Capture GUI 3 User Manual.book - Raz
Contents
1. Capture Data 2 Select a job to view it s captured screens and click Open Capture HTTP Capture HTTP will enable to capture the screen activity directly from a specific IP address one or more but always the IP address has to be known in advance The users activity that can be monitored is the access from specific addresses The module directs the users to an IP address in the local network This is top exclude web facing sessions as well as S 36 MRT very old programming method in which one job controls several terminals IP Names 1 Click IP Names under the HTTP node The IP Names screen appears iSecurity GUI User Manual 59 IP Names us A i iSecurity 5720 54465D5A 2 25 09 3 22 PM Capture HTTP IP Names TOX File Edit Window Help i d BY SCH EC CC 3 gi S720 1 session s S4465D5A mp LG Anti Virus 5 Audit 6 Business Intelligence HS Capture amp g 5250 a HTTP IP Names Sessions a LG Central Administration H 6 Firewall CS Logs 6 Maintenance e LG Password H E Queries and Reports gt Screen a User Management View ee x us Security 23 D CliPiNames 3i 0 E us System i E Security 5720 54465D5A Capture HTTP P Names Name 1 1 1 100 www 2222 dva 33 3 tree e 3 IP sl E Browse Clear E IP SI IP Names 2 Click Add to add a new IP name The Ad2. b Give prominent notice with the combined library of the fact that part of it is a work based on the Library and explaining where to find the accompanying uncombined form of the same work You may not copy modify sublicense link with or distribute the Library except as expressly provided under this License Any attempt otherwise to copy modify sublicense link with or distribute the Library is void and will automatically terminate your rights under this License However parties who have received copies or rights from you under this License will not have their licenses terminated so long as such parties remain in full compliance You are not required to accept this License since you have not signed it However nothing else grants you permission to modify or distribute the Library or its derivative works These actions are prohibited by law if you do not accept this License Therefore by modifying or distributing the Library or any work based on the Library you indicate your acceptance of this License to do so and all its vii GNU LESSER GENERAL PUBLIC LICENSE GUI User Manual terms and conditions for copying distributing or modifying the Library or works based on it 10 Each time you redistribute the Library or any work based on the Library the recipient automatically receives a license from the original licensor to copy distribute link with or modify the Library subject to these terms and conditions You may
3. Security Navigator 33 gt E BS E b Business Intelligence b amp Capture b amp Central Administration P amp Compliance Evaluator v Firewall 4 BB Unsaved state Canet Configuration v gt Global IP Filtering Open editors C Incoming IP Addresses L Incoming Remote System Names E Outgoing IP Addresses E Intrusion Detection Ga Visited editor P Logon b Objects E Port Restrictions P Rule Wizards E Server Settings E Time groups b Users and Groups P Logs P amp Maintenance Open Editors Display in Navigator View Editor Filter All editors have a built in filter that also suggest filter criteria iSecurity GUI User Manual 46 Editors Suggestions as on the input LlActions 3 e 720 iSecurity 1 Audit Actions Audit FULL 3 min idle El Actions Ana Clear input Zy Browse Action Description QSEC170244 Created by Acti Q9EC170333 QSEC170333 Created by Ac QSEC170244 QSEC112137 Created by Actid Opens suggestions dialog based 3 Filtered Add Delete Editor Filter Click Browse to open the suggestions dialog box based on the input iSecurity GUI User Manual 47 Rule Wizards Ghoose Value Values available for Action fe QSEC170244 QSEC170333 QSEC112137 1 item s Suggestions Dialog Rule Wizards Every rule wizard has a Data set configurat
4. tem i against all known external threats and also controls what users are allowed to do after access is granted iSecurity is a robust cost effective security solution iSecurity is by far the most intuitive and easy to use security software product on the mar ket today Its top down functional design and intuitive logic create a work environment that even novices can master in minutes iSecurity features a user friendly Java based GUI and an System i Navigator OpsNav plug in Once upon a time the System i was used almost exclusively in a closed environment with host systems connected to remote data terminals via proprietary technologies Within this closed environment the security features of the OS 400 operating system provided the strongest data and system security in the world User profiles menus and object level secu rity provided all the tools necessary to control what users were allowed to see and do In today s world of enterprise networks PCs distributed databases the Internet and web technologies closed computing environments are all but extinct Technological advances compelled IBM to open up the System i and its OS 400 operating system to the rest of the world This new openness brought with it many of the security risks inherent in distrib uted environments The simple fact is that users accessing the System i and its databases externally can easily bypass native OS 400 security System administrators need to
5. Application Groups Audit Audit Log Audit Queries Audit Scheduler Show As List Group By Types O Group By Tags If Group By Tags is checked you can quickly activate selected editors Cancel Editors List This works also for multiple accounts sessions iSecurity GUI User Manual 34 Nodes with filter E iSecurity 1 Editors x Enter tag prefix or pattern or camel case es Activation El Activation Ej Screen Activation P amp Collected data 7 Show As List Group By Types Group By Tags Ga Path AMIR iSecurity 1 Anti Virus Activation Editors List by Tags Nodes with The following example use the Profiles node under User Management filter To filter information right click the node the properties dialog for Profiles displays select Filter NOTE Changes done here will take place at the next attempt to open the editor or at the next attempt to refresh an already opened one iSecurity GUI User Manual 35 Updated new features and version Properties for Profiles Properties Filter The filter is accessible also via editor s pop up U pd ated new Updates and new releases are available through the GUI itself features and 1 Go to Help gt Software Updates gt Find and install version iSecurity GUI User Manual 36 Updated new features and version us AA i iSecurity File Edit Window
6. Connection 2 3 Connection information Host 111100 User QSECOFR Password eo Operator Password Show Passwords Cluse ss Current SSL settings A Saved passwords are stored on your PC in a file that is difficult but not impossible for an intruder to decrypt New Account Connection 5 When clicking Next the Connection Control screen appears Check the Open Connection Wizard if you whish the application to prompted for new sessions This is just a conveniences issue that suits those cases where all required information for making a connection is supplied 6 Check the Connection Timeout and type after how man seconds to stop the attempt to connect iSecurity GUI User Manual 11 Running iSecurity GUI in SSL mode jas New Account Connection Control 3 3 Provide Connection Control Information Open connection wizard for new sessions C Connection Timeout sec Connection Control NOTE The only required field for an account is a name The account stores user s data on the disc in a file that is difficult but not impossible for an intruder to read so care should be taken here Running 1 Open a web browser to your AS400 system usually port 2001 is used Click on iSecu rity GUI Digital Certificate manager On the left click on Install Local CA Certificate on in SSL mode Your PC click on Copy and paste certificate Cut and paste the certificate into notepad save
7. Frame 1 Click File gt Save as to save the frame as JPG file 2 Usethe arrows to move back and forward in frames 3 Click to display the captured frame in a slide show according to the time span the user viewed them 4 Click e to highlight words and lines in the screen iSecurity GUI User Manual 64 Maintenance Collected Data Chapter 4 Maintenance Collected Data Administrators can view summaries of Action Audit Capture and Firewall journal contents by day showing the number of entries for each day together with the amount of disk space occupied Administrators can optionally delete records for individual days in order to conserve disk space The following screen capture provides an example fm Colecteddats 53 gt o Development iSecurity 1 Maintenance Audit Collected data Admin FULL 2 min idle E Collected data a amp e 3e 15 coteceddete Y ere Collected Date Records Size MB Save Date Dec 6 2009 140566 128 0 Dec 13 2009 8 20 41 PM Dec 7 2009 150466 134 3 Dec 13 2009 8 20 41PM Dec 8 2009 40440 17 9 Dec 13 2009 8 20 41PM Dec 9 2009 18503 9 5 Dec 13 2009 8 20 41 PM Dec 10 2009 20382 9 5 Dec 13 2009 8 20 41 PM Dec 11 2009 1082 6 Dec 13 2009 8 20 41 PM Dec 12 2009 836 8 Dec 13 2009 8 20 41 PM Dec 13 2009 20160 9 5 Dec 13 2009 8 20 41PM Dec 14 2009 23348 14 7 1 9 3 Delet
