End of IBM Power6/7 support. Shall we migrate?

If you have AIX, IBM i, or Linux systems running on IBM Power Systems, this article may be of interest to you. IBM has finalized hardware support on POWER6 machines (released in 2007) at the end of the first quarter of 2019, after more than 12 years. The same will happen with POWER7 at the end of the third quarter of 2019. Details about the servers affected by the service outage are in the following announcement.

How does it affect me?

Many customers have Power 6 and Power 7 systems running. All of them in general, in perfect condition because it is well known in any data center that a Power system is so well designed and built that some replacement of discs or power supplies by means, it is not uncommon that they reach 10 or 15 years of life. Over the years, it’s not uncommon to find customers who discover after several years that part of their infrastructure was running on a Power server they didn’t even know existed :)

Going back to these cases, it is important to plan a transition to the new POWER8 and POWER9 systems in order not only to have a support from the manufacturer but also to save a lot of money. It’s not complicated to migrate to 10 Power6 systems to an environment with 2 Power9 in DR, thanks to PowerVM virtualization and the proper use of LPARs. This applies to systems with IBM i, AIX, and Linux.

Other challenges to face in these months are the upgrade of the VIO servers, operating system, HMC and firmware of the servers, in many cases as a step prior to the migration to modern systems.

What options do I have?

At Sixe Ingeniería we know that many companies are not sure what steps to take to ensure a smooth transition and that, fundamentally, does not involve significant risks or interruptions of service. Costs are also a fairly widespread concern. That’s why we’ve developed several options for customers affected by these end-of-life deadlines. We offer infrastructure services and solutions focused on IBM i, AIX, and Linux. We have a fairly comprehensive portfolio of solutions and services to help you through the process including designing the new architecture, acquiring the HW, eliminating or consolidating unnecessary licenses, installing hardware and systems configuration, migration of environments, performance tuning and post-project support.

We continue to recommend keeping critical environments on Power, using the operating system that best suits the workloads you run. No other hardware provides you with half half the years of continued support and can not offer 99.96 availability.

Contact us for more information

Certified QRadar Analyst SIEM 7.3.2 C0003502 training

Which IBM QRadar SIEM certification shall I choose?

QRadar SIEM is a comprehensive network security management platform that provides policy compliance support and context by combining knowledge of network flows, correlation of security events, and assessment of vulnerabilities in connected systems. In QRadar there are three certifications oriented to different roles within the product and that have been updated in July 2019.

IBM Certified Associate Administrator IBM QRadar SIEM V7.3.2

Scan “IBM Security QRadar SIEM V7.3.2 Fundamental Administration”. Test C1000-026

This is an entry-level certification for system administrators responsible for maintaining QRadar platforms. The ability to provide basic support as well as ibm Security QRadar SIEM V7.3.2 technical knowledge is evaluated. This includes the implementation and management of the solution set. Administrators should also be familiar with the capabilities of the product. The ability to plan, install, configure, deploy, migrate, update, monitor, and resolve simple issues is measured.

IBM Certified Associate Analyst IBM QRadar SIEM V7.3.2

Upgrade IBM QRadar SIEM V7.3.2 Fundamental Analysis. Test C1000-018

This entry-level certification is intended for security analysts who want to validate their knowledge in IBM Security QRadar SIEM V7.3.2. Analysts will need to master the basics of networking, security and SIEM and QRadar. The ability to use the product correctly (already installed and configured) is evaluated, including the use of the graphical environment for rule management, security incidents, reporting, and correlations of events and network flows.

IBM Certified Deployment Professional – IBM QRadar SIEM V7.3.2

Test IBM QRadar SIEM V7.3.2 Deployment. Test C1000-018

This is without a doubt the most complex certification of the three. Primarily aimed at security architects, technical pre-sales and staff who perform QRadar professional services for the various IBM Business Partners. These individuals will be responsible for planning, installing, configuring, optimizing performance, tuning, troubleshooting, and managing IBM QRadar SIEM in version 7.3.2. The ability to complete any task with little or no help with documentation, colleagues or support from the manufacturer is evaluated.

Which one to choose?

Our recommendation is to start with the administrator or analyst exam, depending on your role. We have several courses, seminars and intensive workshops that will help you prepare them. If you do not know anything about the product, we recommend you perform the official training of analyst and administrator that we also teach.

IMPORTANT Until September if you use the HUCSECURE code you will get a 50 discount when you register for the exam.

 

Critical Vulnerability in Siemens STEP 7 TIA Portal

What happened?

A critical vulnerability has been found in Siemens STEP 7 TIAPortal, one of the most widely used design and automation programs for industrial control systems (ICS) worldwide. Users are urged to confirm that their systems have been upgraded to the latest version.

The critical vulnerability has been discovered by Tenable Research and would allow an attacker to take administrative action.

What’s the attack vector?

Jumping the authentication mechanism on the TIA Manager server through the node.js server web sockets

What is the impact on the business?

An attacker could compromise a TIA Portal system and use its access to add malicious code to adjacent industrial control systems. Attackers could also use the access gained through exploiting this vulnerability to steal sensitive data in existing OT configurations to continue progressing and plan attacks targeting critical infrastructure.

In the worst case, a vulnerable TIA Portal system can be used as a springboard in an attack that causes catastrophic damage to the OT team, disrupts critical operations, or conducts cyber espionage campaigns.

What’s the solution?

Siemens has released an update and security notice for this vulnerability.

Should I be worried?

Modern industrial operations often encompass complex IT and OT infrastructures, with new security challenges for critical environments, while making cybersecurity threats even more difficult to detect, investigate, and remedy.

Solutions?

OT/ICS/SCADA monitoring and management services have become easier thanks to our solution based on a QRadar SIEM and Indegy ICS.