Raz-Lee Security’s suite of IBM i security, compliance and auditing software has been updated so that Syslog real-time notification messages now support TLS encryption in all iSecurity products.
With the ever-increasing awareness of cyber threats and the need for organisations, especially world-class multi-national financial institutions, to encrypt communications transmitted outside the immediate confines of the data centre, Raz-Lee has answered to the technological challenges posed by its customers to support Syslog encryption.
To quote Wikipedia:
“Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. They use X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom they are communicating and to negotiate a symmetric key. This session key is then used to encrypt data flowing between the parties. This allows for data/message confidentiality and message authentication codes for message integrity and as a by-product, message authentication.”
iSecurity’s Syslog feature sends real-time security-related events originating anywhere on the IBM i (i.e. QAUDJRN system journal, remote network access, MSGQs, jobs, users, etc.) to remote Security Information and Event Management (SIEM) servers. Events can be pre-filtered on the IBM i based on any field or combination of fields and event contents and structure can be easily defined on the IBM i making integration with all SIEM products easy and quick to implement; as such, the Syslog messages can include event-specific data.
Performance has been optimised to the extent that one Raz-Lee customer, a medium-sized insurance company, uses iSecurity Syslog to transmit the entire journal receiver log to their SIEM product, entailing thousands of messages per second which uses only 1% of the CPU.
Eli Spitz, VP Business Development for Raz-Lee Security said:
“As the first IBM i security vendor to support Syslog encryption using TLS, Raz-Lee has again answered to the requests of its customers and remains in the forefront of IBM i technology. In addition, our Syslog support enables users to decide under which conditions to send a Syslog message, to choose the IP address of a specific SIEM server, the facility from which the message is sent, the severity range, etc.”
Posted by Paul on 12th June 2015.