Next Generation Release News of iSecurity. April 2026

Next Generation Release News of iSecurity. April 2026

  • Changes in virtually all iSecurity products
  • More inter product synergy
  • Available with subscription

 

iSecurity Suite (*BASE)

  • License file is intended to support organization with multiple licenses. Licenses for multiple products on the same LPAR or on different LPARs are shipped together in a single file. The supporting programs (see – base support (89), 22, Import Authorization), have been improved, to provide:
    • Automatic loading of all licenses relevant for the LPAR the command is run in.
    • Loading of a single product license
  • Check Authorization (CHKISA) command alerts about products which its license is about to expire. It was changed to skip products that are installed but are not licensed.
  • Live Partition Mobility (LPM) enables transferring the entire workload of an active LPAR, be moved to another System or LPAR, without interrupting the work being done. We have formalized the Automatic setting of licenses, so that when the transfer occurs, the operating system causes the license changes automatically. The enhancement includes the Work with LPM (WRKISLPM) command, which enables Add/Remove/Check of automatic changing of licenses when LPM becomes active.
  • Watchdog is a set of programs which works independently (out of standard iSecurity subsystem). The Watchdog ensures that important parts of the product are active and working. This includes the subsystems as well as specific components of each product. If a product or feature is found inactive during a certain period an alert is raised. Alert sends messages, emails, or call a user written program, once per few minutes.
  • Work with Collected Data, part of the base support (89) menu, now shows also sizes of journal receivers and data ready for backup.

 

SIEM

  • It is possible to set for each SIEM whether it uses RFC5424 or RFC3164.
  • The default Severity of each type/sub-type has been modified to a more persistent one. The change will not affect existing installation unless requested,

 

Audit

  • Work with Queries (STRAUD, 41) now offers improved options to display system information and various system values, limits and status.
  • The Report generator support for i system limits trending detection (type A#), has been enhanced. With this support it is possible to report more than a hundred trends, where for each those who are the largest per category per day are included. g. Data files with the largest size, Libraries with highest number of objects.
  • Other information types were improved. Note that the Report Generator is also capable of sending alerts, so some of the following examples include this:
  • #A System limits trending. Use case: Alert for nearing to reach maximum number of members
  • #C Group PTF info – Installed vs. Available. Use case: Track which Group PTFs are installed and which are available
  • #D Certificates info. Use case: Alert when certificates end date is nearing
  • #E License info. Use case: Print licensed installed IBM i products and expiration date
  • #G Group PTF info. Use case: Display which PTF groups are not installed
  • #H PTF info. Use case: Query which PTF are applied, loaded or not loaded
  • #K NetStat info. Use case: Periodically print or Out-File NetStat connections, address, port names, connection type etc.
  • #L NetStat interface info. Use case: Display network addresses, connection type, subnet mask etc.
  • #M NetStat routing info. Use case: Display route destination, connection type, subnet mask etc.
  • #N AU NetStat job info. Use case: Display remote address by job, port name etc.
  • #Q TCP/IP info. Use case: Display local host name, TCP/IP name, TCP/IP address type etc.
  • #R Current server info. Use case: Display the current server including server name, OS details and number of CPUs.
  • #S List of Server-Shares info. Use case: Display share names, their path names and the permission required.
  • #U System status. Use case: Display current number of jobs in system, maximum jobs allowed etc.
  • #V System memory pool info. Use case: Display the pool names in the system, their size, number of threads etc.
  • #W AU Active jobs. Use case: Display the current active jobs in system, their subsystem user profile etc.
  • #X AU Disk status. Use case: Display the disk types in the system, their model, used vs. available storage space, etc.
  • #Y Output queue info (summary). Use case: Display output queues, status, number of files in, attached printer and more.
  • Information Sources (STRAUD, 41, 2) now fully support the special internal Audit types:
    • A$ represents all audit types related to audit objects. It displays all the operations that occurred to objects (delete, create etc.)
    • A# represents all audit types.
    • C@ the changes that occurred in user profile.
  • Large sequence number of a journal entry are fully supported.
  • During daily maintenance journal receivers’ will be kept as long they have not been backed up.
  • On new installations, unneeded job scheduling will not be added.
  • Many commands which require elements that are user defined support F4=Prompt showing the list of the actual values (instead of Just ‘Name’).
  • In product object authority has been tightened.
  • More system information items such as QAUDJRN field descriptions, or subjects of limit types, now appear in local language.
  • SECURITY*P are user profiles which own the product objects, and provide authority for its use. They were modified to use as minimum as possible special authorities. The new setting is used for new installations, but can also be set by an option in the base support (89) menu.

