Guarding Against the Multifaceted Threat to Power Systems
How to protect IBM i, AIX, Linux, and Domino in one fell swoop.
by Christopher Jones
For some time now IBM has been making the AS/400 family more powerful and more versatile. With the introduction of Power Systems in 2008, the promise of one box that can meet the demands of modern computing environments across multiple operating systems truly came of age.
But with this incredible versatility comes increased exposure to threats from malicious code. When an iSeries was running only OS/400 the steps that needed to be taken were clear and the risk was easier to mitigate. Now that IBM i, AIX, and Linux may be running side by side—and connecting to a vast network of Windows PCs within the organization—guarding the fortress against malicious code threats requires a thorough plan and impermeable line of defense.
I say impermeable, but let’s be clear. No line of defense can keep 100% of malicious code threats out of your system. The key lies in quickly identifying and eradicating these threats. To do this, steps must be taken on each platform and there we must adopt a holistic view of protection.
The reality that malicious code represents a real and present danger to IT security is now widely accepted. But still there is a lingering belief within the AS/400 community that the danger does not reach inside our borders. “There are no System i viruses.” True. “There are few Linux and UNIX viruses.” True. “The risk is so minimal that it's not worth pursuing.” Dead false.
Malicious code does not need to target a specific operating system in order to wreak havoc. AIX, Linux, and the IBM i IFS with its UNIX-based privileges model have no problem hosting viruses written for Windows. And because these operating systems can silently host this code and spread it to the larger network, the danger is analogous to the person who has cancer but doesn’t know until it has spread throughout the body and become terminal.
Once malicious code has passed from the Power System to a Windows PC it can execute and then backtrack to the Power System to delete files, steal data, send commands, and more. The fact that a given virus can’t execute under IBM i, AIX, or Linux is moot. It doesn’t need to.
So how do you stop this malicious code panspermia? Let’s break it down into a three-step process:
Step 1: Develop an implementation plan
Step 2: Select a consistent solution
Step 3: Establish an easy-to-manage system
The first step is to prepare a plan that places anti-virus software on each and every system. This includes the Windows PCs in the network as well as every server and partition, regardless of the operating system that is running. If you are using Domino, you should protect that point of entry as well. The good news is that there is now a native solution available for virtually every OS that you may be running. Putting guards at each checkpoint is a recommendation and requirement of most regulatory legislation and guidelines, including SOX, COBIT, and NIST.
The second step is selecting the best protection. Consistency across systems can help ensure that the malicious code can be caught at each checkpoint. Fortunately McAfee provides native engines and uniform definition files that span all of the operating systems that run on IBM Power Systems, as well as Domino environments running on IBM i. McAfee technology has placed first in testing by the University of Hamburg Virus Test Center.
The third step is implementing a solution that is easy to manage. When it comes to a Power System running IBM i, AIX, and/or Linux in partitions, StandGuard Anti-Virus easily meets this need by allowing you to manage the scanning and cleaning of all partitions from a single point of control under IBM i. There are native version of StandGuard Anti-Virus for IBM i, AIX, Linux, and Domino, and these use the same virus definition files as McAfee’s Windows solutions. By implementing a single family of solutions across the environment you can ensure stable, reliable, and predictable protection. And by eliminating the need to manage each operating system separately you can save precious time that can be put to better use.
As we step back and take a holistic view of the malicious code threat and accept a platform-agnostic position, we find that we can ensure that our networks and organizations are fully protected. StandGuard Anti-Virus is the most powerful tool available for those working with IBM Power Systems, and this powerful solution with McAfee engine and backing of McAfee AVERT
Labs can protect IBM i, AIX, Linux, and Domino in one fell swoop.
If you’re interested in learning more about StandGuard Anti-Virus you access informational materials and even get a free trial to scan your own system by visiting www.sgav.info. You might be surprised at what you turn up.
This article was originally published on MC Press Online.