Assessment

1
Assessment Comprehensive Analysis of System i
Security
2
Assessment Features

• In-depth full scope analysis of System i security
  strengths and weaknesses
• Pinpoints specific issues/areas requiring
  attention
• Full report produced, grading each aspect of
  server security
• Detailed explanations provided for each item in
  report

3
Assessment Objectives Deliverables

• Objectives
• Set baseline for corporate security policies
• Check compliance with external regulations
  baseline corporate security policy
• Prioritize security efforts
• Identify security issues before they occur

• Deliverables
• User-friendly report covering network access,
  system auditing, user management, terminal
  access, password policy, etc.
• Assessment recommendations based upon security
  best practices
• Sample questions answered
• Who is using FTP (file transfer) to download
  files?
• Which application files are being transmitted via
  the network?
• Which system value settings are not in accordance
  with our sites policies?
• How many of our users have non-secure passwords?
• Which user profiles are not being used and should
  be disabled?

4
Security Assessment Application
5
Security Assessment Report

• Executive Summary
• A proper and thorough security policy can only
  be implemented after assessing the strengths and
  weaknesses of your i5 server. The following i5
  server 1.1.1.100 underwent comprehensive security
  checks in order to gauge this vital criterion. 
•   This report is structured in the following way.
  Each subject, such as Attributes, or User Class,
  is listed together with its descriptive
  components, such as Value, Risk, etc. There are
  two scores listed - a current score with the
  native protection of 1.1.1.100 and a score with
  that system protected with iSecurity. Following
  each subject, a table of explanation is listed
  detailing all possible scores.
• Subject by Subject Assessment Summary
• Sign-on Attributes Average Score  
  
• Explanation A few settings are in accordance
  but most require immediate modification.
• Unattended terminals Average Score
   Explanation Your settings are faulty. It is
  necessary that you take immediate steps to
  correct your settings or else face a security
  hazard to your network.
• Password Control Average Score  
• Explanation Your settings are faulty. It is
  necessary to take immediate steps to correct your
  settings to avoid a possible security hazard.
• Registration Facility Exit Points Protection
  Average Score  Explanation Most of your exit
  points are protected, but you require minimal
  revision to be 100 protected.

6
Security Assessment Report (2)

• Detailed Assessment Section 3.3  Unattended
  Terminals

7
Security Assessment Report (3)

• Detailed Assessment Section 3.11  Other Users
  and Passwords

• Default passwords are easy-to-guess for
  potential intruders, and therefore pose a high
  security risk.
• This risk becomes real and immediate if the
  users are enabled otherwise the risk remains
  dormant.
• Score with iSecurity   Average Score  
• Explanation This number is too high and poses a
  security risk. You must immediately reduce the
  number of enabled users.

8
Thank You!
Please visit us at www.razlee.com