Despite it's reputation as a traditionally "safe" environment, IT security on IBM i should be a high priority for anyone running the platform. And while IBM i is a relatively safe platform, we need to change our mindset around IT security from IBM i being the “most secure” platform to the “most securable” platform.
Too many companies leave the proverbial key under the doormat. You can have the most secure deadbolt on the market, but if you make the key accessible it doesn’t matter. Likewise, IBM i can easily become insecure if your organization doesn’t intentionally design and implement a plan for information security.
Best IT security practices indicate that organizations should be running a SIEM (Security Information and Event Management) application or a system that is monitored by an SOC (information Security Operations Center). A SIEM uses syslog format to digest and parse information that it receives.
Traditionally, IBM i did not inherently translate IBM i logs into syslog format, so organizations using IBM i needed to purchase a third-party product to do the translation. Some companies who have implemented a SIEM have chosen to skip over the IBM i server because they didn’t want to pay that extra cost to provide a conduit between IBM i and that SIEM.
Luckily, IBM has recognized this security need and provided a less expensive option to include IBM i logs in a SIEM. As of IBM i 7.2 and with the release of DB2 support, IBM i can now export History log and Audit journal to syslog.
For the past two decades, we've made it our business to help you work smarter. From commerce challenges to ERP customizations, we support the power of your big ideas by helping you work more strategically, more intuitively, and more efficiently.
2658 Scranton Road, Suite 3 Cleveland, Ohio 44113 216.369.3600