IBM i pros are waking up to the fact that built-in intrusion prevention features just won’t cut it anymore. Backdoors like FTP, ODBC, SQL, JDBC, and Remote Command make it impossible to solely rely on traditional menu security plans.
Making matters worse is that, once in, intruders and authorized users alike often have free range in accessing objects, libraries, and programs that they have no legitimate need for.
Powertech Exit Point Manager for IBM i protects your organization from the high cost and negative publicity of security breaches by tracking, monitoring, and controlling access to your data.
My name is Amy Williams and I have nearly 20 years of experience securing and managing this platform. Having worked with customers of all industries and from all over the world, I’ve just about seen it all when it comes to IBM i security – whether it’s fending off ransomware attacks, sniffing out dormant malware, or helping customers implement state-of-the-art zero trust architecture.
In my experience, Powertech Exit Point Manager is one of the most impactful security tools that an organization can purchase for their IBM i.
In this blog, we’ll explore the major ways in which Powertech Exit Point Manager helps organizations regain control over system access, illustrated by real-world examples that my colleagues and I have acquired from working with customers.
Powertech Exit Point Manager Provides Visibility
What could be scarier than knowing that your systems are being targeted by threat actors? I would argue that being completely unaware of who is accessing your systems and what they’re doing once inside is far more frightening.
Are users accessing information and performing functions that are outside of the scope of their jobs? Have any threat actors made intrusion attempts? Were they successful? The uncertainty that comes with a lack of visibility into access on your systems is unsettling. Powertech Exit Point Manager gives you complete visibility into who is gaining access to your systems and what they are doing upon entrance.
Not long ago, a customer was running a trial of Powertech Exit Point Manager. After two weeks, they asked us to review some suspicious events that took place on their systems overnight. Upon review, we were confident that a foreign threat actor had breached the firewall and was attempting to connect to the IBM i through FTP.
There were almost 800 attempts by non-existent profiles such as “root,” “anonymous,” “user,” and “user123.” Without Powertech Exit Point Manager in place to audit FTP access, the customer would have remained unaware of the suspicious activity, allowing the threat actor to continue attempting connections unchecked.
Monitor and Control Internal Activity
It's not just external threats that organizations need to be concerned with. Users can intentionally and unintentionally wreak havoc on sensitive objects. Knowing this, a customer of ours had some concerns about end users who were using an SQL-based tool to perform queries to the IBM i database.
Their administrator wanted to know:
- Are they accessing only the data that their job roles require?
- Are they looking at data they should not?
- Are they changing data using SQL statements?
By installing Powertech Exit Point Manager, these concerns were quickly put to rest.
Administrators can attempt to maintain similar visibility without Powertech Exit Point Manager. However, monitoring exit points and tracking object usage from sources like ODBC or DDM is an incredibly manual and resource-intensive endeavor—often exceeding what IT teams are prepared to handle.
In one recent object remediation project, we used Powertech Exit Point Manager to identify all the files that a customer’s users were running reports against. We were then able to quickly set the authority to each of those objects at least-privilege. Without Powertech Exit Point Manager, this effort would have been time-consuming, expensive, and likely to result in errors.
Minimize Insider Threats by Fostering a Zero-Trust Architecture
Powertech Exit Point Manager helps customers ensure that users only have access to the functions they require. This may sound like overkill, but believe me when I say that those organizations with a lot of IBM i security expertise on staff really value this capability.
Take, for example, a customer that hosts IBM i servers for other companies. In one system/LPAR, they host multiple clients, each with their own libraries. Making sure each client is restricted to their own data is crucial in securing each individual clients’ data. Powertech Exit Point Manager is designed to thrive in these environments, providing clear, enforceable object-level permissions
This tool goes beyond basic server-level restrictions, delivering a granular security framework tailored to complex configurations. With configurable alerts and comprehensive access reports, administrators are notified when users attempt to access unauthorized servers or functions—mitigating insider threats and minimizing the fallout from costly errors.
One memorable case involved a customer who was trying to prevent users from making mistakes like accidentally updating databases – while still allowing them to run queries. This stemmed from an incident where a sales team member had added the IBM i production database as a data source in Microsoft Excel, applied a filter so they only saw records from their territory, then saved their changes. What the user didn’t realize was that they updated the production database and wiped out all the other records.
Manage Compliance Amid Growing IBM i Complexity
Tackling IBM i compliance in today’s day and age is complicated by the growing interconnectedness of the platform. Customers that have devoted significant time to refining profile settings and command auditing are now being forced to revisit those longstanding policies to align with evolving audit requirements.
One particularly challenging component of maintaining compliance is the logging, monitoring, and controlling of access to IBM i. IBM i supports access through a variety of external interfaces – like ODBC, FTP, JDBC, and SQL – with terminals that are no longer required to be hard wired to the server. Unfortunately, traditional logging methods do not adequately record activity from these types of interfaces.
Many customers come to us that are struggling to solve this exact issue – and it’s a good thing they do. Powertech Exit Point Manager can monitor access to these external interfaces, record activity, and apply rules to allow or reject certain types of access – allowing these organizations to stay secure and compliant.
Ready to Get Started with Powertech Exit Point Manager?
See for yourself how easy it is to close back doors to your network that traditional menu schemes leave unprotected. Our team of software experts would love to discuss what you’re looking for and show you what Powertech Exit Point Manager can do to help.
