Unisys Locum SecureAudit

Product Description

Unisys Locum SecureAudit produces consolidated reports for MCP systems, thus providing a security reporting solution for your enterprise. Security reporting is essential to many jobs and departments, such as security administration and external auditing. Authorized users can use SecureAudit to produce specific reports.

Security reports inform you of any activity or condition that might pose a security threat. SecureAudit allows you to perform quantitative analysis of security events on the MCP host.

SecureAudit accesses the SUMLOG file, which is used by the MCP to log system activity, and produces a comprehensive set of security reports that are

  • Relevant: Each report targets a specific security issue.

  • Nontechnical: Technical jargon is avoided.

  • Readable: Layouts are clear and easy to use.

  • Concise: Extraneous information is omitted.

General Features

  • Several reporting modes

    • Batch mode

      This mode enables you to create standard reports.

    • Interactive mode

      This mode provides a menu-driven interface that enables you to generate reports from any CANDE or Transaction Server workstation using terminal emulation. You can direct reports to the workstation in paged format, to a disk file for report archiving, or to a print file. In the latter case, SecureAudit controls the routing of printed output. You can also route reports directly to a PDF file or Windows PC disk.

    • Client mode

      This mode enables you to create and view reports from a Windows interface. You can also store reports within a local database on your PC, and you can create graphical analysis of the reports.

  • Multiple SUMLOG reporting

    You can create reports that cover a specified time range without complicated SUMLOG consolidation. SecureAudit identifies the required SUMLOG files to be analyzed.

  • Reports

    Most reports can be filtered, enabling you to view exactly what you need. The following standard reports are available in all modes:

    System Security Violations

    Logon Violations

    MCS Initializations

    File Accesses

    Program Executions

    System Commands

    Unsuccessful Password Changes

    Session Information

    Window Accesses

    COMS CFILE Events

    File Status Events

    Userdata Changes

    Installation Records

    User Validations

    Unauthorized File Accesses

    Role Based Access Control

    Guardfile Activity

    Password Changes

    Privileged Actions

    Run-time Usercode Changes

    DMSII Database Events

    DMSII File Activity

    In addition, the client mode provides the following reports:

    • Statistics

    • Graphical, which offer advanced statistical reporting

  • Correlation Reports

    SecureAudit provides correlation capabilities that enable the security administrator to perform forensic analysis on the system SUMLOG to investigate security events.

Ordering Information

Two versions of Unisys Locum SecureAudit are available.

Summary version

You can use the summary version to view a summary of the security configuration on a Unisys ClearPath MCP server.

The summary version of Unisys Locum SecureAudit is included with the operating environment.

Full version

Provides the following functionality:

  • Detailed data, which can be saved to a local database

  • Graphical reports

  • Correlation reports

You can order the full version of Unisys Locum SecureAudit using style CSP10nn-ULE/UL2/ULB where nn represents performance groups 10 through 160 (in increments of 10).

Product Information

Refer to the following documents for more information:

  • Getting Started with Secure Audit Guide

  • SecureAudit Online Help

  • Security Center Help (4310 9263)