Business benefits
Features, advantages and benefits
| Features | Advantages | Benefits |
|---|---|---|
| Aanalysis of critical information | Security zSecure Audit analyzes z/OS settings and z/OS subsystem parameters much quicker than a human can do. | After auditing and analyzing the z/OS operating system, Security zSecure Audit prioritizes and highlights security concerns. |
| Live analysis beyond z/OS and Top Secret | Security zSecure Audit provides extensive audit and analysis capabilities beyond z/OS systems, including the ability to audit UNIX® security definitions on the mainframe, IBM DB2® audit security events, CICS and IMS security settings, Linux on System z events, audit security events from IBM Security Key Lifecycle Manager, WebSphere Application Server, OMEGAMON, Communications Server network configuration for TCP/IP, and PDS(E) member level auditing. |
A ranking of audit priorities indicates the relative impact of a problem. The software automatically finds problems in the security definitions in the UNIX subsystem. You can view critical activity, like privileged DBA activities, in DB2 systems on the mainframe. |
| Customized reports to meet specific needs | Security zSecure Audit can deliver optional e-mailed reports on a daily basis when specific events occur or when there is a possible security breach. | |
| Flexible report and alert language | Security zSecure Audit uses CARLa Auditing and Reporting Language (CARLa), an extremely flexible, easy-to-learn language, so you can create new reports without incurring consulting costs. | You can modify both the displays and reports to build installation-specific system, TSS and System Management Facility (SMF) reports. |
| DBCS support for audit reports | Support for DBCS characters in search strings and formatted output. | Audit concern reporting available in both English and DBCS. |
| NLS support for translating report titles, column headers, constants, and selection and scan values | Built-in support for translating reports and menus for NLS support. | User interface can be translated into other languages. |
| Analyze SMF log files to create a comprehensive audit trail | Security zSecure Audit analyzes SMF from the live SMF data sets or from extracted SMF data on tape or disk. The SMF analysis component supports more than 50 standard z/OS SMF record types and includes specific auditing functions for, TSS, CICS, DB2, OMEGAMON, UNIX, Linux on System z, WebSphere Application Server, Tivoli Key Lifecycle Manager and the IBM Communications Server. | By using live data sets, you can interactively view information from the active system interactively after an event has taken place. You can produce overview and detail reports about system and user activity from the SMF log files. |
| Leverage external file support to make reports highly usable |
Security zSecure Audit
|
For example, if a policy exception, such as logging in after work hours, occurs, the software gathers the information about the user (name, matching user ID, department, e-mail address, and telephone details) from the personnel database. |
| Detect system changes to minimize security risks |
Security zSecure Audit can identify
|
Security zSecure Audit indicates whether a member was added, deleted or changed. For load modules, Security zSecure Audit also identifies program temporary fixes (PTFs) and zaps applied to modules and reports the differences between two or more PTFs. |
| Detect integrity breaches | Security zSecure Audit includes a powerful system integrity analysis feature. Reports identify exposures and potential threats based on intelligent analysis built into the system. | Reports can reveal breaches in system integrity and other irregularities. These reports rank the severity of the exposure to help you determine what corrective action is needed. |
| Seamless links to enterprise audit and compliance | Security zSecure Audit can automatically send security information from the mainframe into Tivoli Security Information and Event Manager. | You can easily include mainframe security information in company-wide audit and compliance reports. |
Security zSecure Audit is a mainframe audit solution for detecting and reporting security events and exposures on z/OS, DB2, CICS, IMS, the IBM Communications Server, IBM Security Key Lifecycle Manager, WebSphere Application Server, PDSe, TCP/IP, OMEGAMON, Linux on System z, and UNIX running TopSecret.
