System security tools
You can use security tools to manage and monitor the security environment on your system.
The security tools are part of IBM i. They consist of a set of commands and programs that you manage through two main menus:
- The Security Tools (SECTOOLS) menu allows you to run security commands interactively.
- The Submit or Schedule Security Reports to Batch (SECBATCH) menu allows you to run security report commands in batch mode.
You can use these security tools to work with user profiles, control security
auditing, print security reports, and customize your system security. For
example, you can use security user profile tools to help you do the following
actions:
- Find out what user profiles have default passwords.
- Schedule user profiles to be unavailable at certain times of the day or week.
- Schedule a user profile to be removed when the employee leaves.
- Find out which user profiles have special authorities.
- Find out who adopts authority to objects on the system.
You can use the object security tools to track the public and private authorities that are associated with confidential objects. You can set these reports to print at regular intervals to help you focus your security efforts on current issues. You can also run reports to display only the changes since the last time you ran the report.
Other tools provide the ability to monitor:
- Trigger programs
- Security-relevant values in communications entries, subsystem descriptions, output queues, job queues, and job descriptions
- Altered or tampered programs