Did you know that IBM i includes powerful auditing features? In fact, our own class-leading audit reporting solution leverages the information captured by the operating system. Join this Webinar—based on content previously presented at COMMON—to learn about activating and configuring the auditing capabilities inherent to IBM i.

Join this Webinar to understand:

• Security audit journal
• Audit data management
• Configuring the audit system values
• A user profile’s *AUDIT special authority
• Object auditing
• User auditing
• Basic reporting capabilities
• Advanced reporting options

You’ll also learn about what system auditing does NOT capture, and how to prevent it from causing you to fail an audit.

Attendees are eligible to receive a FREE Compliance Assessment.

Presenters
Main Presenter: Robin Tatam, PowerTech
Co-Presenter: Jill Martin, PowerTech

Wednesday, June 16, 2010
10 a.m. Central Time (15:00 GMT)
Check our chart for your local time >

Cost
Free of charge

Registration
To register, please visit our WebEx site.

Speaker Bios

Robin Tatam is the Director of Security Technologies for PowerTech, a leading provider of security solutions for IBM i. A frequent speaker on security topics, he co-authored the RedbookIBM System i Security: Protecting i5/OS Data with Encryption. Robin can be reached by e-mail at robin.tatam@powertech.com.

Jill Martin is Product Support Manager for PowerTech and brings a strong System i background to any security discussion. Jill has worked in a number of roles in the industry, including technical trainer, sales account manager, and most recently as a key member of the security team. Contact Jill at jill.martin@powertech.com.

PowerTech’s leading Network Security exit point solution recently has been updated with a more intuitive user design, and a number of exciting new features.

Join this Webinar to understand:

• The new self-extracting installation procedure
• Selective exit point activation
• Creating object-level rules
• Interface design changes

Attendees are eligible to receive a FREE Compliance Assessment.

Presenters
Main Presenter: Robin Tatam, PowerTech
Co-Presenter: Jill Martin, PowerTech

Wednesday, June 9, 2010
10 a.m. Central Time (15:00 GMT)
Check our chart for your local time >

Cost
Free of charge

Registration
To register, please visit our WebEx site.

Speaker Bios

Robin Tatam is the Director of Security Technologies for PowerTech, a leading provider of security solutions for IBM i. A frequent speaker on security topics, he co-authored the Redbook IBM System i Security: Protecting i5/OS Data with Encryption. Robin can be reached by e-mail at robin.tatam@powertech.com.

Jill Martin is Product Support Manager for PowerTech and brings a strong System i background to any security discussion. Jill has worked in a number of roles in the industry, including technical trainer, sales account manager, and most recently as a key member of the security team. Contact Jill at jill.martin@powertech.com.

It’s already been a fun Spring here at PowerTech, including a visit to a Minnesota Twins baseball game in their new outdoor stadium, and a boat cruise on Lake Minnetonka with the local ISACA chapter. With the return of the weekly “weenie cart”(a fundraiser hot-dog stand run by Help/Systems’ Fun Committee), and temperatures up in the 90s, we are barreling towards Summer like no tomorrow!

It actually has seemed like a short week for me, as I headed out on the road again. This time, I am paying my first visit to the SEQUEL office in Schaumburg, Illinois, a suburb of Chicago, to conduct my next security workshop. I am really having fun with these events, and I love spending time with security officers and administrators anxious to learn more about securing an IBM i server platform. We are discussing future locations for our next workshop and it seems that Dallas, Texas, is currently at the top of the list—probably sometime later in the summer. I believe this workshop is one of the best ways to get a half-day of IBM i security education, so let us know if you would like to see your city on the list.

This morning, I am paying a visit to a Chicago-based customer to discuss their security projects, and then flying the short hop back to Minneapolis after lunch.

Back in the office, the team is putting the final touches to the June edition of our electronic newsletter, PowerNews. If you are not currently receiving it, be sure to sign up at www.powertech.com. In addition, I wanted to to share with you that development is now underway on the next release of Compliance Monitor, and I got an exciting sneak peak before leaving on Tuesday. Having been a developer for part of my career, I know things don’t happen overnight, but I am excited to see how this project is shaping up.

For those of you reading this in the U.S., have a safe and enjoyable Memorial Day holiday weekend. For those of you overseas, this is a day where we commemorate the men and women who have made the ultimate sacrifice for their country. I am excited to be spending part of the upcoming weekend visiting my host family from my time as a foreign exchange student “several” years ago in Bellevue, Iowa. I can’t wait to seem them as it has been five years since my last visit—way too long!

Cheers!