 

AP-Journal

  • The Work with Collected Data, part of the base support (89) menu, now shows sizes of each AP-Journal application.
  • AP-Journal container will not be replaced if it has no data.
  • AP-Journal mechanism of creating a library to contain all data to be saved, was changed to so that it will not be created if there is no data for it.

 

Firewall

  • Firewall has been modified to accept Mapepire actual IP. Mapepire, is a cloud-friendly database access layer the is now used in IBM i.
  • Delete Firewall Statistics (DLTFWSTT) command is added to the daily maintenance t control the amount of data kept for Business Intelligence. The amount of data to be kept is specified in Configuration (81).
  • SQL Declare and Values statements no longer appear in the log, as they have no security aspect.

 

COMMAND

  • The COMMAND product allows running a command, subject to check of filters for command parameters (including parts of qualified or multi element parameters), current user, time, IP etc.
  • The possibility to request that to run command, have to identify himself by MFA is now added. This in addition to authority by pin code, or a warning window.
  • Note that COMMAND can reject commands and this will appear as an *ESCAPE message for the original command in the job log.

 

CAPTURE

  • Access to a captured session is now possible by the job number with or without job name or job user.

 

Antivirus

  • Each SCANAV log contains the IBM i command with its parameters that was used to run it. Good for auditors and for Auditing.
  • In any case that a scan has ended abnormally, it will include also the last file it was scanning. You know where you stopped!
  • A new feature enables you to Re-Scan starting from that same point, with the same parameters.
  • Using the same parameters is important as, SCANAV supports also during On-Demand (batch) scan the feature ONLYNEW(*YES) which stretches this phenomenal capability that IBM provide for ON-Access scan to the ON-Demand.
  • Many other enhancements.

 

Anti-Ransomware

  • Async work enables users with zero delays in response time and provide more comprehensive checks.

 

Authority On Demand

  • Use of Get Authority On Demand (GETAOD) Command, can be secured by MFA-OTP/TOTP.

 

MFA – Multi Factor Authentication

  • MFA for any third-party Web application and third-party Desktop applications was added.
  • MFA for iSecurity GUI added.
  • MFA now supports Microsoft Entra ID in addition to OKTA, DUO, PingID, Google etc.
  • Support of release 7.6 new MFA exit point. Customers in release 7.6 can choose to make use of the alternative more convenient exit point IBM provides or remain with their traditional setting.
  • Possibility to set the TOTP defining per the organization requirement re TOTP secret key and Emergency tokens. Setting is in 81.
  • The GETMFA Command has a new parameter MFA(*CHECK). When used, an *ESCAPE message is sent when the MFA validation fails. This enables adding it before sensitive operations. It does respect the safe time after successful authentication.
  • New programmatic check to see in session is in safe mode added. Done by API -MFCHECKR that retrieves the MFA status of a User+IP. Using it enables WEB and GUI applications to request MFA only when needed. It returns:
    • *NOMFA – No MFA needed
    • *MFAREQ – Mfa required
    • *MFAACTmm -Safe time left in minutes
    • *REJECT – Action rejected
  • Protection of Shares has been improved. It is now using a separate safe time value.
  • Adding, Changing, Deleting of Person and its UsrPrfs can now be done by commands. This enables on board high number of users in an alternative way, that some customers prefer. The commands are:
  • Create a person
  • Add/Rmv a user of a Person
  • MFA Setting for Persons
  • Send Secret Info to Person
  • Delete a person

 

Password Reset

  • While using Password Reset, user´s identity can be verified also by MFA.
Share the Post:

Related Posts