Comprehensive IBM i security audit and reporting for every step of the security journey
True IBM i security starts with staying current with IBM's PTFs and OS releases. IBM is doing the work to secure the operating system and you should stay current. After that, though, the security of your system's configuration is entirely up to you. That's where iSecMap comes in. iSecMap is one solution for assessing, remediating and monitoring IBM i security
Use iSecMap for IBM i security assessments
Planning your security journey starts with understanding where you are today. iSecMap's built-in security reporting provides a complete picture of your current configuration, including:
All reports in iSecMap can be exported to CSV for easy analysis.
Use iSecMap to align with CIS Benchmarks for IBM i
When it comes to configuring security on your system, are there any standards to guide on? Yes! There are tools from IBM, text books from our own Carol Woodbury, and there are the CIS Benchmarks for IBM i
https://www.cisecurity.org/benchmark/ibm
This community authored and maintained document does the work of mapping the IBM i security configuration back to standards in the CIS framework. It's a great place to start.
iSecMap includes built-in reporting to facilitate CIS compliance.
Use iSecMap to stay on top of your security configuration and easily meet your audit requirements
For any system, your current security configuration is what is currently being enforced. You have probably worked hard to determine your exact security setup and what you want to do is maintain those settings. iSecMap will map your current security environment and then let you periodically check the environment to let you know what, if anything, has changed. It then lets you decide if you want to accept the change and make it part of your baseline or change it so that it conforms to the way you initially set it up.
Security items monitored include:
You can optionally monitor specific objects in specific libraries and file objects in any Integrated File System (IFS) path.
All security activity is logged in iSecMap and can be exported in available audit reports, with enhanced filtering
iSecMap includes a security check monitor that runs periodically to check the security environment for your system. Live reports of security changes can be issued to specific message queues on your system and by email to any email address that you register to the system.
Use iSecMap to automate security audit
iSecMap logs all changes to your security configuration. It also logs baseline accepts and reject events. It provides a complete history of everything that has happened with your system's security configuration. You can filter and export this data for easy security audit.