- rt

At one time or another, every system administrator and security officer faces the question “who did it?” IBM i can audit numerous events and you should be using its capabilities. However, what happens after you collect the event data? How do you convert the raw data into useful information?

Auditors and internal policy controls often require the review of numerous security details and configuration metrics. Not only is this time-consuming—especially when multiplied across many systems—it’s a resource-intensive process. Often, we do it only when we have to instead of as part of an ongoing security plan.

Join this Webinar to understand:

• How to configure IBM i to record system and user events
• What activities can (and cannot) be audited
• What mechanisms are available to extract audit data from the audit journal
• What other information does an auditor want to see
• How to step up to the next level of audit reporting with PowerTech Compliance Monitor

This event will include an online Compliance Monitor demo.

Attendees are eligible to receive a FREE Compliance Assessment.

Presenters
Main Presenter: Jill Martin, PowerTech
Co-Presenter: Paul Culin, PowerTech

Wednesday, May 26, 2010
10 a.m. Central Time (15:00 GMT)
Check our chart for your local time >

Cost
Free of charge

Registration
To register, please visit our WebEx site.

Speaker Bios

Jill Martin is Product Support Manager for PowerTech and brings a strong System i background to any security discussion. Jill has worked in a number of roles in the industry, including technical trainer, sales account manager, and most recently as a key member of the security team. Contact Jill at jill.martin@powertech.com.

Paul “Paulie” Culin is a security advisor with the PowerTech Group. As a product expert, he manages client training and implementation engagements, and hosts security presentations, Webinars, and product demonstrations. Contact Paul at paul.culin@powertech.com.

Hot on the heels of the Network Security 6.0 release, I sat down with Jill Martin to discuss events leading up to the launch.

Hi Jill! Thanks for giving me some time this morning to talk about NS 6. Webinar attendees probably know you well, but why don’t you give us a quick introduction?

Sure! My name is Jill Martin and I am the PowerTech Product Support Manager. I have been with Help/Systems for about twelve years and have worked in a number of capacities, including product trainer, sales representative, and most recently as part of the PowerTech team.

So, tell me what responsibilities you have as Product Support Manager?

As manager of the technical support staff, one of my main roles is overseeing the support you receive if you ever call in to PowerTech. I also worked closely with the development team over the last couple of months to prepare for the release of Network Security version 6.0.

So what is the big “hook” with Network Security version 6?

A couple of things really. First, we added the ability to set rules based on an object. What I mean by that is that we have created the incredibly powerful capability to be able to set rules that pertain to an object. This means it’s now possible to restrict and audit access to an object regardless of the syntax of the incoming request. In SQL for example, Select fld1, fld2 from myfile was previously seen as a different request than select fld1 from myfile. As humans, we could look at that and know it was pulling the same data, but the server couldn’t. This capability adds to the powerful transaction-based rules that Network Security has long been admired for.

We also have added a new selective activation process, so customers can decide which exit points are secured. This allows a staged approach to integrate Network Security into the operating system, something that is often important in large IT shops.

In addition, we have done a lot of infrastructure changes to ensure that the product works efficiently, and that the user interface is more intuitive. Some of these changes won’t really be seen directly by customers, but they are an important part of planning for future enhancements that we are designing.

Did we have dedicated programmers working on this product?

On a project of this size, we assign a lead developer who oversees the development aspect of the project. Obviously that is someone who is intimately familiar with the PowerTech Network Security solution. We also have other developers that are familiar with security solutions and have additional resources who are are assigned “as needed,” based on the tasks identified in the project plan. Of course, these folks all report through the development chain to a manager who is responsible for product design and coding.

So how do you test a pending product release?

All Help/Systems products go through a stringent testing process that includes unit testing, integration testing, systems testing, and acceptance testing. We have a number of dedicated testers—people whose sole job is to test new development projects. They build a test plan and divide up the different sections between themselves. There is also a support person involved because they know what customers want and how they use the software. Gregg Bury was the support person, and he spent some time reviewing the functionality and the usability of the interface, and making recommendations on improvement.

So what things did the testers look at?

They tested the changes and did regression testing to the core product to review every panel and function to identify whether there were any outstanding issues from prior releases. They also did performance and stress testing using scripts.

Did they test at every release level?

Absolutely, they tested at every release that we support—currently V5R4, V6R1, and V7R1

Presumably as the testers locate issues, they prioritize them?

They do; they rank items using a priority scheme and those with a priority 1 or 2 are the things that were addressed first.

As far as making the code available to customers, how is that done?

