Comprehensive Auditing and Reporting for AS/400 (IBM System i) Environments
Imperva SecureSphere offers an agent-based solution to instrument the audit process and trace access to DB2/400 data and data objects. With SecureSphere, organizations can now fully audit these critical systems and be alerted on any suspicious activity which may put business critical data at risk.
SecureSphere Agent for DB2/400 Benefits:
- Provides a complete audit trail and reporting on all DB2/400 activities
- Monitors and reports on suspicious access and changes to business-critical objects
- A reliable technology that safely audits DB2/400 systems with minimal impact on system performance
- Audit trail integrated into award-winning SecureSphere Database Activity Monitoring (DAM) for heterogeneous enterprise-wide auditing coverage
Comprehensive Auditing of All Access to DB2/400
In order to provide a complete and comprehensive audit trail, SecureSphere agent for DB2/400 monitors all database activities, including Insert, Update, Delete, as well as Read access of sensitive data. This is achieved by tracking information sources such as the AS/400 Audit Journal (QAUDJRN), database journals and ODBC requests from the network.
Detailed DB2/400 Audit Reports and Security Alerts
SecureSphere agent for DB2/400 gathers detailed information about database access requests including the source IP, the source user, date and time of the event, the raw SQL statement, source application and more. SecureSphere analyzes the audit details and profiles the behavior of users and applications.
Based on the observed profile and defined security and audit policies, SecureSphere alerts on “abnormal” activities and provide the details required for further investigation. More routinely, detailed pre-defined and custom audit reports can be produced and sent automatically to administrators and managers.
Trusted Native AS/400 Agent Technology
The SecureSphere agent for DB2/400 technology was jointly developed with Imperva's Technology partner, Raz-Lee Security – the leading AS/400 security vendor. The agent is self-contained, user-friendly and has minimal impact on the monitored server. It tracks all database activity whether via SQL or traditional I/O originating from the network, the web, interactive sessions or batch jobs. The configuration user interface follows CUA standard conventions and all features are available via menus.