IBM PowerSC Overview
IBM PowerSC is a security and compliance solution optimized for virtualized environments on IBM Power servers running AIX, IBM i or Linux (LoP and Linux on x86). PowerSC sits on top of the IBM Power server stack, integrating security features built at different levels. The two principles that are leveraged are isolation (the idea of building good fences between the layers) and integrity (validating that each layer is secure and can be trusted).
The four main pillars of IBM PowerSC are: Compliance and Drift Analysis, Security, Patch Management and Multifactor Authentication.
From a compliance perspective, IBM PowerSC offers industry specific profiles such as GDPR, PCI, HIPPA, and NERC. All compliance profiles are customizable and the UI dashboard enables drill down capability in order to view and investigate compliance endpoint status and details about compliance rule failures.
The second pillar of PowerSC is Security. Just like the compliance dashboard, the security dashboard provides drill down capabilities. It shows a summary status from event sources and offers the following protection across an enterprise:
- File Integrity Monitoring
- Application Control (Allow Listing)
- Block Listing (Threat Hunting)
- Anti-malware support (traditional virus scanning)
- Integration with IBM QRadar
- Integration with IBM Safeguarded Copy
- Endpoint Detection & Response (EDR)
- Intrusion Detection and Prevention
- Log Inspection and Analysis
- Anomaly detection, correlation & incident response
- Response action triggers
- Event context and filtering
Patch Management is a key part in keeping systems secure as it detects VMs that do not satisfy patch management policies or identifies if a security patch is missing.
Multifactor Authentication (MFA) is the forth pillar of PowerSC and as the name suggests, it leverages 2 or more things that identify the user. It could be:
- Something you know, such as a password or PIN code
- Something you have, such as an ID badge
- Something you are, such as fingerprint or biometric data
Now let’s jump on in and see what is new for IBM PowerSC 2.2.0.2
What’s new in PowerSC 2.2.0.2
Compliance
- The Health Insurance Portability and Accountability Act (HIPPA) on AIX has been updated
- The Center for Internet Security (CIS)v2 on AIX has been updated
Security
- With integration to ClamAV, IBM i users can run full anti-malware scans and respond automatically to findings.
- Updated alert structure improves automated response and mitigation.
- Profile-check scheduling from the UI will provide consistent calendar scheduling for automation of compliance checks - to detect compliance drift on endpoints.
- The filesystem hierarchy for logs, event, and data moved to /var.
- Lightweight Directory Access Protocol (LDAP) authorization through PowerSC (without Multifactor Authentication (MFA)) will allow direct integration with LDAP instead of Privileged Access Management (PAM).
- For IBM i, MFA-managed user passwords will improve the reconfiguration of MFA.
PowerSC Free Trial Download
- PowerSC 2.2.0.2 90-day free trial
- Download requires acceptance of click through license agreement
- Try/Buy license allows seamless transition to production deployment
PowerSC Reference Links