>> EN | DE
   Home | WiseTest | Services | Products | References | News | Events | Partners   About Detack  
 
    IT Security Services
Security Auditing
Audit Targets
Cash & Payment
    Systems(ATM,POS,etc.)
E-Services
Host &
    Midrange Systems
Infrastructure
Terminal Services
VPN Services
SAP®Systems
EDI / Other Enterprise     Services

Documentation &
    design policy
Custom &
    Specialized Audits
Audit Layers
Audit Perspective
Consulting

 

 

 

 

 

 

Services > Premium Audit > Audit Targets > Host & Midrange Systems



Detack provides customizations of the IT security auditing modules in order to cover the particular aspects of environments centered around host and midrange systems (IBM(R) S/390 / zSeries and AS/400 / iSeries).

The Detack host and midrange auditing services use existing modules customized for the coverage of different layers present in such environments. For example, the following summary shows applicable modules in a typical S/390 environment; full information is available upon request.

Hardware Layer
Detack base module:
"Standard IT Security Audit"

Customization Elements:
- Service Management: Support Elements, HMC Systems, etc.
- Communication Systems: OSA-Express, 3745/6 (MOSS), xx74, SNA/IP, etc.
- Emulation Systems: Various TN3270 gateways, Tape emulation
- Storage: NAS/iSCSI, manageable tape libraries, etc.
- Management Systems: Operator consoles, service networks.
Any additional related systems, such as routers, switches, etc., are fully tested as well.

Subsystem Layer
Detack base modules:
"Standard IT Security Audit"
"e-Business Security Audit"
"Client Access Policy Audit"

Customization Elements:
Depending on the complexity and number of the subsystems, all or only some of the modules presented above might apply. Some of the basic subsystems are already covered by th O/S layer testing, such as the MVS/JES2,TSO environment. Example subsystems covered are: CICS, USS, RACF, IMS, WAS, LDAP, CCL (Linux) etc.

Application Interface Layer
Detack base modules:
"Standard IT Security Audit"
"e-Business Security Audit"
"Client Access Policy Audit"

Customization Elements:
Depending on the complexity and number of the subsystems, all or only some of the modules presented above might apply. Example application interfaces to be tested are: MQ-Series, DB2, CICS, 3270 screen emulation, etc.

Application Layer
Detack base modules:
"e-Business Services Audit"
"Client Access Policy Audit"

Customization Elements:
Each application has its own IT security auditing requirements; the test procedures are adapted for covering the particular aspects of each application; there are no general rules to be considered, but however the Detack e-business audit modules were designed flexible enough in order to cover any type of applications, remaining to customize only the required resources.
© 2000-2012 Detack GmbH. All rights reserved.