The HelpSystems Security Scan is the place to start when you want to secure your IBM i (System i®, iSeries®, AS/400®).
HelpSystems, leader in security solutions, offers a security scan to check your IBM i. The free Scan provides a snapshot of your current system security in just 10 minutes. It runs directly from a network-attached PC, without modifying any system settings. The Security Scan audits common security metrics and displays the results in an easy-to-read, browser-based application. A HelpSystems Security Advisor helps you interpret the results, and you can print the findings for your records.
You could see in this example all the features available for you.
For more details please have a look at the link.
This is the summary report generated by the scan:
The Scan runs on seven differents areas:
1) Admin Privileges:
Administrative Privileges are called Special Authorities. These rights are very powerful and should be for trusted and knowledgeable IT professionals only. Users with these special authorities should have their activities audited.
2) Public Authority:
IBM i is shipped with a default set of permissions assigned to the general user population (*PUBLIC). *PUBLIC access to libraries is a measurement that indicates how accessible the system is to the average end user. As defined by the operating system, *PUBLIC represents any user that can log in and that has no explicit authority.
3) Network Access:
Security of user access across the network is at risk on this system. The IBM i is shipped with a variety of network services that are factory configured and ready to communicate with other computers. All IBM i servers should have exit programs on IBM network servers to monitor and control network access.
4) FTP Access:
FTP is an industry-standard client/server protocol widely used for performing file transfers between two devices. IBM i has the ability to act as client and/or server. While convenient and fast, FTP enables a user to access objects (including data files) for which they have object-level permission or, if a profile has *ALLOBJ special authority, any object on the server. FTP represents a significant risk to any server that has no security configured, or that relies on legacy restrictions such as menus and limited capabilities.
5) System Security:
The operating system provides a number of methods of securing itself and the workstations connected to it. In this section we examine the system values that protect your operating system and your workstations.
6) User Security:
User and password security are critical because they are the easiest way to compromise a system. On this system the security controls for users and passwords have been scanned with the listed results.
7) System Auditing:
A major feature of the operating system is its ability to log important, security-related events in a secure audit journal.