Enforcive Policy Compliance Manager


Easily Create, Document, and Maintain Clear Security Policies Across Your Organization

The Enforcive Policy Compliance Manager add-on helps IT managers and security officers quickly verify that security and system settings are in line with internal IT policies and regulatory compliance requirements. Through a template-based approach, your company is empowered to stay on top of the specific requirements of compliance regulations, including Sarbanes-Oxley, Basel III, HIPAA, local privacy legislation, and a host of others. By giving you full control over native definitions, deviation reporting, and remediation, the powerful templates in Policy Compliance Manager help unify your compliance efforts, eliminate redundancy, and reduce the complexity of regulatory adherence. And configuration is easy with the included GUI front end.

Circle of Compliance

Seamless Integration with the Enforcive Enterprise Security Suite

Policy Compliance Manager integrates seamlessly with the Enforcive Enterprise Security Suite, which provides real-time security and compliance monitoring. When the Enforcive Suite detects any intrusion or policy violation based on what you’ve defined in Policy Compliance Manager, it automatically sends alerts via e-mail, text, or system response messages. In fact, system response alerts can be defined to execute preventative actions, including disabling a user, revoking special authority status, calling a custom program, or sending a message to a data queue, message queue, SNMP trap, or syslog server. Plus, integration with the Enforcive Suite allows audit trails from the Policy Compliance Manager to be sent directly to the suite’s Central Audit module for correlation analysis with other event types, such as exit point transactions.


How Policy Compliance Manager Works

It begins with setting up templates that define the organization’s policy and then applying these templates across multiple servers or partitions. Once done, a compliance check runs against the actual definitions in the system and a report is produced showing all deviations from the policy’s template. After checking the deviations, you then have the option of aligning the actual definitions in the system to that of the policy, which can be done with a just a few clicks of the mouse.

Policy templates can be defined for:

  • System values
  • User-profile attributes
  • Object authorities
  • IFS object authorities
  • Authorization lists
  • Group members
  • Adopted authorities
  • Object integrity
  • IFS object integrity
  • User auditing
  • Object auditing
  • TCP/IP ports
  • File shares

Key Benefits and Features

  • Helps organizations comply with industry regulations
  • Maintains a documented security policy that can be instantly shown to auditors
  • Gives auditors and management the needed tools to verify that corporate policies are really implemented in IT systems—not just written in policy documents
  • Provides auditors and administrators who are not IBM i experts with a window into how your security policies are implemented
  • Allows security officers to define a variety of security policies for your IBM i, check them at will, and fix as needed any current system definitions so these conform to the internal policy
  • Allows different approaches to a security policy, with the ability to compare, revise, and upgrade the existing policy with the agreed-upon revisions
  • Scans system for deviations from organizational policy and then lists them individually for review—both on-screen and within printed reports
  • Allows security officers to pinpoint parameters that have not been defined in accordance with organizational policy, such as user-profile parameters, system values, and object authority