8. an argument passed when the facility is invoked then you must make a good faith effort to ensure that in the event an application does not supply such function or table the facility still operates and performs whatever part of its purpose remains meaningful For example a function in a library to compute square roots has a purpose that is entirely well defined independent of the application Therefore Subsection 2d requires that any application supplied GNU LESSER GENERAL PUBLIC LICENSE GUI User Manual function or table used by this function must be optional if the application does not supply it the square root function must still compute square roots These requirements apply to the modified work as a whole If identifiable sections of that work are not derived from the Library and can be reasonably considered independent and separate works in themselves then this License and its terms do not apply to those sections when you distribute them as separate works But when you distribute the same sections as part of a whole which is a work based on the Library the distribution of the whole must be on the terms of this License whose permissions for other licensees extend to the entire whole and thus to each and every part regardless of who wrote it Thus it is not the intent of this section to claim rights or contest your rights to work written entirely by you rather the intent is to exercise the right to control the distribution
9. conditions either of that version or of any later version published by the Free Software Foundation If the Library does not specify a license version number you may choose any version ever published by the Free Software Foundation If you wish to incorporate parts of the Library into other free programs whose distribution conditions are incompatible with these write to the author to ask for permission For software which is copyrighted by the Free Software Foundation write to the Free Software Foundation we sometimes make exceptions for this Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promotin g the sharing and reuse of software generally NO WARRANTY BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE THERE IS NO WARRANTY FOR THE LIBRARY TO THE EXTENT PERMITTED BY APPLICABLE LAW EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND OR OTHER PARTIES PROVIDE THE LIBRARY AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESSED OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU SHOULD THE LIBRARY PROVE DEFECTIVE YOU ASSUME THE COST OF ALL NECESSARY SERVICING REPAIR OR CORRECTION 16 IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER OR ANY OTHER PARTY WHO MAY MO
10. copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License also called this License Each lic ensee is addressed as you A library means a collection of software functions and or GNU LESSER GENERAL PUBLIC LICENSE GUI User Manual data prepared so as to be conveniently linked with application programs which use some of those functions and data to form executables The Library below refers to any such soft ware library or work which has been distributed under these terms A work based on the Library means either the Library or any derivative work under copyright law that is to say a work containing the Library or a portion of it either verbatim or with modifications and or translated straightforwardly into another language Hereinafter translation is included without limitation in the term modification Source code for a work means the preferred form of the work for making modifications to it For a library complete source code means all the source code for all modules it contains plus any associated interface definition files plus the scripts used to control compilation and installation of the library Activities other than copying distribution and modification are not covered by this License they are outside its scope The act of running a program using the Library is not restricted and output from such a program is covered only if its contents con
11. log file to support razlee com Parameter Description Opens Opens the log file using the default text editor iSecurity GUI User Manual 40 Editors Editors Parameter Description Open Containing Useful if you wish to send the file as an attachment Folder Browse Set a different log file location and name Most editors whether forms or tables have an internal tool bar which also shows load status E Intrusion Detection 720 iSecurity 1 Firewall Intrusion Detection Firewall FULL E Intrusion Detection Vd Detected Intrusion End the offending interactive session O Send message to the user O Disable user Prevent specific users from being disabled automatically O Send email to Security Administrator Email TZION RAZLEE COM Run Action If Action is installed O Write to QAUDJRN security audit journal Audit journal code is U Journal entry type is FW Data format SMZ8 GSCALP Message Queue amp Screening of allowed activity Revert Save Editor Tool Bar Every form has Save Revert actions iSecurity GUI User Manual 41 Editors ection 33 gt ER asion De S720 iSecurity 1YFirewall Intrusion Detection Firewall FULL E Intrusion Detection a Detected Intrusion End the offending interactive session O Send message to the user O Disable user Prevent specific users from bein
12. mls Zn i A iSecurity Help About iSecurity 55 iSecurity 3 EX Belt Software Updates gt Find and Instal O PAY e T o A o A 54465D5A 2 18 09 5 55 a Manage Configuration gt Anti Virus a CG Audit a Business Intelligence Find and install 2 Select Search for new features to install and press Next ius Instal Update Feature Updates el J Choose the way you want to search for features to install DE O Search for updates of the currently installed features Select this option if you want to search for updates of the features you already have installed Select this option if vou want to install new features from existina or new update sites Feature Updates 3 Check iSecurity updates and click Finish iSecurity GUI User Manual 37 Updated new features and version us Install Update sites to visit Select update sites to visit while looking for new features Sites to include in search iSecurity Updates New Remote Site New Local Site New Archived Site Edit Remove Import sites Export sites Ignore features not applicable to this environment Automatically select mirrors Update sites to visit 4 Check the features to install and click Finish iSecurity GUI User Manual 38 Reporting problems in iSecurity GUI iSecurity Archived Update Site If you don t have internet connection from the GUI you
13. not impose any further restrictions on the recipients exercise of the rights granted herein You are not responsible for enforcing compliance by third parties with this License 11 If as a consequence of a court judgment or allegation of patent infringement or for any other reason not limited to patent issues conditions are imposed on you whether by court order agreement or otherwise that contradict the conditions of this License they do not excuse you from the conditions of this License If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations then as a consequence you may not distribute the Library at all For example if a patent license would not permit royalty free redistribution of the Library by all those who receive copies directly or indirectly through you then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library If any portion of this section is held invalid or unenforceable under any particular circum stance the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims this section has the sole purpose of protecting the integrity of the free software distribution system which is implement
14. rights These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it For exam ple if you distribute copies of the library whether gratis or for a fee you must give the recipients all the rights that we gave you You must make sure that they too receive or can get the source code If you link other code with the library you must provide complete object files to the recipients so that they can relink them with the library after making changes to the library and recompiling it And you must show them these terms so they know their rights We protect your rights with a two step method 1 we copyright the library and 2 we offer you this license which gives you legal permission to copy distribute and or modify the library To protect each distributor we want to make it very clear that there is no warranty for the free library Also if the library is modified by someone else and passed on the recipients should know that what they have is not the original version so that the original author s reputation will not be affected by problems that might be introduced by others Finally software patents pose a constant threat to the existence of any free program We wish to make sure that a company cannot effectively restrict the users of a free program by GNU LESSER GENERAL PUBLIC LICENSE GNU LESSER GENERAL PUBLIC LICENSE GUI User Manual obtaining a restrictive license
