Measure and verify effectiveness of mainframe security
IBM® Security zSecure™ Audit is a mainframe solution that measures and verifies the effectiveness of mainframe security policies for IBM Resource Access Control Facility (RACF®), CA-ACF2 and CA Top Secret Security. It generates reports to quickly locate problems associated with a particular resource—such as an unprotected data set—to provide vulnerability analysis of your mainframe infrastructure. It also provides a compliance framework for testing against industry regulations. As a result, you can reduce errors and improve overall quality of service.
IBM Security zSecure Audit:
- Gathers and analyzes critical information by analyzing the active IBM z/OS® system security information.
- Delivers customized reports when specific events occur or when there is a security breach.
- Provides answers quickly and creates an audit trail by analyzing RACF profiles, CA-ACF2 entries and IBM Systems Management Facility (SMF) log files.
- Helps minimize security risks by identifying changes in the individual members of partitioned data sets.
- Tracks and monitors baseline changes for RACF and ACF2 and detects integrity breaches.
Gathers and analyzes critical information
- Helps you quickly identify: RACF profiles, ACF2 logon IDs and rules, Top Secret Accessor IDs (ACIDs), questionable definitions and more.
- Provides displays to view definitions, tables, exits and other vital z/OS information to identify problems and potential problems. This includes z/OS Unix System Services information.
- Ranks problems by audit priority using a number to indicate the relative impact of a problem.
- Collects, formats and sends SMF audit information to SIEMs including IBM QRadar® SIEM to be included in enterprise-wide dashboard reporting.
- Passes access control list analysis data for all System Authorization Facility (SAF)-protected IBM DB2® object types to IBM Security Guardium® for more comprehensive reporting.
Delivers customized reports
- Detects and reports security events and exposures for z/OS, IBM MQ for z/OS, IBM DB2, IBM CICS®, IBM IMS™, UNIX, Linux on IBM System z®, RACF, CA-ACF2, and CA Top Secret Security.
- Offers automated and enhanced reporting capabilities for Payment Card Industry Data Security Standard (PCI DSS), Security Technical Implementation Guide (STIG), GSD331, Sarbanes-Oxley (SOX) and other standards and best practices.
- Generates reports in XML format and you can view data with Microsoft Internet Explorer or Microsoft Excel. Offers the CARLa Auditing and Reporting Language (CARLa) for quick and easy custom reporting needs.
- Produces reports centrally for automatic distribution to decentralized groups.
- Filters information from external files and presents it alongside data from z/OS, RACF, CA-ACF2 and Top Secret Security to make reports more useful.
Provides answers quickly and creates an audit trail
- Answers questions such as: “Who has access to this data set?” and “Who are the system special users who have not changed their password?”
- Generates reports interactively from the IBM Interactive System Productivity Facility (ISPF) interface or runs them automatically in batch.
- Simplifies user administration and improves compliance with support for CA-ACF2 role-based security.
- Produces overview and detail reports about system and user activity by analyzing live SMF or extracted SMF data.
- Enables an active system to be viewed interactively nearly immediately after an event has taken place.
Helps minimize security risks
- Uses digital signatures for each member of the libraries under scrutiny.
- Indicates whether a member was added, deleted or changed.
- Enables you to identify identical members in the same or different libraries.
- Provides a starter set that contains sample daily reports to automatically identify changes and ISPF dialogs to check your system.
- Helps you demonstrate that logs were not tampered with—which is important for both security and compliance initiatives.
Tracks and monitors baseline changes for RACF and ACF2
- Helps you define a baseline for RACF and ACF2 security parameters such as profile and parameter settings and monitor the baseline settings.
- Adds installation and application-specific settings to the baseline such as profiles for application data sets.
- Includes a powerful system integrity analysis feature that can help reveal breaches in system integrity and other irregularities.
- Checks for and enforces program signatures to support the Payment Card Industry Data Security Standard (PCI DSS).
- Integrates with IBM Security zSecure Admin and IBM QRadar SIEM.
IBM Security zSecure Audit resources