PowerSC

 View Only

IBM PowerSC 2.2.0.2 Release Notification

By Debbie Quick posted Tue May 14, 2024 04:00 PM

  

IBM PowerSC Overview

 

IBM PowerSC is a security and compliance solution optimized for virtualized environments on IBM Power servers running AIX, IBM i or Linux (LoP and Linux on x86). PowerSC sits on top of the IBM Power server stack, integrating security features built at different levels. The two principles that are leveraged are isolation (the idea of building good fences between the layers) and integrity (validating that each layer is secure and can be trusted).

 

The four main pillars of IBM PowerSC are: Compliance and Drift Analysis, Security, Patch Management and Multifactor Authentication.

 

From a compliance perspective, IBM PowerSC offers industry specific profiles such as GDPR, PCI, HIPPA, and NERC. All compliance profiles are customizable and the UI dashboard enables drill down capability in order to view and investigate compliance endpoint status and details about compliance rule failures.

 

The second pillar of PowerSC is Security. Just like the compliance dashboard, the security dashboard provides drill down capabilities. It shows a summary status from event sources and offers the following protection across an enterprise:

  • File Integrity Monitoring
  • Application Control (Allow Listing)
  • Block Listing (Threat Hunting)
  • Anti-malware support (traditional virus scanning)
  • Integration with IBM QRadar
  • Integration with IBM Safeguarded Copy
  • Endpoint Detection & Response (EDR)
    • Intrusion Detection and Prevention
    • Log Inspection and Analysis
    • Anomaly detection, correlation & incident response
    • Response action triggers
    • Event context and filtering

 

Patch Management is a key part in keeping systems secure as it detects VMs that do not satisfy patch management policies or identifies if a security patch is missing.

 

Multifactor Authentication (MFA) is the forth pillar of PowerSC and as the name suggests, it leverages 2 or more things that identify the user. It could be:

  • Something you know, such as a password or PIN code
  • Something you have, such as an ID badge
  • Something you are, such as fingerprint or biometric data

Now let’s jump on in and see what is new for IBM PowerSC 2.2.0.2

This is an image of the home page of IBM PowerSC

 

What’s new in PowerSC 2.2.0.2

 

Compliance

  • The Health Insurance Portability and Accountability Act (HIPPA) on AIX has been updated
  • The Center for Internet Security (CIS)v2 on AIX has been updated

 

Security

  • With integration to ClamAV, IBM i users can run full anti-malware scans and respond automatically to findings.
  • Updated alert structure improves automated response and mitigation.
  • Profile-check scheduling from the UI will provide consistent calendar scheduling for automation of compliance checks - to detect compliance drift on endpoints.
  • The filesystem hierarchy for logs, event, and data moved to /var.
  • Lightweight Directory Access Protocol (LDAP) authorization through PowerSC (without Multifactor Authentication (MFA)) will allow direct integration with LDAP instead of Privileged Access Management (PAM).
  • For IBM i, MFA-managed user passwords will improve the reconfiguration of MFA.

This is an image of the Security Dashboard of IBM PowerSC

 

PowerSC Free Trial Download

 

  • PowerSC 2.2.0.2 90-day free trial
  • Download requires acceptance of click through license agreement
  • Try/Buy license allows seamless transition to production deployment

 

PowerSC Reference Links

 

0 comments
10 views

Permalink