15. widest possi ble use of a certain library so that it becomes a de facto standard To achieve this non free programs must be allowed to use the library A more frequent case is that a free library does the same job as widely used non free libraries In this case there is little to gain by limiting the free library to free software only so we use the Lesser General Public License In other cases permission to use a particular library in non free programs enables a greater number of people to use a large body of free software For example permission to use the GNU C Library in non free programs enables many more people to use the whole GNU operating system as well as its variant the GNU Linux operating system Although the Lesser General Public License is Less protective of the users freedom it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library The precise terms and conditions for copying distribution and modification follow Pay close attention to the difference between a work based on the library and a work that uses the library The former contains code derived from the library whereas the latter must be combined with the library in order to run TERMS AND CONDITIONS FOR COPYING DISTRIBUTION AND MODIFICA TION This License Agreement applies to any software library or other program which contains a notice placed by the
16. will activate the last form that has changed iSecurity GUI User Manual 43 Editors S720 iSecurity T Firewall Intrusion Detection D Ele Edit Window Help sm BS Security a E Intrusion Detection 8 iSecurity ea 5 5720 Security 1 FirewallIntrusion Detection Firewall FULL Ej Intrusion Detection amp Detected Intrusion m Message Queue a Screening of allowed activity Message queue name NONE o Writable Last Modified Editor Editor Display Editor displays product name authorization information and idle time iSecurity GUI User Manual 44 Editors 2 L Incoming IP Addresses X 720 iSecurity 1 Firewall Global IP Filtering Incoming IP Addresses Xm m al Firewall FULL 44 min idle ts iSec Incoming IP Addresses y amp G IP Address Browse IP Address Subnet Mask FTP REXC Telnet DB TCPSGN RMT DDM Text ALL 0 0 0 0 No Yes No No No No ALL 1 1 1 144 255 255 255 255 Yes No No No Yes Yes 1 1 1 166 255 255 255 255 Yes Yes Yes Yes Yes Yes 1 9 5 8 255 255 255 0 No No No Yes No SSL Only 2 2 2 2 255 255 255 240 No No No No No No 22 272 255 255 255 255 No Yes No No No Yes Editor display Open editor display Open editors have special rendering in the Navigator View and appears in Italics iSecurity GUI User Manual 45 Editors
17. Capture GUI The User Tracking Component of iSecurity fe GUI User Manual Version 3 RAZ LEE gt The iSeries Security Experts Updated 12 29 2009 Table Of Content doing isis ii i About This Man al Me ii Who Should Read This BOOK sisas ii TERMINACION E P ii Weieen ii Printed Materials ccccccccccccccccccsceesscscccccesecssssseeecceecesessssaceeeceecesesssssaeeeeeecesessessaeeeeeees ii On Line A n s ii Typography Conventions E ii Chapter 1 Introducing Security eeeeeeeeeesss 4 What is iSecurity E 4 Why You Need iSecurity A 4 How iSecurity WOrkS ege 4 Top Down Security Design ENNEN 4 iSecurity Rules and the Best Fit Algorithm scccsssecsccersdecccasvadeccaavsercacsvesnasanvdeliecourasccens 5 FYI Simulation Mode esee eene eene nnne enne etn nnns essent rnnt nnns een 6 Emersency EE 6 Rule ME EE 6 PRET IVEY TAOS quM c 6 Business Intelligence Visualizer cn 6 DC MY canst J 7 ASS CSSINENE HU 7 Firewall 7 Audit J YO 9 7 SEELEN 7 EU DB Gem a EE A Aan ET E A A EE TAEA EA ENIES amp SEEN a OO H POSSWORUL
18. DIFY AND OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE BE LIABLE TO YOU FOR DAMAGES INCLUDING ANY GENERAL SPECIAL INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES END OF TERMS AND CONDITIONS
19. al Export Definitions and Import Definitions are useful in transferring configuration settings from one System i to another To import export definitions to another System i follow this procedure 1 Click Open near Export Definitions or Import Definitions this chapter uses Export as an example The Export SecPart Definitions dialog box appears The table below provides an explanation for both Export and Import Definitions iSecurity GUI User Manual 69 Firewall Specific fa Export iSecurity Part 1 Defns EXPSTDFN File Edit View Help Collection type O New aDD Work library and SAYF in QGPL AUTO v Firewall options SAME im Screen options SAME vj General options SAME E Update remote systems Systems to update NONE v Update type 8 UPD O REPLACE SAVSYS or iSecurity password PROMPT vi Character value o JE ener one T Export SecPart Definitions Option Description Title Library Prefix S1 Choose a prefix for the libraries where the definitions will be stored Title Library Name Enter name of library where definitions will be stored prefix name 10 characters From Library The library where the definitions are taken from Keep backup in library Where backup definitions are kept begin with prefix S1 Firewall System i ADD Add to a previously imported exported rule options REPLACE Replace a previously imported exported rule BYSUBJECT Import export rule
20. ame Job Name Subsystem 100 Out Out Capture Rules 2 Click Add to add a new rule The Add Rule screen appears iSecurity GUI User Manual 56 Capture Rules Sequence 10 E Description Selection Criteria IP Address L Time group Job Terminal Id generic User Special Authority generic Subsystem 1 generic Rule is valid until Feb 23 2009 Process Capture copy screen Log CL program commands Add Rule 3 Select 10 in the Sequence field to cause this rule to be executed first 4 Type descriptive text in the Description field 5 Type ALL in the IP Address field This indicates that the rule applies to all incoming addresses 6 Type 0 0 0 0 in the Subnet Mask field The subnet mask is required even though the rule applies to all IP addresses 7 Check the Time Group check box to apply a time group criteria 8 Typea job name at the Job Terminal ID feild to apply the rule only to this job iSecurity GUI User Manual 57 Capture Data ad 9 Type a user profile a group or a special authority in the User Special Authority field This causes the rule to apply only to this user profile 10 Type a subsystem name at the Subsystem feild to apply the rule at 11 Select a date for the rule to void at the Rule Valid Until feild 12 Check the Log CL program commands to record job log and CL program commands This changes the j
21. ay DBCS screens Asian languages char acters Capture monitor must ne activated in order to enable the automatic capture features It is strongly recommended that you configure Capture to activate automatically each time an IPL occurs on your System i Capture activation can be done from the native version of the product on the System i or from the GUI To activate from the GUI select the User Password Replication and Activation node under the 5250 Activating Capture User Password Replication and Activation 21 lud Development iSecurity 1 Capture 5250 User Password Replication and Activation Capture FULL EJ User Password Replication and Activation a User Password Replication and Activation Activate Capture Apply Deactivate Capture Apply Monitor Jobs Work with Active Jobs Global Activation Enable Capture Disable Capture Activate at IPL Do not activate at IPL Apply User assword Replication and Activation Manual Activation W To manually activate the Capture monitor click Apply at Activate Capture W To manually de activate the Capture monitor click Apply at Deactivate Cap ture Automatic Activation W To activate Capture automatically each time an IPL occurs click Apply at Acti vate at IPL from the Global Activation menu E To cancel automatic activation click Apply at Do Not Activate at IPL f Verifying that the Capture Monitor is Active Click Ope
22. can updated the application using a local update site 1 Ask for the new update zip file from your distributor and save it on your local disk 2 Click New Archived Site 3 A Select file dialog will open point it to the location of the zip file supplied to you 4 On the Edit Local Site dialog click OK Repo rti ng The iSecurity GUI module writes output to a log file By default problems are written to the problems in log file which should be e mailed to support razlee com iSecurity GUI og Preferences window Open the Preferences dialog from iSecurity s menu bar us iSecurity File Edit MEIN Help Click on the Log node iSecurity GUI User Manual 39 Reporting problems in iSecurity GUI Ba jus Preferences type fiter text tog lt General E iSecurity p Console C Documents and Settings Owner security workspace3 metadata pluginslcom Email a a EXITUS mE Ex 2m Export to CSV Open Containing Folder Locale SSL Settings v Clear log on application start Log file C Capture standard output stream Capture standard error stream Preferences NOTE Changes made on this screen take effect after iSecurity is restarted By default the log file is cleared when iSecurity starts and only errors are printed to it You may be asked by the Raz Lee Technical Support team to check the Capture standard output stream box re create the error and then re send the
