AIX & Linux

<- Back to Solutions

The security system built into every release of the IBM AIX operating system[1] is intricate and detailed in the extreme. It can take months, even years, to master — if ever.

As you might imagine, few of today’s fast-paced IBM AIX installations have the time (or work force) to master AIX’s security intricacies and inner workings. The result can be major security vulnerabilities for your organization.

Tegra has seen this problem over-and-over. We know how essential (and complex) IBM AIX security is, so we acted: we combined our consulting expertise with that of Ms. Carol Woodbury, a former IBM Security Architect, former IBM Chief Engineering Manager, and author of multiple works (books, articles, speeches, etc.) on IBM product security.

Carol is also a multi award-winning speaker on the topic of security, is certified in Risk and Information Systems Control (CRISC), and is the co-founder and President of SkyView Partners Inc., recognized worldwide as the pre-eminent, independent source of IBM Power systems security consulting and tooling.

The result of the Tegra/Skyview partnership is the “IBM AIX Security Check-up” a one-of-a-kind security survey and analysis that covers all aspects of AIX security, including:

  • System values
  • Application security models
  • TCP/IP configuration
  • Managed Security Services
  • And more – dozens of AIX risk areas are reviewed.

At the conclusion of the IBM AIX Security Check-up, each client receives a comprehensive report entitled “IBM AIX Security Check-up: Detailed Observations and Recommendations” featuring a prioritized list of top security issues uncovered during the check-up. Also included are detailed explanations of why each issue cited has security implications.

IBM AIX Security Check-up is an independent, unbiased, (and thorough) appraisal of an organization’s IBM AIX security, based-on a true expert’s point of view — and hands-on experience.

You simply will not find a better AIX security review and check-up anywhere. Available as a one-time process or an ongoing annual or semi-annual review, the Tegra/Skyview IBM AIX Security Check-up is a ‘must have’ for any IBM AIX installation – including yours.

We offer two (2) service offerings:

  • Managed Security Services – Let our Security Experts monitor your AIX or Linux environment and report to you when a security indicator is out of compliance. Includes an Annual Security Check-Up
  • Security Check-Up – A subscriber-based risk assessment service for identifying security vulnerabilities of your AIX or Linux, includes a report summarizing the vulnerabilities and what should be done to correct them.

Why Managed Security Services

On the list of things to do for your IT staff is “security”.  Rarely does that item get checked off the list because they simply don’t have the time.  Rightfully, they are focused on high-value IT activities that impact the bottom-line.    However that isn’t an excuse for letting security go unaddressed.     SkyView’s Managed Security Service is the answer.   With this monthly service, SkyView experts monitor key security indicators and provided a summary, highlighting any issues.   With the monthly reports, IT is equipped with the right information to choose to address issues, elevate them to management, or defer them as appropriate.   With SkyView Managed Security Services as a member of your team, you get unparalleled expertise paying attention to your servers’ security.

This service removes the burden from your staff and ensures that security is getting the regular attention that management and auditors expect.

What is Managed Security Services for IBM AIX and/or Linux

With all of the work piling on your staff, accomplishing – even the basic – compliance reporting may not be occurring.

SkyView Partners Managed Security Services for Compliance Reporting is a monthly service where critical compliance issues are monitored and you are notified if something falls out of compliance. Regular compliance checks are scheduled with the resulting reports e-mailed to our support staff for their review. If non-compliant issues are discovered, you will be notified.

Once a year, we will do a thorough vulnerability assessment of the IBM AIX servers. We also include permanent licenses of our software (Policy Minder for IBM AIX and/or Linux) as part of the package.

What Managed Security Services for IBM AIX and/or Linux includes

  • One (1) Security Check-Up for IBM AIX and/or Linux per partition per year
  • Licenses of Policy Minder for IBM AIX and/or Linux
  • Annual Maintenance for the above product
  • Monthly monitoring of 10 essential security administration topics, specifically¹:
  • Monitoring which daemons are started
  • Changes to configuration settings
  • Discovering new admin accounts
  • Identifying Accounts Where a password change is overdue
  • Identifying Accounts That are inactive
  • Identifying Accounts With a non-unique UID
  • Identifying Accounts With a UID of root
  • Identifying New Admin accounts
  • Discovering new files with the SUID/SGID bits set
  • Monitoring for changes to the sudoers file
  • Monitoring for permission changes
  • SkyView will notify Customer of the monitoring activity each month.
  • SkyView is not responsible for taking Corrective actions; this responsibility lies with the customer.

¹ Additional Security Administration topics may be added for an additional monthly fee

Want to know more about IBM AIX Security? Ask Tegra!

 

[1] IBM AIX systems, RS/6000, and IBM Power systems are all applicable systems for the IBM AIX Security Check-up.