Home » Products » Surveyor/400 » Features » Security


Surveyor/400 provides role-based access and extensive security controls

A User must specify a valid IBM i (iSeries) User ID and password within Surveyor/400 to connect to an IBM i system. Surveyor/400 will honor any existing OS/400 user authorities specified for the objects and libraries on the system. In other words, if a User is not authorized to an object on the system, then they will not be able to access this object through Surveyor/400.

In addition to normal OS/400 User security and object authorities, Surveyor/400 provides an additional layer of security called “User Access”. This User Access feature allows designated Surveyor/400 administrators to control which Surveyor/400 features and IBM i libraries each User has access to.

Each IBM i machine (or LPAR) is configured with its own User Access settings. For instance, a Surveyor/400 User could be granted User Access rights to modify database records on a Development IBM i, but can be restricted from modifying database records on a Production iSeries.

A Surveyor/400 User can either be configured with its own authority or the user can adopt its authority from a User Group.

The Surveyor/400 User Access feature can be accessed by right-clicking an IBM i system within the Visual Tree, then selecting the ‘User Access’ option.

Demonstrates the security settings for a particular user group

General security:

  • Designate Surveyor/400 administrator(s) who can grant/deny features for other users
  • Restrict access to Surveyor/400 product
  • Set the library list for a user id - user is then restricted to those libraries if checkmark is removed from the Modify Library option
  • Restrict access to running commands

File Editor security:

  • Restrict access to the File Editor feature
  • Restrict File Editor usage to "view only"
  • Restrict mass delete
  • Restrict mass updates
  • Indicate if the user can utilize File Editor Layouts which have public authority.

File Editor Audit:

  • An audit trail can be created by Surveyor/400 to log any records which a user adds, changes or deletes through the File Editor.
  • Choose an Output Queue or Database file for the audit.

IFS (Integrated File System) security:

  • Restrict IFS access to Read access
  • Restrict IFS access to Write access

SQL security:

  • Restrict access to SQL Queries
  • Restrict access to SQL Updates/Deletes/Inserts
  • Restrict access to SQL Procedure Calls
  • Restrict access to SQL Database Maintenance
  • Log SQL activity.

Data Transfer security:

  • Restrict access to Exporting
  • Restrict access to Importing
  • Restrict access to FTP
  • Log transfer activity.

TN5250 security:

  • Restrict access to TN5250

Spooled Files security:

  • Restrict access to all spooled files
  • No access to all spooled files
  • Restrict access to user's spooled files
  • Restrict access to management activities, such as holding, releasing, deleting, and moving spooled files.
  • Restrict access to exporting spooled files.

Data Areas:

  • Restrict access to editing data areas