Who is Fortra?
Fortra is the leading expert in automated security solutions for IBM i (System i®, iSeries®, AS/400®), helping users manage today's compliance regulations and data privacy threats.
Fortra products provide definitive security coverage for IBM i servers, including management of powerful user profiles, customized auditing and reporting, network access (exit program) control, real-time reporting of security events, real-time database monitoring, and command monitoring and control.
Fortra also works to raise industry awareness of security issues and solutions by publishing an annual security study, and hosting security and compliance webinars.
Who performs the Security Scan?
A Fortra Security Advisor works with you to install, run, and interpret the Security Scan results. You can ask questions and discuss corrective actions with the advisor.
Can I run the Security Scan on multiple IBM i systems?
You can run the Security Scan against any number of systems within a 7-day period. Many customers adjust their security settings and rerun the Scan to see the effect of their changes.
How long does it take to analyze the Security Scan results?
Depending on the size of the server, the data collection and analysis typically takes a few minutes. The results appear in a rich browser-based application, and can be viewed, printed, and stored for later review.
Does the Security Scan leave files on my IBM i server?
The Security Scan application installs a licensed program product to collect the security data. When the analysis is complete, the process removes the files, or you can remove it manually using the DLTLICPGM command.
Do I have to work with a Security Advisor, or can I run the Security Scan on my own?
Although you can run the Scan on your own, the Security Advisor is an expert at interpreting the findings. If a professional diagnostic review is free, why not take advantage of it?
How long does it take to schedule a Security Scan?
The Security Scan usually can be scheduled within a day or two of your request. You'll receive a WebEx invitation from the Security Advisor and we handle all of the preparation.
Does the Scan have to be performed during "off hours?"
The Scan is designed to create only a minimal impact, even on a production server. There's no significant performance overhead or disk space use. And, of course, no system settings are ever changed.
What do I do after the Scan is complete?
Assuming that the Scan finds vulnerabilities, the Security Advisor and the Recommendations section of the Scan provide remediation advice. And, for seven days, you can make configuration changes and rerun the Scan to test your changes.