Server security and compliance with IBM PowerSC

IBM PowerSC™ provides a security and compliance solution optimized for virtualized environments on Power Systems™ servers, running PowerVM® and AIX® or Linux. Security control and compliance are some of the key components needed to defend virtualized data center and cloud infrastructure against evolving new threats. IBM's business-driven approach to enterprise security, in conjunction with solutions like PowerSC, make IBM the premier security vendor in the market today.

Highlights

  • Quickly view security status and compliance of an entire datacenter through a newly extended user interface
  • Simplify security management and compliance measurement
  • Reduce administration costs of meeting compliance regulations
  • Improve audit capabilities for virtualized systems
  • Reduce time and skills required for preparation of security audits
  • Enhance detection of security exposures in virtualized environments

See how PowerSC can benefit your business

PowerSC security

Security and compliance automation helps to reduce admin costs, increasing efficiencies

PowerSC real time

Real-time compliance monitoring alerts the administrator when a security policy is violated

PowerSC compliance

Compliance reports reduce time and costs associated with audit report generation

PowerSC compliance

Compliance reports reduce time and costs associated with audit report generation

PowerSC preconfigured

Preconfigured security profiles save companies time, cost, and risk of deploying industry standard security

PowerSC web-based

A web-based user interface indicates a datacenter’s security compliance

Components

PowerSC security and compliance includes the following components:

  • Security and Compliance Automation

  • Provides pre-built profiles that are certified to comply with industry standards like the Payment Card Industry Data Security Standard (PCI) v3, Department of Defense Security Technical Implementation Guide for Unix (DOD STIG), Control Objectives for Information and related Technology (COBIT), the Health Insurance Portability and Accountability Act Privacy and Security Rules (HIPAA), and North American Electric Reliability Corporation compliance (NERC). It simplifies management by automating security and compliance configuration, auditing and monitoring.

  • Real-Time Compliance

  • Automatically monitors and provides immediate visibility to administrators when a change to the system violates a rule that is specified in the configuration policy.

  • Trusted Network Connect and Patch Management

  • Automatically detects any AIX system which boots, resumes or moves by live partition mobility into the virtual environment, and ensures it is at the prescribed install and security patch level. Provides alerts if a security patch is issued that affects compliance.

  • Trusted Boot

  • Monitors the boot image, operating system, and applications for tampering, and verifies their integrity using the virtual trusted platform module (vTPM).

  • Trusted Firewall

  • Ensures that every virtual machine has appropriate network isolation, and enables direct routing across specified virtual LANs that are controlled by the same Virtual I/O Server. By protecting VM to VM traffic within the server, without requiring an external firewall, application performance is improved.

  • Trusted Logging

  • Centrally stores AIX logs on the Virtual I/O Server in real time. This ensures tamperproof logging as well as convenient log backup and management, and eliminates the need for log-scraping agents running on the OS.

  • Trusted Surveyor

  • Independently audits the virtualized network landscape against defined network segregation compliance policies. Gives clients the ability to monitor configuration drift.

Platform offerings

IBM i logo
  • IBM i EAL4+ CAPP certified
  • Integrated audit capabilities (monitoring users and access to data objects)
  • ISV offerings for security monitoring and audit
Linux logo
  • RedHat EAL4+ CAPP, LSPP and RBAC certified
  • Novell Linux CAPP certified on POWER5
AIX logo
  • IBM Tivoli Access Manager for AIX Operating System
  • Encrypted File System
IBM i logo
  • Cryptographic capabilities integrated in the base OS
  • Support for backup encryption
  • Support for disk level encryption
  • IBM PCI-X Cryptographic Coprocessor
Linux logo
  • IBM Tivoli Access Manager for Linux System
  • Encrypted File System
AIX logo
  • IBM Tivoli Access Manager for AIX Operating System
  • Role Based Access Control
  • Support for long passwords and Pass Phrase
IBM i logo
  • Enterprise identify mapping to enable single sign-on
  • Integrated User, Group and authority management
  • Support for long passwords and Pass Phrase
Linux logo
  • IBM Tivoli Access Manager on RHEL4 and SLES 9
AIX logo
  • AIX Trusted Execution
  • Stack Execution Disable
IBM i logo
  • Integrity features to ensure separation of users and applications
Linux logo
  • ELinux with the targeted policy and AppArmor
AIX logo
  • AIX Security Expert
  • Secure by Default
  • Trusted AIX / Multi level Security
IBM i logo
  • System integrity controls (HW storage protection)
  • Digitally signed Firmware, Licensed internal code, operating system, PTFs and program products (the entire software stack)
  • Integrated Intrusion Detection and Prevention support
Linux logo
  • MLS Support on Redhat Linux on Power
AIX logo
  • IBM Radius Server
  • Public Key Infrastructure
  • Network Security
IBM i logo
  • Proventia Network Intrusion Prevention System
  • Integrated Secure Sockets Layer
  • Integrated Virtual Private Network support
  • Integrated IP filtering support
  • Integrated IPv4 and IPv6 support
  • Network Authentication Services: Kerberos and Secure Shell
Linux logo
  • Open Secure Shell

IBM i Security is integrated into the IBM i operating System. Business Partners also provide IBM i security solutions.

Resources

Managing Security and Compliance Using IBM PowerSC

IBM® PowerSC provides a security and compliance solution that is optimized for virtualized environments on IBM Power Systems™ servers

Managing Security and Compliance in Cloud or Virtualized Data Centers Using IBM PowerSC

IBM senior technical staff member and Power Software security architect talk about the ideas and drivers behind the development of PowerSC

IBM System i Security Guide for IBM i 5.4 (i5/OS V5R4)

The IBM System i family, with its operating system IBM i5/OS, is considered one of the most secure systems in the industry

IBM PowerSC Trusted Surveyor

Security control and compliance are some of the key components that are needed to defend the virtualized data center and cloud infrastructure against ever evolving new threats

IBM PowerSC Information Center

IBM PowerSC Trusted Surveyor

Security control and compliance are some of the key components that are needed to defend the virtualized data center and cloud infrastructure against ever evolving new threats

IBM PowerSC Information Center