State Universities Retirement System of Illinois
Benefits administrator heightens the security of its IBM i server and the efficiency of its operations with solutions from Bytware.
Imagine that you’re a system administrator for a medium-sized IBM i shop and you face a couple of challenges: First, you run jobs at night to better leverage your information technology investment, but you can’t cost-justify an overnight shift to babysit those jobs. Second, your system must accept files that other organizations send by FTP. Because those files originate on systems that aren’t as secure as IBM i, they might contain viruses. You need a way to make sure that those viruses don’t hitchhike onto your IBM i server and from there to the rest of your network. That was the scenario at the State Universities Retirement System of Illinois (SURS). It overcame the challenges with the help of MessengerPlus, StandGuard Anti-Virus and StandGuard Network Security, all from Bytware.
Originally called the University Retirement System, SURS was founded in 1941 as a benefits administrator for employees of the University of Illinois. That role was later expanded to include other universities, community colleges and affiliated agencies across the state. Today, Champaign, Illinois-based SURS serves 68 employers. Its membership spans a broad cross-section of employees, including professors, teachers, clerical staff, building service workers and groundskeepers, among others. As of June 30, 2007 SURS’ assets under administration totaled almost $16 billion.
SURS runs its operations on a partitioned System i Model 520 server.
Worry-Free Lights-Out Computing
SURS schedules jobs to run at night on its IBM i server. This allows the organization to more fully exploit its computing resources while also keeping batch processing workloads off the system when users are busy during the normal workday. The problem is that, as with any system, things occasionally go wrong. Having an operator on duty in the middle of the night merely to deal with a rare job failure was a costly proposition. Yet, leaving failed jobs incomplete until an operator arrived the next morning—or Monday morning if the job ran on a weekend— was also unacceptable.
SURS resolved the dilemma with MessengerPlus.
MessengerPlus performs pre-defined actions to automate responses to recurring events. It can be configured to send replies, run commands, copy events to other systems and more. Fully customizable, yet designed to work right out of the box, MessengerPlus monitors messages, WRKACTJOB, WRKJOBQ, WRKOUTQ, WRKCFGSTS, QAUDJRN, TCP/IP and much more. With the combination of flexible action escalation and notification to any wireless device, MessengerPlus provides a set of always-awake eyes that can alert you to situations requiring your attention—without the need to be tied to the system.
When SURS first implemented MessengerPlus, the software buzzed a system administrator’s pager whenever critical issues arose on the System i server. Later, the organization switched from pagers to phone notifications. Now, an administrator located anywhere can receive a notification when a job completes or an abnormal condition occurs. The administrator can then dial into the system and take corrective action if necessary.
“We’re now very comfortable with not having someone around during our off-hours operations,” declared Tom Cagle, an iSeries administrator at SURS.
Viruses? On IBM i?
Many people will look at you askance if you admit to worrying about viruses on IBM i. After all, there have been very few documented cases of IBM i infections. Nonetheless, some concern is justified.
Consider the situation at SURS. The agencies that it deals with frequently send it electronic files that don’t originate on IBM i, but rather on PCs and other systems that are prone to viruses. SURS has one IBM i partition set up to handle Web operations, including receiving files sent via FTP. From that partition, files are passed to the production partition and possibly on to other systems on the network. In addition, internal users can upload files from their Windows-based PCs to the production partition.
In the past, any viruses embedded in the received files could pass through the IBM i server and onto other machines that were significantly less virus-resistant than IBM i. Not anymore. Now SURS runs StandGuard AntiVirus in both the Web and the production partitions to eradicate viruses before they can do any harm.
Developed by Bytware in cooperation with IBM and McAfee, StandGuard Anti-Virus is built specifically for IBM Power Systems i edition (formerly AS/400, iSeries, and System i) and IBM i (formerly OS/400 and i5/OS). Utilizing McAfee’s industry-leading scanning engine, which the University of Hamburg’s Virus Test Center’s trials ranked as number one, StandGuard Anti-Virus detects more than 423,000 threats as of July 2008—a number that grows daily. The McAfee engine is supported by researchers at AVERT Labs, a global team that monitors and responds to malicious code activity 24 hours a day, 365 days a year. As a result, StandGuard Anti-Virus detects more than 99% of viruses in the wild.
Scanning your IBM i server for threats and malicious code with a native anti-virus solution adds an essential layer of protection that no other type of solution can provide. Because of the unique design of IBM i, without the native protection that StandGuard Anti-Virus provides you have no way of knowing if your system is hosting, spreading, or at risk from attacks or unwanted code.
Extending IBM i Security
SURS recently installed StandGuard Network Security to improve security on its System i Server. IBM i has a solid reputation as a very secure system, so why did SURS feel the need to augment security? “System i is real good about its security, but we like to keep a little closer eye on things,” explained Cagle.
Built on an object-based design that is consistent with IBM i object security, StandGuard Network Security provides superior protection and easier management than transaction-based solutions. With a focus on users and groups—and their relationship to databases, applications, and objects— it delivers a highly effective security solution.
StandGuard Network Security provides protection for all exit points and secures more than 120 server functions. It offers support for both public and private authorities, allowing you to specify access down to file level. The resulting solution locks down, monitors, and audits access to objects, network services, and resources.
At first, SURS used StandGuard Network Security solely to ensure that FTP was allowed on the Web partition, but not on the production partition. It later began using the software to make certain that no unauthorized personnel executed any raw SQL or remote commands.
In addition, SURS uses StandGuard Network Security to ensure that its high availability infrastructure does not inadvertently provide a backdoor for unauthorized system access. SURS uses iTERA, from Vision Solutions, to maintain a near real-time replica of its system. A single port is allocated to iTERA for replication purposes and StandGuard Network Security locks that port down so no one and no other application can use it as a point of entry into SURS’ systems.
Easy to Install, Manage and Use
Cagle found the solutions very easy to install, manage and use. With Bytware’s assistance, SURS installed StandGuard Network Security in about half a day. The other products, MessengerPlus and StandGuard Anti-Virus, were installed in even less time, without the need for help from Bytware.
“It’s really easy to manage and use,” added Cagle. “We go in there, look at the things we want to look at and we’re done. We’ve never had any issues with the products. And we have it set up so that it automatically applies any PTFs or other software updates that we need.”
Learning to use the solutions was simple as well. “We just went through the books that Bytware provided and that took care of our training needs,” said Cagle. “If we had any questions we contacted Bytware and they were very quick to respond.”
Peace of Mind
The biggest benefit that SURS has received from the Bytware solutions is probably peace of mind. “The Bytware products make it a lot easier for us to control what people are doing on the system,” stated Cagle. “And we use the MessengerPlus auditing journal to monitor critical activities on the system. [With the Bytware solutions in place] we don’t have to sit there and constantly watch what’s happening on the system.”
Learn more about the State Universities Retirement System of Illinois
Learn more about MessengerPlus
Resource Details
Type: Case Study
Product: MessengerPlus, StandGuard Anti-Virus, StandGuard Network Security
Customer: State Universities Retirement System of Illinois
Summary
SURS, the State Universities Retirement System of Illinois, serves 68 employers and administers almost $16 billion worth of assets for the state's educational systems and affiliated agencies. When it came time to address the security of its data and the operations of its IBM Power Systems, it found the perfect solutions in Bytware's Messenger and StandGuard families.
Case Studies by Product
Other Resources