Well, the download page has already been updated to show the new level of the code. As far as getting the code onto a customer’s machine, that is one of the changes between the last release of 5.3 and the current release of 6.0. In 5.3, we had a save file that was downloaded to a PC and then manually extracted, sent to the server, and installed from there. With version 6.0, we have a self-extracting installer. It uploads and installs the code on the server, and performs the cleanup, leaving only the administration guide on the user’s PC.

Does the customer have to know anything about their configuration to perform that install?

Yes, they need to sign on with a user profile that has the necessary authority to perform an upload and a restoration of the application. The Installation Guide walks them through the necessary requirements and steps.

So there is a new Administration Guide?

Yes, there is.

Where can existing customers find it?

They can go to the support area of the PowerTech website, under the “customer login” link in the top navigation bar. The documentation is all listed at the top of the product download page. If someone doesn’t remember their support log-in, they can contact support at support@powertech.com

Did we do a BETA program?

Well, typically Help/Systems does more of a managed release or limited ship. We do not like to give a product to customers until we feel we are on top of the release. In this case, we had a few customers who offered to help because they needed one or more of the new features. So, we had a few people using the product and giving us feedback.

How do existing v5.x customers upgrade to Network Security version 6?

The product installs into a new library, which allows the system to remain protected during the installation process. There is a command to merge rules into Network Security version 6, and the activation process allows the redirection of the exit programs to the new version in the new library.

What do the developers do after a product is released?

First they celebrate! Then they go through a number of post-project processes. There is a documentation review to analyze our methodologies and to make any necessary improvements going forward. After that, they begin to look at the next project and the development manager re-deploys the development resources based on the next project plan. The good news/bad news with working for a company as creative as Help/Systems is that we never rest. In fact, there are already requirement lists for Network Security 7.0 that we are looking at.

Where can customers learn more about Network Security 6.0?

There is a “new features” document that is a great place to start. It shows what’s new, and what’s changed. For example, the authorization lists that we use to define the capabilities of the administrators have changed names. A customer will want to review who has access to the product—the documentation discusses all of that.

We are planning to do a “What’s New” Webinar in the coming weeks to talk about the new features in Network Security 6.0. Our Web-based Network Security training class will be based on version 6.0 later this year.

What about support of the new product version?

The support staff have all been trained on the new version and have been working with the software on our internal systems, as well as with the “early-ship” customers. Our international staff have also been working with the new version.

Any closing thoughts?

Just that we are very excited to have this new Network Security release now shipping. And, I’m looking forward to building the feature list for the next release.

So there you have it—an introduction to a PowerTech product release. If you have any extra questions for Jill, please send them to jill.martin@powertech.com

Cheers!

- rt

After decades of enjoying a reputation as one of the most secure platforms on the market today, many organizations are surprised to learn that their IBM i system is completely open. Addressing this dilemma requires configuration of the tools available in the operating system.

With the recent announcement of IBM i 7.1, IBM introduced a number of security enhancements that add value to its already impressive set of built-in security features.

Join us for this Webinar to learn about the new security functions in IBM i 6.1 and 7.1.

You’ll learn about enhancements in:

• Password control system values
• Session control system values
• Encryption
• User profile parameter changes

Attendees are eligible to receive a FREE Compliance Assessment.

Presenters

Main Presenter: Robin Tatam, PowerTech
Co-Presenter: Jill Martin, PowerTech

Wednesday, May 19, 2010
10 a.m. Central Time (15:00 GMT)
Check our chart for your local time >

Cost
Free of charge

Registration
To register, please visit our WebEx site.

Speaker Bios

Robin Tatam
Director of Security Technologies, PowerTech

Robin Tatam is the Director of Security Technologies for PowerTech, a leading provider of security solutions for the System i. As a frequent speaker on security topics, he was also co-author of theRedbook IBM System i Security: Protecting i5/OS Data with Encryption. Robin can be reached by email at robin.tatam@powertech.com.

Jill Martin
Product Support Manager, PowerTech

Jill Martin is Product Support Manager for PowerTech and brings a strong System i background to any security discussion. Jill has worked in a number of roles in the industry, including technical trainer, sales account manager, and most recently as a key member of the security team. Contact Jill at jill.martin@powertech.com.

Although it is normally nice to return home after a stint of living out of a suitcase, it was definitely a shame to leave the sun and surf of Orlando. There must be something about someone who lives in a “cooler” part of the world heading to warmer climates, as last week literally flew by. Today is rainy and cold in Minneapolis, and I am already aching to hop the quick three-hour flight back down to the sandy beaches. (Not that I spent any time there during the conference, of course!)

In all seriousness, the COMMON annual meeting was a great success for us. Three days of exposure at the expo talking to existing customers about their successes, as well as new faces that are learning how PowerTech can bring so much value to IBM i security projects.

