IBM Security zSecure Audit for ACF2

Central management of security devices, policies and events to help evaluate and communicate your overall risk posture.

IBM Proventia® Management SiteProtector™ System provides central management of security devices to control policies, events, analysis and reporting for your business.

IBM Proventia® Management SiteProtector™ system offers a simpler, cost-effective way to manage security solutions and ease regulatory compliance by providing a central management point to control security policy, analysis, alerting and reporting for your business.

• Reduces the cost and complexity of security management through central control of diverse network and host security devices
• Enhances risk communication through event analytics and flexible, customizable reporting
• Leverages existing investments by integrating with current systems
• Provides flexibility to expand to support additional types and functions of security offerings
• Create reports easily using pre-defined templates
• Demonstrate Vulnerability Differentials by contrasting asset vulnerabilities for two distinct periods of time
• Perform basic customization with built-in filtering and sorting options
• Set permissions to allow users to generate and view reports for specified groups only
• Export to PDF, HTML and CSV formats
• Schedule reports to run daily, weekly, monthly or during off-peak hours
• View reports covering ticket reports for workflow, content and e-mail filtering reports, and Virus activity reports
• Escalate important events by generating additional responses outside the console (such as email or SMTP), or can de-emphasize less important events by reducing alert priority or by selectively preventing an event from being displayed or logged.
• Transfer SiteProtector centralized management system functionality to a secondary site in the event of catastrophic failure, network outage or disaster affecting your primary site

Erfahren Sie mehr

• Weitere Produktinformationen (US)

IBM Security zSecure Audit for ACF2

Mehr Weniger

Features, advantages and benefits

Features	Advantages	Benefits
Analysis of critical information	Security zSecure Audit analyzes the ACF2 database, z/OS settings and z/OS subsystem parameters much quicker than a human can do.	After auditing and analyzing the z/OS operating system, Security zSecure Audit prioritizes and highlights security concerns. A ranking of audit priorities indicates the relative impact of a problem.
Analysis beyond z/OS and ACF2	Security zSecure Audit provides extensive audit and analysis capabilities beyond z/OS systems, including the ability to audit UNIX® security definitions on the mainframe, IBM DB2® audit security events, CICS security events, Linux on System z events, audit security events from IBM Security Key Lifecycle Manager, WebSphere Application Server, OMEGAMON, Communications Server network configuration for TCP/IP, and PDS(E) member level auditing.	The software automatically finds problems in the security definitions in the UNIX subsystem. You can view critical activity, like privileged DBA activities, in DB2 systems on the mainframe.
Support new Role Based Security	Supports new role based security where access is based on user and roles rather than a UID string.	Simplifies user administration with role based controls and improves compliance.
Customized reports to meet specific needs	Security zSecure Audit can deliver optional e-mailed reports on a daily basis when specific events occur or when there is a possible security breach.
Flexible report and alert language	Security zSecure Audit uses CARLa Auditing and Reporting Language (CARLa), an extremely flexible, easy-to-learn language, so you can create new reports without incurring consulting costs.	You can modify both the displays and reports to build installation-specific system, ACF2, and System Management Facility (SMF) reports.
DBCS support for audit reports	Support for DBCS characters in search strings and formatted output.	Audit concern reporting available in both English and DBCS.
NLS support for translating report titles, column headers, constants, and selection and scan values	Built-in support for translating reports and menus for NLS support.	User interface can be translated into other languages.
Analyze SMF log files to create a comprehensive audit trail	Security zSecure Audit analyzes SMF from the live SMF data sets or from extracted SMF data on tape or disk. The SMF analysis component supports more than 50 standard z/OS SMF record types and includes specific auditing functions for ACF2, CICS, DB2, OMEGAMON, UNIX, Linux on System z, WebSphere Application Server, IBM Security Key Lifecycle Manager and the IBM Communications Server.	By using live data sets, you can interactively view information from the active system interactively after an event has taken place. You can produce overview and detail reports about system and user activity from the SMF log files.
Leverage external file support to make reports highly usable	Security zSecure Audit Supports external files of existing data. Filters external supplementary information from existing databases and corporate applications (such as unit, department and personnel data. Automatically generates reports that present this data beside the technical data from z/OS, and ACF2,	For example, if a policy exception, such as logging in after work hours, occurs, the software gathers the information about the user (name, matching user ID, department, e-mail address, and telephone details) from the personnel database.
Analyze ACF2 rules to get fast answers	Security zSecure Audit uses the backup or unloaded ACF2 database to analyze the defined logonids, data set rules, and infosource rules and records.	You can obtain fast answers to questions such as "Who has access to this data set?" and "List all MAINT logonids that have not changed their passwords."
Detect system changes to minimize security risks	Security zSecure Audit can identify Changes in the individual members of partitioned data sets, by using digital signatures for each member of the libraries under scrutiny. Identical members in the same or different libraries. Identically named members with different contents. Load module members touched by PTFs and zaps.	Security zSecure Audit indicates whether a member was added, deleted or changed. For load modules, Security zSecure Audit also identifies program temporary fixes (PTFs) and zaps applied to modules and reports the differences between two or more PTFs.
Track and monitor baseline changes	Security zSecure Audit can help you define a baseline for ACF2 security parameters. It can also find rules and parameters that differ from the baseline. You can use changes in the indicators to update the baseline or tag them for follow-up.	You can simplify the implementation of security auditing by quickly establishing a baseline and measuring changes.
Detect integrity breaches	Security zSecure Audit includes a powerful system integrity analysis feature. Reports identify exposures and potential threats based on intelligent analysis built into the system.	Reports can reveal breaches in system integrity and other irregularities. These reports rank the severity of the exposure to help you determine what corrective action is needed.
Seamless links to enterprise audit and compliance	Security zSecure Audit can automatically send security information from the mainframe into Tivoli Security Information and Event Manager or QRadar SIEM.	You can easily include mainframe security information in company-wide audit and compliance reports.