23. curity E User to Service Security E Object Security W Logon Security provides additional security features once access has been granted Simply put whenever a higher less specific rule will suffice you do not need any more spe cific rules For example if you do not need to use FTP you simply reject all transactions at the FTP Server Exit Point level You do not need to define any rules that limit FTP access via specific IP addresses by specific users or to specific objects iSecurity Rules and the Best Fit Algorithm iSecurity is a rules based security product You create a wide variety of rules to cover many different situations and to counter different kinds of threats Some rules will likely apply globally to all or most activity types while others will be designed to cover very spe cific situations GUI User Manual 5 How iSecurity Works GUI User Manual You can enable FYI Simulation mode globally for all activity regardless of server or user You can also enable FYI individually for specific function servers as a parameter in server security rules In this manner you can test security rules for specific servers without affect ing rules that apply to other servers FYI Simulation Mode FYI Simulation mode allows you to simulate the application of security rules without phys ically rejecting any activity All rejected transactions are recorded in the Activity log as such but the activity is allowed to proceed witho
24. d IP address screen appears iSecurity GUI User Manual 60 Sessions lus Add IP address Add IP address IP address Name Add IP address 3 Add IP address and a descriptive name and click OK Sessions 1 Select Sessions node under HTTP The Sessions screen appear Security GUI User Manual 61 Sessions lus system i Security 5720 54465D5A 2 23 09 7 21 PM Capture HTTP Sessions TOX Eile Edit Window Help ED d DS us Eege in o ascolto e iSecurity GUI User Manual nd E l S720 1 session s E S4465D5A gt Anti Virus 4 3 Audit S Business Intelligence SES Capture CG 5250 E HTTP 7 IP Name EB ns amp Central Administration i amp Firewall SG Logs HS Maintenance mz gt Password H S Queries and Reports amp Screen mp LC User Management View ES us system El Sessions 93 iSecurity S720 S4465D5A Capture HTTP Sessions P 3 Browse Clear IP Name Session Starttime Date Pages Open iSecurity 5720 54465D54A Capture HTTP Sessions Sessions 2 Click Open The Preferences screen appears 62 Sessions Preferences Preferences iSecurity GUI User Manual 63 Sessions Capture QSECOFR QPADEVOOO3 543909 Fle Edit 1 amp 21402 120042007 3sec vit E p Main Menu C COPYRIGHT IBM CORP j 24x80 Row 20 Col 72 Captured
25. dialog box again to prevent prompting for new sessions of this account NOTE Data supply in this step has no persistence on disc Click Finish to connect to supplied host Connection process runs in the background enabling the user to continue working A new session node added to the account along with the nodes of the application iSecurity GUI User Manual 25 Creating a New Session us iSecurity File Edit Window Help DE id Q i XD ES FB security 25 Security Navigator 3 gt HooO earF SG gal S720 P GG Anti Virus DG Audit 2 Authority On Demand Business Intelligence Capture 2 Central Administration 2 Compliance Evaluator gt Firewall 2 Logs Maintenance 2 Queries and Reports 3 Screen DE User Management D iSecurity 2 Nov 29 2009 2 59 51 f s720jSecurity 1 New Session Added Multiple sessions can be added based on the same account or different under the same account Multiple accounts can also be created Disconnecting a Session To disconnect from a session right click on a session title or on multiple sessions and select Disconnect Security GUI User Manual 26 Creating a New Session iSecurity Disconnect Session Session Properties Session properties are read only information the connection can not be modified iSecurity GUI User Manual 27 Creating a New Session Properties for iSecurity 1 Session Propert
26. e Collected Data Options Parameters Description Collected date Date that entries were made Records Number of records for that day Size Size of data mb iSecurity GUI User Manual 66 Setup PRINT1 PRINT9 Setup PRINT1 PRINT9 Options Parameters Description Save Date Date that entries were saved Delete Delete data Firewall and Audit allows you to define up to nine specific printers to which you can send printed output These may be local or remote printers PRINT1 PRINTO are special values which you can enter in the OUTPUT parameter of any commands or options that support printed output Output to one of the nine remote printers is directed to a special output queue specified on the PRINT1 PRINT9 User Parameters screen see accompanying procedure which in turn directs the output to a print queue on the remote system You use the CHGOUTQ command in the native system to specify the IP address of the designated remote location and the name of the remote output queue By default the first two remote printers are pre defined The following is a description of all remote printers H PRINTT1 is set to print at a remote location such as the home office PRINT2 is set to print at a remote location in addition to the local printer PRINTS3 creates an Excel file PRINT3 9 are user modifiable To define remote printers perform the following steps 1 Click Setup PRINT1 PRINT9 node The table bel
27. e interchange If distribution of object code is made by offering access to copy from a designated place then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code even though third parties are not compelled to copy the source along with the object code 5 A program that contains no derivative of any portion of the Library but is designed to work with the Library by being compiled or linked with it is called a work that uses the Library Such a work in isolation is not a derivative work of the Library and therefore falls outside the scope of this License However linking a work that uses the Library with the Library creates an executable that is a derivative of the Library because it contains portions of the Library rather than a work that uses GNU LESSER GENERAL PUBLIC LICENSE GUI User Manual the library The executable is therefore covered by this License Section 6 states terms for distribution of such executables When a work that uses the Library uses material from a header file that is part of the Library the object code for the work may be a derivative work of the Library even though the source code is not Whether this is true is especially significant if the work can be linked without the Library or if the work is itself a library The threshold for this to be true is not precisely defined by law If such an object file uses only numerical pa
28. ed by public license practices Many people have made gener ous contributions to the wide range of software distributed through that system in reliance on consistent application of that system it is up to the author donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice This section is intended to make thoroughly clear what is believed to be a conse quence of the rest of this License 12 If the distribution and or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries so that distribution is permitted only in or among countries not thus excluded In such case this License incorporates the limitation as if written in the body of this License 13 The Free Software Foundation may publish revised and or new versions of the Lesser General Public License from time to time Such new versions will be similar in spirit to the present version but may differ in detail to address new problems or concerns Each version is given a distinguishing version number If the Library specifies a version number of this License which applies to it and any viii GNU LESSER GENERAL PUBLIC LICENSE 14 15 GUI User Manual later version you have the option of following the terms and
29. ed in with iSecurity GUI User Manual 32 Screens and Editors Screens and Editors Enter iSecurity Password This password provides an additional layer of protection It is required only once per session iSecurity password Enter iSecurity Password NOTE Unauthorized user will receive an error message The navigator icons are differently designed according to what they display External Window O gt METE Et Global IP Filtering i Incoming IP Addresses L Incoming Remote System Names Outgoing IP Addresses E Global Parameters E Intrusion Detection 2 Logon e ae aes Objects Port Restrictions Rule Wizards IFS Objects Incoming IP Address Firewall Native Objects Outgoing IP Address Firewall C Users Scheduler Firewall Server Settings Time groups Firewall Users and Groups H S Logs Screens and Editors Security GUI User Manual 33 Screens and Editors Editors Click on Open Editors tool bar button to search editor name prefix or pattern security Navigator SS E S amp gt Development j E iSecurity 1 Nov 30 2009 3 26 55 Al DS Anti Virus DG Audit H E Authority On Demand Open Editors A list of editors appears in alphabetic order t Development Editors Enter editor name prefix or pattern or camel case Actions Activation Activation Activation
