Important Updates to Cybersecurity Software
HelpSystems is updating the names of our cybersecurity software, including the Powertech product line. Don’t worry—the functionality of your products won’t change.
See the new names here > New, Clearer Names for HelpSystems Security Software.
Some of the most powerful functions available in our Powertech products require the use of the PTWRKMGT subsystem, which, if invoked unintentionally, will unexpectedly end a restricted state. Use the following suggestions to prevent PTWRKMGT from starting unintentionally.
Certain command and action combinations can be set up in Command Security that will end a restricted state. If you monitor commands in Command Security that are used on the console, or written into your own programs, or 3rd party software, note that the actions taken when these commands are used could bring your system out of a restricted state.
Some actions are designed to be deferred in order to avoid any delay in the interactive session—we offload them to a secondary job. These actions include *COMMAND, *EMAIL, *MSG and *QUEUEMSG. If the PWRWRKMGT subsystem is down and these actions are requested, the PTWRKMGT subsystem will start, ending your restricted state.
You are welcome to monitor and report on various commands while in a restricted state, but, in order to assure the restricted state is maintained, we suggest limiting actions as follows:
*CMDINLINE(QSYS/SNDMSG MSG(‘SAVLIB command used’) TOUSR(THERESA))
If a switch pair is set up as a timed switch, Authority Broker uses a timer job in the PTWRKMGT subsystem to track the duration of the switch.
If a switch pair is set up to capture screens, when the swap is released, Authority Broker starts the PTWRKMGT subsystem and runs a job to create the screen capture document and starts up TCP servers and subsystems to send the email.
You can avoid having your restricted state ended by taking this precaution:
When setting up a switch pair that will be used while in a restricted state, do not time the swap (use *NOMAX instead) and do not request screen captures to be generated and emailed. (Though a screen capture PDF will not be created, you can still access history and see the commands used while in a restricted state from the Authority Broker Event Report, and by working with Profile Switches.)
In Exit Point Manager, choosing menu option 10 to ‘Work with Captured Transactions’ will start up the PTWRKMGT subsystem if it is not active, in order to run the SUMCAPTRAN job. This ends your restricted state. To avoid this:
Do not choose option 10 ‘Work with Captured Transactions’ while in a restricted state. There is no reason to use this menu option while in a restricted state.
In version 6.5 of Exit Point Manager, we introduced a web browser interface. Part of the new interface includes a Dashboard, which shows counts of transactions coming through your monitored exit points. Some customers run a ‘semi-restricted’ environment for backups, where some communication traffic (TCP/IP for example) may still be allowed. If a transaction comes through a monitored exit point, Exit Point Manager will start the PTNSGMSTR job, which will start up the PTWRKMGT subsystem and bring you out of the ‘semi-restricted’ state.
You can avoid the potential for Exit Point Manager ending your semi-restricted state by:
ADDENVVAR ENVVAR(POWERTECH_NETWORKSECURITY_GM) VALUE(0) LEVEL(*SYS)
To reinstate the dashboard feature, run the command to remove the environment variable:
RMVENVVAR ENVVAR(POWERTECH_NETWORKSECURITY_GM) LEVEL(*SYS)
Still have questions? We can help. Submit a case to Technical Support.