Product/Technology: PacketSentry TN3270 mainframe support
Hardware, Software or Service: Software Appliance
Launched: october 2009 (Upgrade)
What it does? Many mainframe applications lack the audit capability required to meet today's compliance and internal audit control objectives. Modifying mainframe code is risky expensive and often impossible because the application developer is no longer available. PacketSentry creates an audit trail of every screen accessed via TN3270 plus everything entered on each screen by users. Crucially the solution decodes mainframe user IDs thereby reporting on specific users such as administrative accounts. The audit trail is correlated with Windows® domain IDs of the end users so that mainframe account misuse or sharing is easily detected and stopped. Multiple languages are also supported.
2010 Product Innovations - Network Products Guide
What makes it Innovative?
Many mainframe applications lack the audit capability required to meet today’s compliance and internal audit control objectives. The normal solution is to add mainframe software to handle the auditing. However modifying mainframe code is risky, expensive, and often impossible because the application developer is no longer available.
PacketMotion’s Mainframe/TN3270 offering solves the audit problem in a unique, low-risk, operationally efficient approach. The product delivers mainframe audit controls with no need for mainframe software development or in-line appliances that could affect application performance or availability, making the solution easy and risk-free to integrate into the environment. Instead of an expensive, multi-month development project, the solution is operational and supports audit or compliance control activities in one or two days.
PacketMotion’s Mainframe/TN3270 solution offers both an audit trail of user activity and real-time controls. The audit trail includes all the information required to satisfy an auditor: mainframe user ID, timestamp, all the screens accessed by the user, and what was entered on each screen. Report filtering allows for efficient review of all user activity. In particular, filtering can be used to only display the activity of privileged user accounts. These accounts are powerful enough to bypass application controls, and are therefore of paramount interest to auditors.
The PacketMotion solution is also unique in that the audit trail is correlated with Microsoft Windows® domain IDs of the end users. This means that the use of a shared mainframe administration account can be correlated to the actual user, and that mainframe account misuse or sharing is easily detected and stopped.
The solution’s policy rule capability enables real-time alerting or blocking controls. For example, the use of a mainframe administration account can be blocked unless used from specified domain-authenticated PCs or approved locations. Trying to build similar controls on the mainframe itself is always risky and difficult because of the possible impact to the application. In some cases, such controls are simply not possible on the mainframe, because of the lack of knowledge about the network and client PCs being used for access.
PacketMotion’s Mainframe/TN3270 solution supports multiple languages, and even encrypted TN3270 transactions can be audited, using the optional SSL Inspector appliance.
In summary, PacketMotion’s Mainframe/TN3270 solution is unique because it provides superior audit controls without the risk, expense, and limitations of alternative solutions.