|
Frequently Asked Questions
Q: Do I have to be an iSeries
or OS/400 expert to use the product?
A: No. One of the main benefits
of the product is that it provides guidance to users who are new
to iSeries security. The experts at PowerTech have selected a basic
set of "canned" reports that they recommend to run on
any system. A compliance guide provides interactive and dynamic
help, and common iSeries security issues are mapped to industry
standard frameworks like COBIT and ISO17799.
Q: What's the difference between
ComplianceMonitor and SecurityAudit?
A: SecurityAudit is PowerTech's
long established product in the market that provides comprehensive
auditing of iSeries systems from a 5250 green screen interface.
ComplianceMonitor, a newer product,
provides
a GUI interface on the PC and allows for much more customization
of the reporting to meet a company's specific needs along with
more choices of output format. ComplianceMonitor also includes
scorecard
reports
that interpret and analyze results.
Q: Why do I need PowerLock
ComplianceMonitor when OS/400 provides built-in features for setting
up and monitoring security and provides the means for examining
security-related
data?
A: Much of the data presented by
the Operating System is in a very cryptic format, requiring a program
to present it in non-technical terms. This means that
technical staff normally have to get involved in a lengthy process
of collating and interpreting the information available from the
operating system.
Q: How is PowerLock ComplianceMonitor
used in a typical organization?
A: The purpose of PowerLock ComplianceMonitor
is to review your current security
settings and to compare them against policy. It also highlights
changes to sensitive system areas so that you can respond before
production work is disrupted. PowerLock ComplianceMonitor can be
used by auditor, systems administrators, or network operations/security
staff.
Q: How are reports delivered?
A: PowerLock ComplianceMonitor reports
are available in PDF format for printing, or they can be exported
to MS Excel or comma separated format.
Q: Do PowerLock ComplianceMonitor
users need to have Security Officers rights?
A: The user profile for a PowerLock ComplianceMonitor
user does not need to be assigned any special authority. One of
the benefits of the product is that auditors can run reports without
requiring powerful privileges. PowerLock ComplianceMonitor features
a comprehensive security authorization scheme and uses adopted
authority when required by the user. All users must be assigned
explicit authority to use the product
Q: What areas of the iSeries
does PowerLock ComplianceMonitor check?
A: The major iSeries functional
areas that PowerLock ComplianceMonitor checks are: System Values,
User Profiles, Object Security, and Network
Auditing.
Q: Can you schedule PowerLock
ComplianceMonitor to run automatically?
A: PowerLock ComplianceMonitor
features a command interface that allows you to schedule assessments
to run daily,
weekly, or monthly. It is easy to integrate with existing scheduling
capabilities like Robot/SCHEDULE™ or the OS/400 native job scheduler.
Q: Does PowerLock ComplianceMonitor
have a feature to compare system values?
A: PowerLock ComplianceMonitor
can compare system values from multiple systems in a side-by-side
format. The same format can also be used to compare data
that has been collected at different points in time on the same
system.
Robot/SCHEDULE is a trademark of Help/Systems
Ltd.
| 