30. equip themselves with a new generation of security tools to combat these evolving threats iSecurity is just such a tool It enhances native OS 400 by controlling access via all known external sources and control ling precisely what users are permitted to do once access is granted Top Down Security Design Top down security design means that the process of designing and applying security rules follows the most efficient and logical path possible In other words this means you have to design far fewer rules in order to achieve maximum security and your System i needs to pro cess apply rules to far fewer transactions than many similar products You save planning and maintenance time as well as valuable system resources Top down security designs a simple hierarchy of rule types When a higher level rule type fully meets your security requirements you do not need to define any more rules for that sit uation The following drawing illustrates this concept How iSecurity Works RejectAllow For Each Server TCP IP amp SNA Firewall Incoming 4 Outgoing User to Server Sooess Security Command Verb Security User to Object Access Security Native 05 400 and IFS Objects Object Management Authority FTP Telnet WSG Passthrough Logon Control Automatic User Profile Swapping iSecurity Top Down Security Design System i security is based on five basic levels E Server Exit Point Security W TCP IP Address Firewall Se
31. et PRC CECE ET EE eege EUNT em Chapter 2 Getting Started i e diana ta ih aad aa ld 10 Create a New Account cursante 10 Running iSecurity GUI in SSL mode AE 12 Account Information Properties eet reprhnert doen pep uae 16 Connection timeout cs 18 AN 19 RE EN E TE 21 Account SESSIONS EE 22 Creating a New Session D E 23 Dis nnecting REENEN siae iko REN OMEN NETT PUB eu SERERE 26 SCSSLONMP 2 NN 27 tegt ee 28 AY e M 29 Restore the Navigator ie 31 Application A 32 Screens and MONS ea arcade Sca ataca da ux eX UT T RARE Ead Tua b 33 Eege E e S 34 Nodes with filter ata UU UU TU TU 35 Updated new features and version sss 36 iSecurity Archived Update Site di 39 Reporting problems in iSecurity GU 39 Log Preferences window 39 O E Eu ur cau ure c CUTE 41 Last Modified Editor m 43 Editor Display EET Dr XM ZEE 44 SO AA 45 Editor Filter E lic 46 EI A UE I UP SEO IP NEU RE 48 Preferentes tege 50 ET ARC CTT M 53 A E 53 Activating OTIS EEN 53 Manual Activa OM e etre E EE CREE E E Fossa E Ea 54 AULOMATIC ACTIVATION RR 54 Verifying that the Capture Monitor is Active EE 54 Enable Disable EE 55 Eat Eeer 55 Capture Dala Mer 58 Capture ATIP TET 59 IP NAME TOT 59 SESSIONS mase ne E O 61 Chapter 4 ril c 66 Col
32. from a patent holder Therefore we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license Most GNU software including some libraries is covered by the ordinary GNU General Public License This license the GNU Lesser General Public License applies to certain designated libraries and is quite different from the ordinary Gen eral Public License We use this license for certain libraries in order to permit linking those libraries into non free programs When a program is linked with a library whether statically or using a shared library the combination of the two is legally speaking a combined work a derivative of the original library The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom The Lesser General Public License permits more lax criteria for linking other code with the library We call this license the Lesser General Public License because it does Less to protect the user s freedom than the ordinary General Public License It also provides other free software developers Less of an advan tage over competing non free programs These disadvantages are the reason we use the ordinary General Public License for many libraries However the Lesser license provides advantages in certain special circumstances For example on rare occasions there may be a special need to encourage the
33. g disabled automatically O Send email to Security Administrator Email TZION RAZLEE COM Run Action If Action is installed O Write to QAUDJRN security audit journal Audit journal code is U Journal entry type is FW Data format SMZ8 GSCALP Message Queue Screening of allowed activity lt Revert E Save Revert Save Editor s actions are available also via a pop up El Intrusion on amp gt 7B 720 iSecurity 1 Firewall Intrusion Detection Firewall FULL 3 min idle E Intrusion Detectior s amp amp lg 5 Show In Navigator Detected Intrusion f Pl Save MI End the offending inte lt Revert O Send message to the Refresh F5 O Disable user Properties Alt Enter Pre ific O Send email to Security Administrator iSecurity GUI User Manual 42 Editors Error messages as link 5720 Security T Firewall Global IP Filtering Incoming IP Addresses iSecurity File Edit Window Help coming IP Addresses 8 gt SCH A ds 1 Firewal Global IP Fitering incoming IP Addresses Firewall FULL coming IP Addresses Qn Link amp e i B IPAddress 2 Browse IP Address Subnet Mask FTP REXC Telnet DB TCPSGN RMT DDM Text Error messages as link Clicking the link to display error message Last Modified Editor Last Modified Editor
34. how Passwords Saved data stored on your computer in a file that is difficult but not impossible for an intruder to read Current SSL settings Restore Defaults Apply OK Cancel Data entered here is persisted The next time iSecurity GUI is invoked these definitions become Current and are used if SSL connection is selected Change Current settings to a different values without them being persisted at any time Account Once an account is created it is added to iSecurity navigator Information A An account can be modified by right clicking on it and selecting Properties Properties iSecurity GUI User Manual 16 Account Information Properties iSecurity Properties Alt Enter Account Properties Security GUI User Manual 17 Account Information Properties Properties for S720 Account Properties Connection timeout GUI will stop the attempt to connect after the specified time defined in Connection Con trol iSecurity GUI User Manual 18 Account Information Properties Properties for 720 Connection Control Item Display node authorization and tag it for easier search of the specific item in the GUI appli cation iSecurity GUI User Manual 19 Account Information Properties Properties for Activation Properties Item Add a new tag or assign an existing one iSecurity GUI User Manual 20 Deleting an Account Select tags Act
35. ies Connection Item Display node authorization and tag it for easier search of the specific item in the GUI appli cation Add a new tag or assign an existing one iSecurity GUI User Manual 28 Creating a New Session Properties for Activation Session Session lists product s authorization level iSecurity GUI User Manual 29 Creating a New Session Properties for iSecurity 1 The Jobs tab lists session jobs iSecurity GUI User Manual Session Properties Session 30 Restore the Navigator jus Properties for iSecurity 1 r type filter text Session Connection Item Started at Nov 29 2009 4 11 54 AM General Jobs de 39 ES Number iv Number Name User Service 561133 QZDASOINIT QUSER Database 561138 QZRCSRVS QUSER Command Session Properties Jobs Restore the The navigator can easily restore it s state after it s being disposed by using the Open Nav Navigator igator toolbar button iSecurity GUI User Manual 31 Application Password us AA i iSecurity Ele Edit Window Help m ES e System i Open Navigator Restore the Navigator Application Application password is separated from connection data which resembles the native side Password Upon requesting data from the server the user is prompted for iSecurity password Empty password is of course an option based on the user profile the user sign
36. ion button iSecurity GUI User Manual 48 Rule Wizards A IES Objects Wizard IFS Objects RN Select an existing data set or create a new one Q Work with existing data set Create new data set Data Set Configuration Data set configuration The command prompter for data set configuration iSecurity GUI User Manual 49 Preferences General v Security Console Email Locale Log Preferences iSecurity GUI User Manual Export to CSV Preferences _ Export to CSV av command prompter Setting field separator for CSV outputs used in the logs 50 Preferences Preferences Export to CSV SI General ete i E Iscurly ield separator Console Email Locale Log Restore Defaults Apply Field Separator for CSV A default E mail address to be used in queries compliance and scheduler iSecurity GUI User Manual 51 Preferences us Preferences x type filter text Email EISEN A default email address that is used in certain v iSecurity commands that produce output that is sent via mail Det Email Address Export to CSV Locale Log Restore Defaults Apply Default E mail Address iSecurity GUI User Manual 52 Capture GUI Capture Activating Capture iSecurity GUI recognize if Capture is installed as a stand a lone product on the native side and verify authority as such Capture also displ
