Skip to content ↓ | Skip to navigation ↓

IT Security and Operations have always spoken two different languages. But if you thought there was a chasm there, the chasm between the i5/OS administrator and the rest of the world is like the Grand Canyon! So does that mean the security and regulatory pressures don’t apply to the i5/OS infrastructure? To the contrary, we are finding that i5/OS has been in customer environments longer than most other infrastructure, is stable and does what it needs to do. It most often carries sensitive data and is very much in scope for PCI, SOX and NERC compliance.

Now try saying the word “file integrity monitoring” to an i5/OS administrator and watch his blank stare or better yet, “what planet are you from?” look. These are the challenges we hear from security and compliance owners.

Tripwire Enterprise now provides change auditing and configuration assessment for i5/OS in the same seamless fashion as our Windows, Unix or Linux monitoring. So security professionals can speak “security”, i5/OS administrators can speak i5/OS and we can all get complete visibility into changes that put systems into insecure states and pass compliance without learning a new language.

Tripwire University
  • Dan Wagner

    I am not sure whom you talked to that was a REAL i5/OS admin but “file integrity monitoring” is at the heart of that system. I am a certified i5 guru in several of it's technologies since 1990 and I can tell you that most of the products 'possibly including yours' only plays on the ignorance of the less talented i5/OS owners.

    When I stopped supporting these systems full time in the late 90's journaling of sub-nano second records read/write activities was a customer requirement for companies like AutoClub, (AAA), etc.

    Check your facts and you will find that logging, auditing, audit trails and file integrity monitoring 'IS' provided in that OS and has been since its inception. You may have to put effort into finding the answers, like maybe talking to an engineer or reading a Redbook, but it is there and I am willing to bet my career on this one!

    Dan Wagner

  • Thanks for posting – I do hope to continue this dialog. It is exactly in line with what we hear in the market. Yes, journaling, auditing and logging are part of the i5/OS system and arguably are more robust than similar capabilities in Windows on Unix. However, capturing all that data isn't quite the same as file integrity monitoring. When we were building this capability we heard similar comments from i5/OS administrators – Why would I need all this data? More importantly, who would want to see all this data? Tripwire Enterprise taps into the journaling to collect this information. Then it reconciles good changes and bad ones by any number of ways – authorized users, time of day, change tickets, etc. and also by monitoring changes to specific configurations that create vulnerabilities. This should leave the i5/OS administrator to work on his day while the compliance and security office leave him alone – that is of course, unless there have been unauthorized changes or changes that put the system in a vulnerable state.