Halcyon Tackles IBM i Security with New Products

November 4, 2014 Alex Woodie

Halcyon Software moved further into the IBM i security business last month with the release of two new products, including Exit Point Manager and Password Reset Manager. The new software will help organizations secure their IBM i environments, while giving Halcyon additional products to sell to its customer base.

Halcyon’s new Exit Point Manager helps protect the exit points that IBM provides to enable applications to access external resources, such as FTP, ODBC, and TCP/IP that didn’t exist (or weren’t in widespread use) when the AS/400 was invented way back at the dawn of time in 1988. However, when a few bad apples started abusing the Internet and hacking into systems during 1990s, it became apparent that these exit points presented a security vulnerability, so a few smart guys (namely John Earl and Dan Riehl, co-founders of PowerTech) started writing exit point programs to prevent unauthorized access.

While exit point programs have been around for a long time, many shops have failed to implement them. Halcyon’s Exit Point Manager is by no means the first to this party. But the poor state of IBM i security at many shops being what it is, Halcyon should have a good supply of customers for years to come.

According to Halcyon, Exit Point Manager is a rules-based system that allows administrators to grant or deny access requests according to several criteria, including by IP address, date, and time, among other things. Setup and configuration is accelerated through the use of pre-built templates, while all activity is logged, and a complete audit trail is preserved, ensuring compliance with regulations.

Halcyon sales and marketing director Carole Chandler says Exit Point Manager follows industry best practices “to protect the business as systems are increasingly required to interface with the outside world and accessed by users from different locations using a variety of mobile devices including laptops, tablets, and smartphones.”

Meanwhile, Halcyon has tackled another thorny aspect of IBM i security with the launch of Password Reset Manager. The software lets users reset their own passwords, eliminating the need to involve the help desk with forgotten passwords. Password resets historically have been the number one task performed by help desks, so automating password resets provides an immediate return on investment.

Only trusted users are given self-service access to Halcyon’s new password reset tool. To become a trusted user, requires enrolling in the system and providing answers to a series of questions, which can be customized to the organization’s needs. To perform a reset, a user answers the questions to confirm his or her identity before a new password is assigned and activated.

The addition of Exit Point Manager and Password Reset Manager gives Halcyon new product areas to tackle. Although it has sold other security-related tools, the UK company is best known as a provider of systems management and monitoring tools that help administrators keep Power Systems servers running smoothly with a minimum of fuss. The company, which is a favorite among managed service providers (MSP), also provides document management, performance optimization, and ERP monitoring capabilities.

Both of the new products will work alone or in conjunction with Halcyon’s other products. Licenses for Password Reset Manager run $500 per LPAR for an unlimited number of users. Pricing was not provided for Exit Point Manager. The company is holding a webinar titled “An Intelligent Approach to IBM i Security” November 13 at 2 p.m. GMT.