37. ivation Select All Deselect All Tag Deleting an Account can be deleted by right clicking on it and selecting Delete Account iSecurity GUI User Manual 21 Account Sessions iSecurity Delete Account Deleting account will disconnect all sessions under this account NOTE Jfa session has an unsaved data the user will receive a warning asking him to confirm the action Account Select Sessions to view how many sessions are open for this account Sessions iSecurity GUI User Manual 22 Creating a New Session us Properties for 720 type filter text Account Name Connection Connection Control Item Sessions Sessions Creating a New There are three options to create a new session based on the account s data Session E Right click the account and select New Session W Double click the account if it hasn t got sessions W Click on the node s handle if it hasn t got sessions iSecurity GUI User Manual 23 Creating a New Session iSecurity New Session iSecurity GUI User Manual 24 Creating a New Session jas S720 New Session Connection Connection information Host 1 1 1 100 User reuti Password Operator Password Show Passwords Cluse ss Current SSL settings Coen shon se ese New Session Connection B Click Import to import a pre saved connection data upon creation of an account W Check the Don t show this
38. lected DET EE 66 Selle PAINT t TC H KEE 67 eee Eoi flle tm 69 iSecurity Part T Global WEE 69 Export Import Definitions tegen 69 PUP WAM SPCC sesion 70 Save Firewall LO M S 70 S t Firew ll Defaults Fe M 71 Sereen ET le E 73 Delete Sereen Log Entries E 73 Password SGC E 73 Copy Dictionary Language cooccccnnnnonononnnnnnnnnnnnnnnnnncnnnnnnnnn nn nnnnnnnnnnnnnnn nr nnnnn esee n nnne 73 Appendix License Agreement eeeeeeeeeeeeeeeeeeeeennnnnnn ii el Wee C Te ii GNU LESSER GENERAL PUBLIC LICENSE eene iii Copyright Notice Copyright Raz Lee Security Inc All rights reserved This document is provided by Raz Lee Security for information purposes only Raz Lee Security is a registered trademark of Raz Lee Security Inc Action System Con trol User Management Assessment Firewall FileScope Screen Password Audit Cap ture View Visualizer Anti Virus AP Journal are trademarks of Raz Lee Security Inc Other brand and product names are trademarks or registered trademarks of the respective holders Microsoft WindowsO is a registered trademark of the Microsoft Corporation Adobe AcrobatO is a registered trademark of Adobe Systems Incorporated Information in this document is subject to change without any prior notice The software described in this document is provided under Raz Lee s license agreement This document may be used onl
39. ls This user guide is the only printed documentation necessary for understanding this product It is available in user friendly PDF format and may be displayed or printed using Adobe Acrobat Reader version 4 0 or higher Acrobat Reader is included on the product CD ROM This manual contains concise explanations of the various product features as well as step by step instructions for using and configuring the product On Line Help PC based on line help is also available in JavaHelp format Click the Help button from your Firewall menubar This document is intended to be printed by the end user and viewed on line using a variety of different PC platforms Accordingly it was written using standard Windows TrueType fonts that are installed on virtually all systems You do not need to install any special fonts in order to view or print this document W Body text appears in 10 point Times New Roman Menu options field names and function key names appear in Arial Bold OS 400 commands system values data strings etc appear in Bold Italic Key combinations are separated by a dash for example Shift Tab Referrals to chapters or procedures appear in Times New Roman Italic Introducing iSecurity 1 What is iSecurity Chapter 1 Introducing iSecurity What is iSecurity Why You Need iSecurity How iSecurity Works GUI User Manual iSecurity is a comprehensive network security solution that completely secures your Sys
40. n at Work With Active Jobs to view the Capture monitor subsystem The Active Monitor Jobs screen appears It should display several active jobs similar to those on the screenshot below iSecurity GUI User Manual 54 Capture Rules us Active Monitor Jobs AUCAPSSR3 SECURITY2P 129603 A ACTIVE AUCAP SR4 SECURITY2P 129604 A ACTIVE Close Active Monitor Jobs Enable Disable Capture W Click Open at Enable Capture to activate Capture monitor according to inter active subsystem W Click Open at Disable Capture to deactivate Capture monitor according to interactive subsystem L Product Activation Default AUINITDFT File Edit View Help Interactive subsystem INTER Library LIBL Product to activate ALL Enable Interactive Subsystem Capture Rules Capture uses rules to initiate sessions capturing automatically according to one or more trigger criteria covering different situations Additionally you can also use Action rules to trigger capture sessions based on events detected by other iSecurity components such as Audit and Firewall For more details see the Capture User Manual iSecurity GUI User Manual 55 Capture Rules le 1 Select Capture Rules node under 5250 The Capture Rules screen appears Stats p P She opment iSecurity 1 Capture 5250 Capture Rules Capture FULL E Capture Rules amp amp EIE El E _ Sequence IP Range IP Address Time Group Range Time Group User N
41. ntry via pre defined entry points and profiles activity by time Its Best Fit algorithm determines the validity of any security related action hence significantly decreasing system burden while not compromising security Audit Audit is a security auditing solution that monitors System i events in real time It includes a powerful query generator plus a large number of predefined reports Audit can also trigger customized responses to security threats by means of the integrated script processor con tained in Action Action Action automatically intercepts and responds to security breaches system activity events QHST contents and other message queues Inquiring messages can be automatically answered Alerts are sent by e mail SMS pagers or the message queues Command scripts with replacement variables perform customized corrective actions such as terminating a user session or disabling a user profile iSecurity Q GUI User Manual Anti Virus Anti Virus provides solid virus protection that prevents your System i from becoming an infection source Anti Virus automatically scans and examines all incoming IFS files vali dating and checking them as they are enrolled or modified Anti Virus authenticates them and finally quarantines or erases infected files View View is a unique patent pending field level solution that hides sensitive fields and records from restricted users This innovative solution hides credit card numbe
42. ob attributes to LOGCLPGM YES and causes Screen to save screens the job log and the CL command log for this user 13 Click OK to save the rule Capture rules will start recoding on the user s next signon Capture Data Captured screens can be viewed at any time after a capture session begins 1 To display the captured screens in the GUI environment click Capture Data node under 5250 The Preferences scren appears This screen allows you to filter and display only those capture sessions that you wish view is Preferences Capture Time O Last Time interval From Current v 00 00 00 To Current Browse 23 59 59 Note any string any character escape for literals X user IT screen IP address Cl String included in description v Prompt on every activation Restore Defaults Apply OK Cancel Preferences iSecurity GUI User Manual 58 Capture HTTP g Capture 5250 Capture Data 25 Job Number il Browse Clear Job Number User Job Name IP Frames StartDate StartTime End Date End Time QPADEVO004 1 1 1 175 O Feb 22 2009 8 41 57 AM Nov 30 1999 129328 JR QPADEVOOOS 1 1 1 175 O Feb 22 2009 8 43 10 AM Nov 30 1999 12 00 00 AM 129333 AU QPADEVOOOR 1 1 1 167 O Feb 22 2009 9 35 41 AM Nov 30 1999 12 00 00 AM 129336 RLTOOLS QPADEVOOOP 1 1 1 167 4 Feb 22 2009 9 35 53 AM Nov 30 1999 12 00 00 AM 1 4
43. of derivative or collective works based on the Library In addition mere aggregation of another work not based on the Library with the Library or with a work based on the Library on a volume of a storage or distribution medium does not bring the other work under the scope of this License 3 You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library To do this you must alter all the notices that refer to this License so that they refer to the ordinary GNU General Public License version 2 instead of to this License If a newer version than version 2 of the ordinary GNU General Public License has appeared then you can specify that version instead if you wish Do not make any other change in these notices Once this change is made in a given copy it is irreversible for that copy so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy This option is useful when you wish to copy part of the code of the Library into a program that is not a library 4 You may copy and distribute the Library or a portion or derivative of it under Section 2 in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine readable source code which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for softwar
