PowerSC Security and Compliance Automation

Description

This is a security hardening tool found in the PowerSC suite of security tools.  Like all PowerSC tools, it can function as a stand alone tool.  This tool centers around the PowerSC command, pscxpert.  This command is based upon the aixpert tool that was release in AIX 5.3, but pscxpert supplants the aixpert tool.  Security hardening is a fundamental security layer that should be a part of your Defense in Depth security strategy for your AIX systems.  This tool alters AIX settings to improve your security configuration.  Since different types of organizations must meet different types of security and compliance requirements, this tool has organized each type of requirement to a corresponding XML profile.  For example, an organization needing to meet PCI compliance requirements would deploy the PCI.xml file.

Features

  1. Deploy, check and unapply security settings
  2. Provides security and compliance profiles for:
    1. DoD – Department of Defense STIG
    2. HIPAA – Health Insurance Portability and Accountability Act
    3. NERC – North American Electric Reliability Corporation compliance
    4. PCIv3 – The Payment Card Industry – Data Security Standard
    5. SOX-COBIT – Sarbanes-Oxley Act and COBIT compliance
    6. Database – Provides general purpose database security hardening
  3. Provides the ability to check for compatibilty to a given profile without altering the running system
  4. Provides the ability to run a compliance check against a running system and generate a text or .csv file of the results
  5. Security settings can be monitored in real time using PowerSC Real Time Compliance
  6. Highly customizable configuration
  7. IBM Lab Services provides services to enable you to deploy your own custom built security hardening controls

Services

see PowerSC Monitoring and Compliance Workshop Flyer

%d bloggers like this: