBM i platform, the combination of its high-reliability processing, coupled with the power of Tripwire Enterprise creates a solution for powerful security.
Contact us to see how Tripwire Professional Services can assist in ensuring the integrity and security of your IBM i servers contribute to a more secure environment.