44. om the same place e Verify that the user has already received a copy of these materials or that you have already sent this user a copy For an executable the required form of the work that uses the Library must include any data and utility programs needed for reproducing the executable from it However as a special exception the materials to be distributed need not include anything that is normally distributed in either source or binary form with the major components compiler kernel and so on of the operating system on which the executable runs unless that component itself accompanies the executable It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system Such a contradiction means you cannot use both them and the Library together in an executable that you distribute You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities not covered by this License and distribute such a combined library provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted and provided that you do these two things a Accompany the combined library with a copy of the same work based on the Library uncombined with any other library facilities This must be distributed under the terms of the Sections above
45. or the Library including whatever changes were used in the work which must be distributed under Sections 1 and 2 above and if the work is an executable linked with the Library with the complete machine readable work that uses the Library as object code and or source code so that the user can modify the Library and then relink to produce a modified executable containing the modified Library It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions b Usea suitable shared library mechanism for linking with the Library A suitable mechanism is one that 1 uses at run time a copy of the library already present on the user s computer system rather than copying library functions into the executable and 2 will operate properly with a modified version of the library if the user installs one as long as the modified version is interface compatible with the version that the work was made with vi GNU LESSER GENERAL PUBLIC LICENSE GUI User Manual C Accompany the work with a written offer valid for at least three years to give the same user the materials specified in Subsection 6a above for a charge no more than the cost of performing this distribution d If distribution of the work is made by offering access to copy from a designated place offer equivalent access to copy the above specified materials fr
46. ow provides an explanation iSecurity GUI User Manual 67 Setup PRINT1 PRINT9 _ Setup PRINT1 PRINTS 3 ELI Development iSecurity 1 Maintenance Firewall Setup PRINT 1 PRINT9 Admin FULL E Setup PRINT1 PRINT9 SS amp Ap SI Option User parameters Save Hold Description PRINT1 CONTROL SMZTMPA No No OUTQ to print on the remote PRINT2 CONTROL SMZTMPA No No Local OUTQ that print on the remote PRINT3 No No PRINT4 No No PRINTS No No PRINT6 No No PRINT7 No No PRINTS No No PRINTS No No 1 9 Setup PRINT1 PRINT9 Options Parameters Description Option Which remote printer to see above description User Parameters Name of the local output queue and its library Description Optional descriptive text 2 Select an option and click Open The Print Exit Program Edit dialog box appears 3 Enter user parameters and description and click OK iSecurity GUI User Manual 68 Global Configuration Global Configuration E Global Configuration E iSecurity Part 1 Global Export Definitions Import Definitions Firewall Specific Save Firewall Log Set Firewall Defaults E Screen Specific Delete activity entries Password Specific Copy Dictionary Language Import Dictionary Language Global Configuration The following pages describe each individual feature and explain the procedures iSecurity Part Export Import Definitions 1 Glob
47. pyright C 1991 1999 Free Software Foundation Inc 59 Temple Place Suite 330 Boston MA 02111 1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document but changing it is not allowed The licenses for most software are designed to take away your freedom to share and change it By contrast the GNU General Public Licenses are intended to guarantee your freedom to share and change free software to make sure the software is free for all its users This license the Lesser General Public License applies to some specially designated software packages typically libraries of the Free Software Foundation and other authors who decide to use it You can use it too but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any partic ular case based on the explanations below When we speak of free software we are refer ring to freedom of use not price Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software and charge for this service if you wish that you receive source code or can get it if you want it that you can change the software and use pieces of it in new free programs and that you are informed that you can do these things To protect your rights we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these
48. rameters data struc ture layouts and accessories and small macros and small inline functions ten lines or less in length then the use of the object file is unrestricted regardless of whether it is legally a derivative work Executables containing this object code plus portions of the Library will still fall under Section 6 Otherwise if the work is a derivative of the Library you may dis tribute the object code for the work under the terms of Section 6 Any executables contain ing that work also fall under Section 6 whether or not they are linked directly with the Library itself 6 Asan exception to the Sections above you may also combine or link a work that uses the Library with the Library to produce a work containing portions of the Library and distribute that work under terms of your choice provided that the terms permit modification of the work for the customer s own use and reverse engineering for debugging such modifications You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License You must supply a copy of this License If the work during execution displays copyright notices you must include the copyright notice for the Library among them as well as a reference directing the user to the copy of this License Also you must do one of these things a Accompany the work with the complete corresponding machine readable source code f
49. rs customer names etc Restricted users see asterisks or zeros instead of real values View requires no change in existing applications It works for both SQL and traditional I O Capture Capture silently captures and documents user screens for tracking and monitoring without any effects on system performance It also preserves job logs for subsequent review capture can run in playback mode and can be used to search within texts Screen Screen protects unattended terminals and PC workstations from unauthorized use It pro vides adjustable terminal and user specific time out capabilities Password Password provides a first tier wall of defense for users by ensuring that user passwords cannot be easily cracked and guessed AP Journal AP Journal automatically manages database changes by documenting and reporting exceptions made to the database journal Getting Started 2 Create a New Account Chapter 2 Getting Started Create a New 1 Click the iSecurity symbol on your desktop Account 2 Right click in the iSecurity navigator view 3 Select New Account the Account Name screen appears Type account name and click Next lus New Account Account Name Provide display name for this account Name Cancel New Account 4 Inthe Connection screen enter Host User and Password in the correct fields and click Finish or Next iSecurity GUI User Manual 10 Create a New Account jus New Account
50. s by subject IP address etc SAME Do not change iSecurity options Same as above 2 Set your parameters and click OK Firewall Save Firewall Log Specific This option enables you to configure Firewall security defaults iSecurity GUI User Manual 70 Firewall Specific 1 Click Save Firewall Log Open in the Firewall Specific field The Save Security Log dialog box appears The table below provides an explanation as Save Firewall Log Save File Library CURLIB Date 3 Current n Date Save Firewall Defaults The table below provides an explanation Options Parameters Description Save file File name CURLIB Location of current library CURRENT Current date 2 Set your parameters and click OK Set Firewall Defaults This option enables you to configure Firewall security defaults The table below provides an explanation iSecurity GUI User Manual 71 Firewall Specific Set Firewall Defaults SETFWDFT File Edit View Help Password Firewall Incoming IP address Firewall Outgoing IP address Firewall Access by SNA name User PUBLIC to services Object ALL Native objects Object ALL IFS objects Logon FTP Logon FTP Client Outgoing Logon TELNET Logon PASSTHROUGH RMT ACC Logon WSG Internet Set Firewall Defaults Options Parameters Description Firewall Incoming IP ALLOW Allow all activit