While it seems a few of the attendees were unaware that PowerTech is a member of the Help/Systems family until they saw the joint booth and marquee, the number of people that walked by and indicated that they were already running tools from either one or both sides of the house was very impressive. Of course, we are not resting on our laurels: Today marks the official release of version 6 of Network Security, our leading exit point solution. While talking to expo attendees, it was also fun to discover when they were running just one of the PowerTech tools and to introduce them to another one of the modules.

I also enjoyed presenting three educational sessions on security topics to COMMON attendees:

• 7 Habits of Highly Secure Organizations

• State of IBM i Security Study 2010

• How To Prevent a Data Leak on IBM i

There were over 1000 attendees at this year’s event; up significantly from last year’s event in Reno, Nevada. As an exhibitor, this was quite noticeable from the foot traffic passing through the expo. Next year’s event in Minneapolis, MN will (hopefully) provide IBM with a great opportunity to represent the platform with resources from Rochester, MN. All of the Help/Systems companies will have a strong presence there, as always.

As I mentioned, Network Security’s new release began shipping this week. To celebrate, I will try to scoop an interview with Jill Martin, PowerTech’s product support manager, to tell us a little about the process of getting a product release out of the door, as well as some of the background on what is new and improved. Watch for that next week…

Last but not least, congratulations to Chris Smith of Wells Fargo, lucky winner of our Windows 7 Netbook giveaway last week.

Cheers!

- rt

One of the greatest challenges an organization faces when securing an IBM i environment is protecting the system from the people who are charged with its care: programmers, administrators, and security officers. These power users often need access to restricted objects and commands, but they rarely need that level of access 24 hours a day, and definitely not without accountability.

Join this session to learn about the vulnerabilities associated with powerful users. Then, explore Authority Broker, an award-winning approach to regaining the control your auditors demand while allowing your administrators and programmers to do their jobs.

This event will include an online Authority Broker demo.

Presenters

Main Presenter: Robin Tatam, PowerTech
Co-Presenter: Jill Martin, PowerTech

Wednesday, May 12, 2010
10 a.m. Central Time (15:00 GMT)
Check our chart for your local time >

Cost
Free of charge

Registration
To register, please visit our WebEx site.

Speaker Bios

Robin Tatam
Director of Security Technologies, PowerTech

Robin Tatam is the Director of Security Technologies for PowerTech, a leading provider of security solutions for the System i. As a frequent speaker on security topics, he was also co-author of the Redbook IBM System i Security: Protecting i5/OS Data with Encryption. Robin can be reached by email at robin.tatam@powertech.com.

Jill Martin
Product Support Manager, PowerTech

Jill Martin is Product Support Manager for PowerTech and brings a strong System i background to any security discussion. Jill has worked in a number of roles in the industry, including technical trainer, sales account manager, and most recently as a key member of the security team. Contact Jill at jill.martin@powertech.com.

I am not sure what happened to Spring, but as Orlando enjoys temperatures in the mid-90s, one could say summer is already here.

I am in Central Florida this week to attend the 50^th Anniversary COMMON annual meeting and exposition, hosted at the Orlando Marriott resort. This is my first time touching down in Florida, and I have not been disappointed. Although I do not have the complexion to ever consider becoming a “sun worshipper,” there is an immediate recognition of why this state attracts thousands of visitors from around the world: Clean streets, pristine buildings, and endless entertainment and activities for people of every age. I arrived a couple of days early and drove over to Cocoa Beach, and then down to West Palm Beach to visit my “brother” from my time as a foreign exchange student. It was wonderful to reconnect with him after a couple of years.

The conference started on Sunday with the normal pre-meeting lab sessions, and then formally commenced on Monday after with a large opening session hosted by COMMON president Wayne Madden, and keynote speaker Ross Mauri, General Manager of IBM Power Systems.

The exposition has been very busy for all of the Help/Systems’ family of companies, significantly up from the event last year in Reno. With a COMMON call for more participation from its members, hopefully this is something that continues to rebuild and increase. It has been a pleasure to visit with existing and prospective customers alike. It seems security is still very much on the minds of the attendees, with interest from every industry and every size organization within those industries.

We have been signing up large numbers of attendees who are interested in winning the beautiful Gateway netbook, and have been handing out logo t-shirts from SEQUEL, Help/Systems, and of course, PowerTech by the box.

Well, I have to run as the expo is about to begin again. Based on the last couple of days, we will need every resource available on the expo floor; a great problem to have!

If you were not able to attend this year’s meeting, I hope to see you all at next year’s event in Help/Systems’ hometown of Minneapolis, MN, from May 1 through 4.

Have a wonderful week!

- rt