IBM Security zSecure Compliance and Auditing
IBM Security zSecure Compliance and Auditing helps security personnel using IBM Resource Access Control Facility (RACF®), CA- ACF2 and CA Top Secret Security efficiently measure and verify the effectiveness of their mainframe security settings and security policies. Automated event analysis, alerts and reports help to quickly locate problems with attributes around a particular resource, security settings, configuration changes and potential security threats.
Capabilities include helping to:
- Identify security weaknesses to detect potential costly breaches.
- Automate and customize audit and compliance reporting.
- Track and monitor baseline and library changes.
- Analyze activity to detect, prioritize, and remediate security risks.
- Monitor privileged users to detect compliance violations and insider abuse.
- Integration and consolidation of broad range of security relevant events and SIEMs.
- Proactively enforce security policy compliance on RACF commands.
- Prevent noncompliant RACF commands from being run to reduce errors and violations.
- Reduce RACF database cleanup time and audit concerns.
- Raise real-time security alerts to help reduce potential outages.
Benefits include helping to:
- Replace manual audits with automated analysis, reporting and detection of exposures.
- Eliminate multiple tools with a single solution to audit RACF, CA ACF2 and CA TSS.
- Prioritize remediation and protection efforts based on analysis of event severity.
- Improve results with comprehensive audit based on a built-in knowledge base.
- Use data analytics to aid the detection of concealed and complex risks.
- Provide predefined alerts to alert common conditions.
- Create custom alerts that can match your business model/business requirements.
- Provide immediate and integrated remediation for intrusion attempts.
- Block noncompliant (i.e., prohibited or high risk) RACF commands.
- Correct improperly specified RACF commands as they are being issued.
- Provide separation of duties to limit administrative capabilities task based on job roles.
Considering a purchase?
Hosting virtual workloads and clouds on System z can address security concerns and provide enhanced availability, performance and cost effectiveness.
Download the white paper
Get integrated threat analysis, real-time alerts, audit consolidation and compliance reporting across the enterprise.
Download the white paper
Secure the Enterprise with Confidence
Why firms looking for a secure data and application platform should consider the Mainframe
Read the Forrester Paper
- IBM Security zSecure Audit
Enables you to detect and report security events and exposures on z/OS, DB2, CICS, IMS, UNIX, and Linux on System z on systems with RACF, CA ACF2, or Top Secret.
- IBM Security zSecure Alert
Helps you streamline incident management and audit efforts and reduce security housekeeping on the mainframe to enhance system availability and supplement access controls.
- IBM Security zSecure Command Verifier
Helps reduce the risk of security breaches and failed audits caused by internal errors and noncompliant commands.