51. stitute a work based on the Library independent of the use of the Library in a tool for writing it Whether that is true depends on what the Library does and what the program that uses the Library does 1 Youmay copy and distribute verbatim copies of the Library s complete source code as you receive it in any medium provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty keep intact all the notices that refer to this License and to the absence of any warranty and distribute a copy of this License along with the Library You may charge a fee for the physical act of transferring a copy and you may at your option offer warranty protection in exchange for a fee 2 You may modify your copy or copies of the Library or any portion of it thus forming a work based on the Library and copy and distribute such modifications or work under the terms of Section 1 above provided that you also meet all of these conditions a The modified work must itself be a software library b Youmust cause the files modified to carry prominent notices stating that you changed the files and the date of any change C You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License d Ifa facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility other than as
52. the file with a name such as ca txt to iSecurity installation location c programfiles isecurity by default 2 On your PC open the command prompt and change directory to iSecurity installation location c program files isecurity by default iSecurity GUI User Manual 12 Running iSecurity GUI in SSL mode 3 From that location use the Java tool keytool to import the certificate into a trust list Issue the command jre bin keytool import v trustcacerts alias lt aliasName gt file ca txt keystore trustlist alias is just optional This will create a file called trustlist and during the command it will prompt you to establish a password for this file 4 This step can be performed either from command line or from within the GUI itself Command line From the command prompt from within the iSecurity installation location issue this command isecurity exe vmargs Djavax net ssl trust Store trustlist Djavax net ssl trustStorePassword pwd Replace trustlist and pwd with your own these are the parameters used in step 3 The trustlist parameter is the absolute path to the file itself including file name c trus tlist but if this file resides on iSecurity installation location there is no need to type the path EGUI see also 6 on persistent Account properties you have this link also on session prompt Properties for 720 type filter text Connection p Account Name Host 1 1 1 100 Connec
53. tion Control Item Password 000 Sessions User javal Operator Password Show Passwords O Use SSL Saved passwords are stored on your PC in a file that is difficult but not impossible for an intruder to decrypt Test connect Export Import Restore Defaults Apply OK Cancel Point application to the trust store file and supply password iSecurity GUI User Manual 13 Running iSecurity GUI in SSL mode as Current SSE Settings Key Store Trust Store fte Y Password Show Passwords 5 When connecting to a server that support SSL make sure to check the SSL check box iSecurity GUI User Manual 14 Running iSecurity GUI in SSL mode us S720 New Session Connection Connection information Host 111100 ss User osEecorFR E Operator Password CT Show Passwords Use SSL em Current SSL settings L1 Don t show this dialog again Einish Cancel 6 Persistent of SSL setings Open Preferences dialog and click on SSL Settings in the navigator tree iSecurity GUI User Manual 15 Account Information Properties Preferences type filter text SSL Settings eS General Key Store b iSecurity File fo Browse SSL Settings EECH Password Trust Store File Browse Password S
54. u need to examine by using Boolean operators and the ability to combine complex logical conditions You have full flexibility to specify the sort order according to multiple fields Business Intelligence Visualizer Visualizer is an advanced data warehouse solution for graphically displaying security data It allows IT managers to analyze security related system activity quickly and easily using a iSecurity iSecurity GUI User Manual stunning graphical interface Visualizer eliminates the need for time consuming log scan ning and tracking activities that tie up system resources and increase operating costs Raz Lee s iSecurity is an integrated state of the art security solution for all System i sys tems providing cutting edge tools for managing all aspects of network access data and audit security Its individual components work together transparently providing comprehen sive out of the box security Other iSecurity products include Assessment Assessment checks your ports sign on attributes user privileges passwords terminals and more Results are instantly provided with a score of your current network security sta tus with its present policy compared to the network if iSecurity were in place Firewall Firewall protects and secures all types of access to and from the System i within or out side the organization under all types of communication protocols Firewall manages user profile status secures e
55. ut interruption This feature allows you to test your rules under actual working conditions without adversely affecting user success FYI Simulation mode may be enabled globally for all activity or enabled for individual function servers In this manner you can test security rules for specific servers without affecting rules that apply to other servers Emergency Override The Emergency Override feature allows you to override all existing security rules tempo rarily by allowing or rejecting all activity feature is useful in order to respond quickly to emergencies such as critical transactions being rejected due to problems with iSecurity security rules or a sudden security breach Rule Wizards The unique Rule Wizards feature makes security rule definition a snap even for non techni cal system administrators This user friendly feature allows you to view historical activity together with the security rule currently in effect on a single screen You can even modify the existing rule or define a new rule without leaving the wizard The Rule Wizards are an invaluable tool for defining the initial set of rules after installing iSecurity for the first time Activity Log The Activity Log provides complete details of every transaction captured by a security rule You have full control over which activities are included in the Activity Log and under which conditions Highly defined filter criteria allow you to select only those records that yo
56. y for this server address servers REJECT Reject all activity for this server STD Predefined values set according to initial security regu lations SAME Keep defaults as they are and do not change iSecurity GUI User Manual 72 Screen Specific Screen Specific Password Specific iSecurity GUI User Manual Delete Screen Log Entries Use this feature to delete Screen Log entries by date The table below provides an explana tion W Delete Activity Entries Screen Date Current O Until Date S Job description QBATCH Library PRODUCT Delete Screen Log Entries Options Parameters TODATE Last date from which to delete screen entries Open Job Description Open Library PRODUCT LIBL CURLIB Copy Dictionary Language This feature works as a backup feature enabling you to copy or import your language file to a different host system The table below provides an explanation 73 Password Specific us Copy Dictionary Language Options Parameters Dictionary language Copy Dictionary Language Description LOCAL Host language Copy to file Destination file Destination library iSecurity GUI User Manual Descriptive text no more than 50 characters 74 License Agreement a Preamble Appendix License Agreement Preamble GUI User Manual GNU LESSER GENERAL PUBLIC LICENSE Version 2 1 February 1999 Co
57. y in accordance with the terms of the license agreement The software may be used only with accordance with the license agreement purchased by the user No part of this document may be reproduced or retransmitted in any form or by any means whether electronically or mechanically including but not limited to photocopying recording or information recording and retrieval systems without written permission given by Raz Lee Security Inc Visit our web site at www razlee com Record your product authorization code here Computer Model Serial Number Authorization Code About This Manual Who Should Read This Book Terminology Documentation Overview Typography Conventions This user guide is intended for all System i system administrators and in particular for secu rity administrators responsible for the implementation and management of security on Sys tem i systems This manual attempts to adhere to standard IBM iSeries System i terminology and conven tions whenever possible However deviations from IBM standards are employed in certain circumstances in order to enhance clarity or when standard IBM terminology conflicts with generally accepted industry conventions Raz Lee takes customer satisfaction seriously Therefore our products are designed for ease of use The documentation package includes a variety of materials to get you up to speed with this software quickly and effectively Printed Materia
Download Pdf Manuals
Related Search