Q: Can I look at Network Security reports on a PC?

PowerTech Network Security now provides the ability to export reports to comma separated value (.csv) format files, which you can easily transfer from the IFS for viewing in common PC analysis software like MS Excel. Download the MS Excel Macros for Network Security.

View a sample Network Security report (4 Mb) in MS Excel and Click here to read instructions on the use of these Macros.

Users can also look at consolidated network security reports from multiple systems in PowerTech Compliance Monitor

Q: Why do I need PowerTech NetworkSecurity when the System i is the most secure server in the world”?

A: The System i and AS/400 security architectures are very robust, having received the Department of Defense "C2" security rating for "Trusted Systems" when properly configured. Unfortunately, too many System i systems are not properly configured. End users can access OS/400 data via tools like ODBC, FTP, and DDM. The security exposures introduced by network data access tools like FTP and ODBC do not indicate a failing on the part of System i and AS/400 security. Rather, the data access level you provide to a user via System i and AS/400 security for "Green Screen" access using menus and screens may not be the same level of access you want to allow using network tools like ODBC. For instance, the OS/400 authority that allows a user to view the contents of the Payroll file is the same authority needed to download the file to a PC and post it on the Internet.

Q: What does PowerTech NetworkSecurity do?

A: PowerTech NetworkSecurity interfaces directly with AS/400 and System i network access points to control and audit AS/400 and System i network access requests. PowerTech NetworkSecurity provides intrusion detection and access control for System i systems. PowerTech NetworkSecurity alerts the system administrator when unauthorized access is attempted through the network.

Q: Does PowerTech NetworkSecurity include a reporting module?

A: Yes, PowerTech NetworkSecurity includes auditing, reporting, and network access control without having to purchase any additional software.

Q: What product values are required for PowerTech NetworkSecurity and are they set up as part of the installation?

A: The following product values are created as part of the PowerTech NetworkSecurity installation process: Product Owner, Product Library, Product Administrator, Log Journal Name and Log Journal Library, Log Message Queue Name and Log Message Queue Library.

Q: Does PowerTech NetworkSecurity interface with IBM Operations Navigator?

A: The graphical user interface (GUI) provided with PowerTech NetworkSecurity is a plugin to IBM’s Operations Navigator (Ops Nav). When you perform the installation of PowerTech NetworkSecurity on your System i or AS/400, you also install the files necessary for the Ops Nav plugin.

Q: Does PowerTech NetworkSecurity protect against users with IBM Operations Navigator?

A: Yes. PowerTech NetworkSecurity can control which users are allowed to use IBM’s Operations Navigator.

Q: Do the servers need to be stopped and restarted to activate a new security rule?

A: When you create a new rule in PowerTech NetworkSecurity it is activated and implemented immediately without stopping and restarting servers.

Q: What does the unique PowerTech NetworkSecurity “switch profile” function do?

A: PowerTech NetworkSecurity switch profile allows the administrator to decrease or increase a user's authority for a specific function. For example, if a user profile has authority to change or delete almost any file on the system and to run most commands using FTP's Remote Command facility, but you want to limit the capability when running FTP requests, PowerTech NetworkSecurity will switch to another userID with READ ONLY whenever FTP is run.

Q: Can users without PowerTech NetworkSecurity configuration authority run and review reports?

A: Yes, PowerTech NetworkSecurity is designed so non technical users can run reports and view reports if granted the proper authority.

Q: Does PowerTech NetworkSecurity have transaction level security?

A: Yes. PowerTech NetworkSecurity transaction level security is used when you need to be more granular than controlling your network traffic based on the user making the request or their location. Say you want to disallow all FTP requests except for when Bob uses FTP to download the accounts receivable file. Or, maybe you want to allow all SQL queries against all files on your system, except if they are trying to access the payroll file. Transaction level security assures this granular level of security is maintained by controlling what transactions are allowed to flow into or out of your system.