We are planning on adopting Web access with the upgrade to V5R2. What's the best way to do a security audit before implementation?
First of all, ensure your QSECURITY level is set to a minimum of 40. Then review all the user accounts for dormant accounts and default passwords. Next, make sure that all ports and services on the system that are not currently being actively used are disabled (the command NETSTAT *CNN can help here).
Review all critical data on the system and make sure that permission to that data is also tightly controlled. Finally, ensure that general access to all actively used network services are tightly monitored and controlled. I would be remiss if I didn't point out that there are many fine software tools that will make these operations much easier and more secure.
MORE INFORMATION ON THIS TOPIC
The Best Web Links: tips, tutorials and more.
Search400's targeted search engine: Get relevant information on security.
Ask your systems management questions--or help out your peers by answering them--in our live discussion forums.
Check out this Search400.com Featured Topic: Top ten security tips
Dig Deeper on iSeries system and application security
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.