AP-Journal- Application Security

AP-Journal- Application Security

AP-Journal White Paper available; click here to view the Executive Summary and download the full version.

Server Application Security & Business Analysis Solution

AP-Journal protects business-critical information from insider threats and from external security breaches. It keeps managers closely informed of all changes in their valuable information assets and streamlines iSeries journaling procedures.

Real-life Situations Where AP-Journal Can Help!

  • Who modified PAYMENTS between 20:00 and 06:00 during corporate summer vacation?
  • Send an e-mail whenever an employee record – whose SALARY is less than $5000 – is read from file SALARIES.
  • Which users – who are not Managers – viewed the confidential PAYMENT_TERMS table since the last business day?
  • What changes to the company’s production libraries were made via non application-specific utilities such as IBM DFU (this is a SOX-mandated requirement)?
  • Provide a customer with a timeline report showing the change history of their MORTGAGE during the last 10 years.
  • Send an SMS (and/or SYSLOG, e-mail, SMS, Twitter, SNMP and operator messages) to the company’s Chief Security Officer, Manager of IT and Internal Auditor when the PRICE_OF_ITEM changes by more than 4%.

AP-Journal Features

Latest Additions

  • Sends “mass mode” real-time Syslog alerts regarding application field-level data changes to SIEM products; this support sends only Syslog messages without any additional processing and has been measured to transfer up to 2000 transactions per second to SIEM products while using less than 1% CPU
  • Monitors changes to objects and members, for example in data areas and in the IFS; support implements additional journal codes such as R=Rcd, E=DA (data area), B=IFS, U=Rd (Read), F=M (member)
  • Supports periodic file structure changes to application files, enables monitoring application files across changes to file structures
  • Developer can code field-specific exit routines for determining, in real time, whether or not to filter specific journal records.

Alerts and Reports

  • Real-time alerts indicating changes in business-critical data; these application alerts are activated by user-defined thresholds. Alerts can be sent as an operator message, SYSLOG, e-mail, SMS (text to mobile), Twitter, SNMP and more. For more about SYSLOG integration with SIEM products click here.
  • Comprehensive reports displaying all application changes on a single timeline
  • Reports can integrate information from all the organization’s applications
  • Reports in various formats (online, print, PDF, email, etc.)
  • Efficient long-term storage based on special journal containers rather than iSeries journal receivers; reports can be based on these journal containers or on receivers
  • Alerts and reports enable users to meet regulatory requirements such as SOX, HIPAA, and PCI.

Other Great Features

  • Flexible filtering capabilities for selection of detail level and categories
  • Easy to use, requires minimal setup and disk space
  • Complements high availability iSeries products by ensuring full journal receiver synchronization
  • Can be OEM-ed by application vendors to provide their business-critical applications with an added level of control, compliance and alerts.

Learn about related iSecurity products:
Capture

Share this post