AOS Security Manager and User Environment Manager
AOS Security Manager provides facilities for both security enhancement
and security monitoring of single and networked iSeries.
Working very closely with this module is AOS User Environment Manager,
which allows certain 'housekeeping' functions to be delegated to the users
in a controlled and secure way.
Benefits of AOS Security Manager
- Improved system security through reduced risk of unauthorised system
access
- Improved control of network access
- Advances reporting of security risks
- Improved management reporting through analysis of security activity
- Benefits of AOS User Environment Manager
- Operations freed form routine 'user environment' tasks
- Users given more control over their work environments without compromising
system security
- Augmented security simplification of menu design and system access
- Reduced administration necessary to handle changes in personnel through
- AOS User Environment Manager's 'user sets'
AOS Security Manager Highlights
Secure activity database
OS/400 monitors security, collecting a wide range of information and storing
it in journal logs. AOS Security Manager converts these complex journals
into a secure information database which can be interrogated to provide
a number of reports, both detailed and summary. Since OS/400 journal entries
may not be amended, this is a very secure reporting technique.
The reports assist in the identification of users, programs and jobs with
special access rights - an invaluable tool for routine audits of the iSeries
environment.
Enhanced control of network access
Control of network access to iSeries systems can be enhanced by use of
AOS Security Manager, particularly in areas such as PC-support, distributed
data management (DDM) and display station pass-through. User-defined control
tables are used to validate all access attempts. Unsuccessful attempts
can be logged for future auditing.
Password synchronisation for networked systems
For networked iSeries systems, AOS Security Manager provides a password
on one system to be distributed automatically to other systems, removing
the need to change passwords individually across multiple systems.
AOS User Environment Manager Highlights
Controlled delegation of responsibility
AOS's User Environment Manager puts responsibility for a user's environment
where it belongs: with the user! The module allows the operations department
to transfer housekeeping functions (such as moving jobs and spool files
or resetting passwords) to individual users or groups of users, without
compromising security. Users therefore have the ability to manage their
own resources in a controlled, secure way while support staff can be released
to concentrate on more productive work, with fewer unscheduled tasks disrupting
planned work.
The delegation of responsibility is done in a highly controlled way
so that users are only allowed to amend authorised objects and any unauthorised
tampering is prevented. Users may be grouped into a hierarchy where each
level can have additional authority over the group or groups beneath them.
Creation of highly secure environment
The module allows the creation of a secure environment for any user or
group of users, allowing them to manage only their own resources and those
of their subordinates.
Custom menus may be created, with display of menu options controlled dynamically
according to the authorisation level specified for each user. This ensures
that only those options that are valid for a particular user are displayed
on the screen.
Library lists can be created and attached to menus or menu options. These
will be used automatically whenever that menu or option is invoked.
Control is also provided over access to the command line, ensuring that
users remain within the secure environment.
|
