The Fortra Security Scan is the place to start when you want to secure your IBM i (System i®, iSeries®, AS/400®). The free Scan provides a snapshot of your current system security in just 10 minutes. It runs directly from a network-attached PC, without modifying any system settings. The Security Scan audits common security metrics and displays the results in an easy-to-read, browser-based application. A Fortra Security Advisor helps you interpret the results, and you can print the findings for your records.
The Security Scan Reviews Critical Areas of IBM i Security
The Executive Summary ranks the overall condition of your system. Red, yellow, and green indicators compare your system against best practices, along with references to the COBIT framework to which they apply.
The Administrative Rights section reviews eight special authorities and the vulnerabilities of each.
The public is any user with a profile and password, so this section indicates how accessible the system is to the average end user.
User Access to Data
The User Access section reviews user access to system data through common network access services, such as FTP, ODBC, and Remote Command.
The FTP Access section identifies security vulnerabilities caused by using FTP (file transfer protocol) to transfer files between a client and server on a network.
The System Security section examines key system values that control security settings on your system.
The User Security section reviews how many user profiles haven't been used for at least 30 days and how many have default passwords, as well as reviewing basic password settings.
The System Auditing section checks if you are using the IBM i event auditing capabilities and the types of events being audited.
The Recommendations section provides suggestions for remediation based on the security checks performed on your system.
Why Should I Run a Security Scan?
The Security Scan examines your system’s vulnerabilities, and suggests steps you can take to protect your critical data.
A Security Scan is:
- Quick—The Scan runs in just 10 minutes
- Confidential—Only you see the results
- Thorough—A Security Advisor helps you understand the current state of your IBM i security
- Clear—You'll understand where your system is secure and the areas that need work
You’ll find out where your IBM i security currently stands, whether your system is at risk, and how to improve data protection.
View our FAQs >
The Security Scan is a valuable tool for identifying areas of concern. It provided me with the right information to present to management so I can get the resources that I need to fix the issues.
The free Security Scan from Fortra was far more valuable than anything we've done to this point. Their report summary was also the most well put together analysis we've had in some time.
Is Security Scan Safe?
Before requesting a Security Scan, you might wonder if the scan is safe—or if the Security Scan itself poses a risk to your data. The process is completely secure, and Fortra has performed thousands of scans for organizations around the world. To put your mind at ease, here are some more details about a Security Scan entails.
Security Scan leverages a proprietary, PC-based tool that was written by Fortra specifically for the purpose of this scan. We never request access to any network or server throughout this process and no application data is ever accessed. The program does not make any changes to any servers—except for the program’s installation and subsequent removal.
The Security Scan program runs in just one or two minutes, and it can be run on a production partition without any impact or interruption to business processes.
As a cybersecurity company, Fortra takes the safety and security of your systems very seriously. If you have any questions about how the Security Scan program works, contact us and we can provide more details.
What Do I Get after Running a Security Scan?
Results of your IBM i Security Scan are compiled immediately and presented for review in an easy-to-understand, browser-based, interactive reporting application. A Fortra Security Adviser can help you interpret the results, and you can save or print the findings for your records.
Security Scan does not leave files on your IBM i. The Security Scan application installs a licensed program to collect security data, but the files are removed upon completion of the analysis or you can remove the program manually using the DLTLICPGM command. You also have seven days after your Security Scan to make configuration changes and rerun the Scan to test your changes.