Presentation on theme: "1 Assessment Comprehensive Analysis of System i Security."— Presentation transcript:
1 Assessment Comprehensive Analysis of System i Security
2 In-depth full scope analysis of System i security strengths and weaknesses Pinpoints specific issues/areas requiring attention Full report produced, grading each aspect of server security Detailed explanations provided for each item in report Assessment Features
3 Objectives Set “baseline” for corporate security policies Check compliance with external regulations & baseline corporate security policy Prioritize security efforts Identify security issues before they occur Deliverables User-friendly report covering network access, system auditing, user management, terminal access, password policy, etc. Assessment recommendations based upon security best practices Sample questions answered Who is using FTP (file transfer) to download files? Which application files are being transmitted via the network? Which system value settings are not in accordance with our site’s policies? How many of our users have non-secure passwords? Which user profiles are not being used and should be disabled? Assessment Objectives & Deliverables
5 Security Assessment Report Executive Summary: A proper and thorough security policy can only be implemented after assessing the strengths and weaknesses of your i5 server. The following i5 server 18.104.22.168 underwent comprehensive security checks in order to gauge this vital criterion. This report is structured in the following way. Each subject, such as Attributes, or User Class, is listed together with its descriptive components, such as Value, Risk, etc. There are two scores listed - a current score with the native protection of 22.214.171.124 and a score with that system protected with iSecurity. Following each subject, a table of explanation is listed detailing all possible scores. Subject by Subject Assessment Summary: Sign-on AttributesAverage Score: Explanation: A few settings are in accordance but most require immediate modification. Unattended terminals Average Score: Explanation: Your settings are faulty. It is necessary that you take immediate steps to correct your settings or else face a security hazard to your network. Password ControlAverage Score: Explanation: Your settings are faulty. It is necessary to take immediate steps to correct your settings to avoid a possible security hazard. Registration Facility Exit Points Protection Average Score: Explanation: Most of your exit points are protected, but you require minimal revision to be 100% protected.
7 Security Assessment Report (3) Detailed Assessment – Section 3.11 Other Users and Passwords Default passwords are easy-to-guess for potential intruders, and therefore pose a high security risk. This risk becomes real and immediate if the users are enabled; otherwise the risk remains dormant. Score with iSecurity: Average Score: Explanation: This number is too high and poses a security risk. You must immediately reduce the number of enabled users. Importance Description NumberCurrent Score Enabled users (Very High Risk)7 Users with default password that can sign on 3