Raz-Lee Security Inc. has upgraded its iSecurity software for the System i, mainly to help users with auditing and compliance issues.
The new version of iSecurity includes:
- Almost 300 report templates covering all kinds of issues — such as object authority and user management — that are important for compliance with regulations likeSarbanes Oxley.
- Java-based user interface that allows users to submit and view reports from individual workstations.
- The ability to produce the reports in a number of formats, including HTML, PDF and Excel.
What kind of compliance and audit reporting software for the System i do you use, if you use any at all? And does it help you stay organized?
IBM, as you know, has been trying to sell the System i as a perfect integrated platform for all your VoIP needs. Last year, IBM and 3Com announced their joint offering — IBM’s System i hardware combined with 3Com’s VoIP hardware and software. Then in June, Nortel got into the System i VoIP mix, joining with IBM to offer competition to 3Com.
It’s still unclear if SMBs will take to VoIP, as the pain of setting it up can outweigh benefits for small businesses. One major pain point: having to deal with too many technologies and too many vendors to get a VoIP system going. Does IBM’s integrated offering on the System i mitigate that, and if it does, will it bring new System i customers into the fold? That remains to be seen.
Anyway, the fireside chat is at 1 p.m. EDT tomorrow at the iSociety’s fireside chat site. It will include Mike Rousseaux, an IBM offering manager for collaborative technologies; and Roxanne Reynolds-Lair, the CIO of the Fashion Institute of Design and Merchandising, an early IBM VoIP adopter.
The Common System i user group has elected the three members of its board of directors, two returning members and one new.
Dan Kimmel and Wayne Madden have been reelected to their second three-year terms while Bob Krzeczowski is joining the board for the first time.
Kimmel has been involved in Common for a while now. He has been an IBM midrange and System i software developer for more than 30 years, and can often be seen giving presentations at the Common conferences.
Madden is the muscle behind the System i Network and System i News Magazine, serving as its group publisher and editor-in-chief. He also is a popular speaker at Common conferences and has served as a project manager on the security track for the conferences.
Krzeczowski, the newest member, has been a volunteer with Common as a speaker and a member of its Education Team for more than 15 years.
The recent release of Lotus Notes 8 was cause for celebration for many, but not for i5/OS users looking to do some DB2 work with it. According to Domino Blog blogger and IBM Domino product manager Rob Ingram, there are currently no plans to support Notes databases in DB2 on System i. This news is not sitting well and System i user group Common is starting an initiative to get to the bottom of this.
They are currently circulating a System i user survey that will help them build a case to get some answers from IBM. Ingram states in his blog that IBM is currently allocating resources elsewhere, but I just can’t help thinking that this is a move to position Lotus Notes for growth; but at the same time position System i as a legacy platform that will lose full support sometime soon.
Lukas Beeler has a post on his blog about the things to keep in mind when considering buying the System i 515. When IBM rolled out the i5 515 Express and i5 525 Express in April, most of the talk was around price. They were purported to be entry-level boxes, with the cost starting at about $8,000.
Beeler writes about some of the issues with the 515 — it’s I/O intensive, it probably doesn’t have enough RAM for your needs, and included software maintenance is short-term — and how upgrading them is going to add to the cost of the machine, probably by 50% to 75%. So suddenly that $8,000 becomes $12,000 or $14,000.
Another reader recently chimed-in on Establishing user accountability in AS400, an expert iSeries security response from Carol Woodbury. Thanks to “KrillDog” for the info!
In terms of SOX regulations and their recommended “best practices” efforts on segregation of duties, the iSeries Security Administrator position (if established) should manage the QSECOFR password. If the actual QSECOFR profile is required by a System Administrator, say for a system upgrade, an actual request is filled out with the reason for required QSECOFR access and submitted to the SecAdmin for approval and account activation. This provides evidence of an actual request from an approved user and then the audit journal records can be processed and attached to the request (on-line or hard-copy). This is the process I had to establish to prevent random access with the QSECOFR profile.
If your shop hasn’t been supporting the latest beta version of Lotus collaboration software, it might now. IBM announced today that Lotus Notes 8 and Lotus Domino 8 [LD8] are now generally available. According to the press release, two years of development and testing, a considerable amount done in the field by actual businesses, went into LD8. I’m purely speculating here (not to mention my penchant for conspiracy theory), but with all that R and D across the pool of users, no doubt running a variety of platforms, will IBM look to end support on System i if license subscriptions go up elsewhere? How much of the R and D was testing for reliability on other platforms?
After reading Establishing user accountability in AS400, the iSeries security expert response from Carol Woodbury, one reader sent us this comment to round out her answer. Thanks, Tom!
Especially with QSECOFR, it’s difficult to guarantee full accountability. Whatever QSECOFR can put in place, QSECOFR can remove. There are potential items that can help though.
For interactive work, for example, a routing program might intercept the job and prompt for an individual’s identification. This might consist of a user/password prompt that could be tested against actual user/password via perhaps the Get Profile Handle (QSYGETPH) API, followed by Release Profile Handle (QSYRLSPH) API if successful.
The routing program might continue by setting job logging levels or various audit attributes before transferring control to QSYS/QCMD (or your own request-processing program). Before transferring control, it might send scope messages to ensure that end-of-job logging also occurred or set condition handlers for similar purposes.
None of that *guarantees* anything. But it can help when an auditor asks what’s been done.
Dan Kimmel, Bob Krzeczowski,Wayne Madden and Rajan Narayanah. Each candidate emphasizes different aspects of their qualifications that run the gamut from COMMON membership experience, to entrepreneurial skills to iSeries expertise.
A forum page has been set up to ask each candidate questions about how they would contribute to the future of COMMON.
The elected members will help lead the group for the next three years, so if you’re a member of COMMON, makes sure to check out the above information from COMMON and vote before August 23.
John Ghrist over at the System i Network says that for Web applications to really take off on the platform, there needs to be a solid Web analytics tool on i5/OS.
Ghrist talks about how having Web applications is nifty and all, but if you can’t measure its success, then its success is essentially zero. He argues that although there are plenty of third-party Web analytic software tools out there, it would be great if that was already included in the hardware and software when you buy your System i.