Assisting Federal Agencies to Achieve Compliance with FISMA on the System i Platform
|
|
|
The FISMA controls detailed by the National Institute of Standards and Technology are wide ranging, covering issues from high-level policy making and organizational procedures to the implementation of automated processes within the Agencies' systems.
|
|
|
The control categories which have a more strategic or organizational flavor include contingency planning, training, physical protection and the security of personnel whereas others can be addressed by designing the appropriate functionality into the information system or through robust, third-party security and auditing products. These latter controls are broadly grouped into access control, auditing, assessments, configuration management, authentication, incident response, maintenance, system protection and integrity. Some of these are discussed in the following paragraphs.
|
|
Access Control
|
|
The access control family of controls is the first in the list, alphabetically and appropriately also in importance. Enforcive/Enterprise Security addresses this requirement comprehensively. The Application Access Control function allows you to define access permissions templates and enforce them for individuals, devices or groups, based on a least privilege model where users only receive access to the resources they need. It lets you specify the remote computers which may or may not remotely access your System i server in your local network and beyond. The User Profile Manager provides you with powerful but simple control of your user parameters, whereas the Policy Compliance Manager gives you a mechanism to enforce those parameters throughout the system, tailored to different groups of users.
|
|
|
Unsuccessful logins are monitored in Application Audit along with hundreds of other events and can trigger instant alerts through the Alert Center. Sessions can be held or ended if left untouched beyond the time you specify. Separation of duties is achieved in the ability to define permissions down to a fine level of granularity and also through the Administration Role Manager to split up the functions given to the security administrators.
|
|
|
Finally, IP Packet Lockdown will control traffic to and from specified sources and destinations.
|
|
Auditing and Accountability
|
|
Enforcive/Enterprise Security handles auditing and accountability from the policy level to the displaying of audit events, parameter by parameter.
|
|
|
At the policy level, the System Audit Policy Manager gives you a simple means of setting the types of system security events to be logged whereas the Policy Compliance Manager allows you to build templates to check those settings and even align them to the policy values if they are found to be in deviation. The Application Access Control permissions templates can be considered an effective accountability policy, the System Policy determines the level of logging to be done while the Central Audit allows you to define a policy of read data monitoring in the database.
|
|
|
At the level of the system activity itself, Enforcive/Enterprise Security includes audit logs for numerous System i audit sources. There is the Application Audit, an on-line review of network access and exit program-controlled activity, Application Analyzer, dynamic graphs of application access, System Audit system security events, File Audit, a log of database changes, Central Audit for read-data and IP Packet events and to consolidate input from other audits. Finally, the Cross Platform Audit allows for the consolidation of audits for multiple System i computers and even other platforms.
|
|
|
Each of these audits can be filtered on many different criteria and drilled down to an individual event showing the specific parameter breakdown so the content of each audit record can be easily understood.
|
|
|
On the issue of audit storage capacity, the Central Audit and the Cross-Platform Audit (CPA) have the capability of selectively importing audit records and retaining them for as long as you wish. The CPA runs on a Windows server and can consolidate audit data from many different System i servers and servers on other platforms.
|
|
|
The events monitored in the Enforcive/Enterprise Security Audits can be defined as triggers to instant alerts defined in the Alert Center. Audit reports can be scheduled to run on repeated days, weeks or months.
|
|
|
To summarize the subject of FISMA auditing and accountablity, the powerful auditing capabilities of Enforcive/Enterprise Security serve as an efficient and reliable non-repudiation mechanism for Federal agency information systems.
|
|
Security Assessments
|
|
The topic of security assessments or risk assessments comes up frequently in the FISMA control requirements. The Enforcive/Enterprise Security suite of products offers automated assessment features to answer many of these demands. They include the Policy Compliance Manager, a tool to help create, document and maintain a clear security policy for the organization. After defining a user profile, object authority and system value policy in easy-to-create templates, you proceed to running a compliancy check against the actual definitions in the system. This check produces a report showing any deviations from the policy template.
|
|
|
The second tool in Enforcive's assessment line-up is the Security Assessment Tool (SAT). It can carry out a real-time penetration attack on your computer. It will summarize the policy you have defined and will pinpoint any deviations from recommended values.
|
|
|
The System Inquiries and predefined System Audit Reports in the main Enforcive/Enterprise Security product will add a further layer of assessment to the overall estimate and analysis of risk in your system.
|
|
Learn More
|
|
For more information on how Enforcive Systems Ltd. products help you overcome compliance issues including the categories not covered in depth above such as configuration management, authentication, incident response, maintenance, system protection and integrity:
|
|
|
|
For a wider look at Enforcive compliance solutions, click on the appropriate item below.
|
|
|
