DATASHEET

Interact

Real Time Security Events from AS/400 & System i

Monitor Your Most Critical Data System i (AS/400) runs some of the most critical business applications in your organization. PowerTech Interact allows you to monitor the security of the key data that is stored on your AS/400. Simple Explanations Interact takes raw event data from the server and converts it into a standard and meaningful format for users of the LogRhythm solution. Complex audit journal details are simplified. Examples: An invalid password was entered for user profile JOHN System Value QSECURITY was changed from 40 to 30 Filter on the System i (AS/400) You dont need to fill up your security management solution with every journal entry. Save disk space and bandwidth by selecting or omitting based on key characteristics: Event Type User Profile IP Address Time and Day of Week

Console Views Events are fed into the central LogRhythm console and personal dashboards.

Over 500 Event Types

Security Audit Journal (QAUDJRN)

Log & Event Management

Critical OS Messages (QSYSMSG or QSYSOPR)

Network Exit Programs* FTP, ODBC, Remote Command

*PowerTech Network Security required

Export via Syslog All-In-One Appliance

Privileged Users*
*PowerTech Authority Broker required

The PowerTech Group, Inc. www.powertech.com

TEL. USA: 253.872.7788 TOLL FREE: 800.915.7700

Copyright 2008, The PowerTech Group, Inc. PowerTech is a registered trademark of The PowerTech Group, Inc. AS/400 and System i are registered trademarks of IBM. All other product and company names are trademarks of their respective holders. BPT1108

Our iSeries systems are no longer an island. The LogRhythm/PowerTech solution enables us to meet PCI-DSS requirements more efficiently while enhancing our overall IT security effectiveness. Bernie Rominski, IT Security Officer Regis Corporation

Comprehensive Coverage Monitor over 500 different events from a number of sources: Audit Journal Events Interact captures audit journal events from the security audit journal, QAUDJRN. Some of the common event types included are: Authority Failures and Changes (AF, RA) Change to Authorization list (CA) Object Changes, Reads, Creates, Deletes, (CO, ZR, ZC, DO, OM, OR, OW) User Profile Changes (CP) User and Password Login Failures (PW) System Value Changes (SV) Intrusion Detection (IM) Service Tools Used (ST, DS) Commands (CD) Job start, stop, change (JS) Network Transactions Monitor events logged by PowerTech Network Security exit programs: 33 remote access servers, including FTP, ODBC, Remote Command 190+ functions Accepted and Rejected Transactions Audit only license available Interact System Requirements OS/400 V5R2 or later

IBM System i (AS/400) events in the LogRhythm Security Information Management (SIM) console.

LogRhythm is the leading provider of enterprise-class log and event management solutions that empower organizations to comply with regulations, secure their networks and optimize IT operations. LogRhythm and Interact partner to provide real-time output from System i and AS/400 directly to the LogRhythm console. Critical Operating System Messages Interact includes 66 different critical OS messages, including: Disabled Profiles Disk Space Limit Exceeded Audit Journal Changes

About the PowerTech Group, Inc. Because System i and AS/400 servers are used to host particularly sensitive corporate data, it is imperative that you practice proactive compliance security. As an IBM Advanced Business Partner with over 1000 customers worldwide, PowerTech understands corporate vulnerability and the risks associated with data privacy and access control.

Seattle, WA-based PowerTech Group was founded by security experts in 1996. To learn more, please visit www.powertech.com, to find white papers, case studies and product demonstrations, or call 800-915-7700 (USA) or 253-872-7788 to speak to a security solutions specialist.

The PowerTech Group, Inc. www.powertech.com

PowerTech Interact Datasheet p. 02