Archive for November, 2011

PowerNews: November 2011

Posted in Audits, Security on November 21st, 2011 by Kiki – Be the first to comment

Defining a Batch Assessment in Compliance Monitor 3

By Robin Tatam, Director of Security Technologies

A Compliance Monitor batch assessment is the same as any other assessment, but it doesn’t require human intervention to run, or to distribute the resulting reports. We’ll show you how easy it is to set up your batch assessments so they run at regularly scheduled times.

  1. Sign in to Compliance Monitor using the user profile under which you want your batch assessment to run.
  2. Right-click the Consolidator and select Batch Assessments/Reporting.
  3. On the Batch Assessments and Report Distribution window, click New to define a new batch assessment. To create a new batch assessment definition from an existing definition, select the assessment name and click Copy. You also can edit an existing batch definition; just double-click the assessment name, or select the assessment and click Edit.

Defining a Batch Assessment
You can define a batch assessment by following these four simple steps:

Step 1: Batch Report Information
Enter a name and description for the assessment. Specify a scheduling option: Not Scheduled (the assessment will be started manually); Use the Consolidator’s internal scheduler; or Use Robot/SCHEDULE (Robot/SCHEDULE must be installed on the Consolidator system).

CM-bch-rpt-info

Step 2: Systems to collect data
Select the Endpoint systems from which to collect data when the batch assessment runs. Click Add Selected to add the selected endpoints to the assessment.

CM-systems

Step 3: Select the reports for this assessment
Select the reports to include in the batch assessment. Selecting a report category (instead of individual reports) allows you to add or remove reports from the category without having to modify the batch assessment definition. The batch assessment runs the reports in the report category at the time the assessment runs.

CM-sel-rpts

If your report selection includes object-based reports, you specify object limits using the Object Limits tab. The Consolidator default is preconfigured for some common object types; you can define a new filter to limit the assessment to the objects required by your reports.

CM-obj-limits

If your report selection includes log file reports, you must specify log file criteria using the Log File Options tab. You can limit the assessment by source and the date range of the log file data.

CM-log-file-opts

Step 4: Batch Report Output
Specify how to handle the completed reports from the batch assessment. You can store reports as separate files, or combined into a single .zip file, which can be secured with an optional password. You also can specify the format of the files.

Compliance Monitor can e-mail the reports to selected recipients or place them in the IFS.

CM-rpt-output

Click Next to specify access control settings for the batch assessment. Then, click Finish to save the batch assessment definition.

Running Your Batch Assessment
You can run a batch assessment manually to check if it is defined correctly by clicking Run Now on the Batch Assessments and Report Distribution window. This overrides any schedule that is defined for the assessment.

To view the run history (including diagnostics) of a batch assessment, select the batch name on the Batch Assessments and Report Distribution window and click History. To view the run history of all batch assessments, click Show.

—————————————————————————————-

IBM i Solution Edition for Help/Systems

bundlesavePT_070811Purchase any software solution from Help/Systems (Robot Automated Operations Solution); PowerTech (IBM i security solutions); SEQUEL Software (data access/analysis and productivity software); Bytware (anti-virus and monitoring solutions for IBM i) and enjoy big discounts on training, services, and IBM POWER7 systems.

For details, contact your local IBM Business Partner, or Doug Fulmer at dougfulmer@helpsystems.com, or visit our IBM i Solution Edition web page.

—————————————————————————————-

Q & A with Paulie Culin

Dear Paulie,
I’m cleaning up my system and would like to delete an old Network Security product library. Will this create any problems?

A: Before deleting the library, you first must determine if any of the objects in the library are still in use. You can check for object locks by using the WRKOBJLCK command against the library.

WRKOBJLCK OBJ(library_name) OBJTYPE(*LIB)

If no locks are found, you can delete the library. If the WRKOBJLCK command finds jobs with a lock, do not delete anything. Call PowerTech technical support for further assistance.

Dear Paulie,
How can I autostart Compliance Monitor after an IPL?

A: Simply add the STRPTCMCSL command to QSTRUP. Keep in mind that the endpoint monitors start on their own once they receive a request.

Learn more with PowerTech Webinars and online training.

Request a demo.