IBM Z Security and Compliance Center 1.1 automates evidence collection and validations, to help simplify compliance reporting

IBM Japan Software Announcement JP22-0005
April 5, 2022

Table of contents
OverviewOverviewTechnical informationTechnical information
Key requirementsKey requirementsOrdering informationOrdering information
Planned availability datePlanned availability dateTerms and conditionsTerms and conditions
Program numberProgram numberPricesPrices
PublicationsPublications


Overview

Top rule

IBM Z® Security and Compliance Center is a modern, browser-based application to help your organization with their compliance capability mapping, fact collection, and validations. Designed for use with minimal technical skills, this solution can automate evidence collection of your compliance-related facts from IBM Z platforms.

IBM Z Security and Compliance Center 1.1 is engineered to help you:

  • Generate detailed reports to help executives, administrators, and auditors to understand their compliance metrics with an easy-to-read format
  • Track compliance drift over time with dashboard visualizations that include historical compliance information
  • Utilize evidence generation facilities from the IBM Z software stack (for example, z/OS®, z/OS Middleware, Oracle on IBM Z, and PostgreSQL on IBM Z)
  • Provide an interactive view of the posture and details around the potential scope of control deviations from certain regulations, such as PCI-DSS v3.2.1, NIST SP800-53, and CIS Benchmarks


Back to topBack to top

Key requirements

Top rule

Minimum system requirement: IBM® z16 processor



Back to topBack to top

Planned availability date

Top rule

May 27, 2022

Availability within a country is subject to local legal requirements.



Back to topBack to top

Accessibility by people with disabilities

Top rule

Accessibility Compliance Reports (previously known as a VPAT) containing details on accessibility compliance to standards, including the Worldwide Consortium Web Content Accessibility Guidelines, European Standard EN 301 349, and US Section 508, can be found on the IBM Accessibility Conformance Report Request website.



Back to topBack to top

Program number

Top rule

Program name VRM Program number
IBM Z Security and Compliance Center 1.1.0 5655-CC1

IBM Z Security and Compliance Center

Program PID number Subscription and Support PID number
5655-CC1 5655-CC2



Back to topBack to top

Education support

Top rule

IBM training provides education to support many IBM offerings. Descriptions of courses for IT professionals and managers can be found on the IBM Training and Skills website.

Contact your IBM representative for course information.



Back to topBack to top

Offering Information

Top rule

Product information is available on the IBM Offering Information website.



Back to topBack to top

Publications

Top rule

Technical documentation can be found in IBM Documentation.



Back to topBack to top

Services

Top rule

IBM Systems Lab Services

Systems Lab Services offers infrastructure services to help build hybrid cloud and enterprise IT solutions. From servers to storage systems and software, Systems Lab Services can help deploy the building blocks of a next-generation IT infrastructure to empower a client's business. Systems Lab Services consultants can perform infrastructure services for clients online or onsite, offering deep technical expertise, valuable tools, and successful methodologies. Systems Lab Services is designed to help clients solve business challenges, gain new skills, and apply best practices.

Systems Lab Services offers a wide range of infrastructure services for IBM Power® servers, IBM Storage systems, IBM Z, and IBM LinuxONE. Systems Lab Services has a global presence and can deploy experienced consultants online or onsite around the world.

For assistance, contact Systems Lab Services at ibmsls@us.ibm.com.

To learn more, see the IBM Systems Lab Services website.

IBM Consulting

As transformation continues across every industry, businesses need a single partner to map their enterprise-wide business strategy and technology infrastructure. IBM Consulting is the business partner to help accelerate change across an organization. IBM specialists can help businesses succeed through finding collaborative ways of working that forge connections across people, technologies, and partner ecosystems. IBM Consulting brings together the business expertise and an ecosystem of technologies that help solve some of the biggest problems faced by organizations. With methods that get results faster, an integrated approach that is grounded in an open and flexible hybrid cloud architecture, and incorporating technology from IBM Research® and IBM Watson® AI, IBM Consulting enables businesses to lead change with confidence and deliver continuous improvement across a business and its bottom line.

For additional information, see the IBM Consulting website.

IBM Technology Support Services (TSS)

Get preventive maintenance, onsite and remote support and gain actionable insights into critical business applications and IT systems. Speed developer innovation with support for over 240 open-source packages. Leverage powerful IBM analytics and AI-enabled tools to enable client teams to manage IT problems before they become emergencies.

TSS offers extensive IT maintenance and support services that cover more than one niche of a client's environment. TSS covers products from IBM and OEMs, including servers, storage, network, appliances, and software, to help clients ensure high availability across their data center and hybrid cloud environment.

For details on available services, see the Technology support for hybrid cloud environments website.

IBM Expert Labs

Expert Labs can help clients accelerate their projects and optimize value by leveraging their deep technical skills and knowledge. With more than 20 years of industry experience, these specialists know how to overcome the biggest challenges to deliver business results that can have an immediate impact.

Expert Labs' deep alignment with IBM product development allows for a strategic advantage as they are often the first in line to get access to new products, features, and early visibility into roadmaps. This connection with the development enables them to deliver First of a Kind implementations to address unique needs or expand a client's business with a flexible approach that works best for their organization.

For additional information, see the IBM Expert Labs website.

IBM Security® Expert Labs

With extensive consultative expertise on IBM Security software solutions, Security Expert Labs helps clients and partners modernize the security of their applications, data, and workforce. With an extensive portfolio of consulting and learning services, Expert Labs provides project-based and premier support service subscriptions.

These services can help clients deploy and integrate IBM Security software, extend their team resources, and help guide and accelerate successful hybrid cloud solutions, including critical strategies such as zero trust. Remote and on-premises software deployment assistance is available for IBM Cloud Pak® for Security, IBM Security QRadar®/QRoC, IBM Security SOAR/Resilient®, IBM i2®, IBM Security Verify, IBM Security Guardium®, and IBM Security MaaS360®.

For more information, contact Security Expert Labs at sel@us.ibm.com.

For additional information, see the IBM Security Expert Labs website.



Back to topBack to top

Technical information

Top rule

Specified operating environment

Hardware requirements

The minimum system requirements are as follows:

  • IBM z16 processor

Minimum system requirements for Red Hat® OpenShift® Container Platform 4.10

Integrated Facility for Linus (IFL's) 6 IFL's with SMT2 enabled Shared across different nodes
Memory 128 GB Shared across different nodes
Storage 360 GB Shared across different nodes

System requirements for IBM Z Security and Compliance Center

Integrated Facility for Linus (IFL's) 2 IFL's with SMT2 enabled Shared across different nodes
Memory 32 GB Shared across different nodes
Storage (disk) 900 GB Shared across different nodes
NFS storage 3 TB Shared across different nodes

Software requirements

Software support for evidence providers

z/OS 2.4 and z/OS 2.5 have been enhanced to enable the collection of compliance data from zAR CPACF counters and several z/OS products and components. A new z/OSMF compliance fact collection REST API sends an ENF86 signal to selected systems. Participating products and components will collect and write compliance data to new SMF 1154 records associated with its unique subtype.

This support requires PTFs for z/OS 2.4 and z/OS 2.5. The PTFs will be identified by fix category designated specifically for compliance data collection support named IBM.Function.Compliance.DataCollection. See IBM Fix Category Values and Descriptions for information about how to use this fix category to identify and install the specific PTFs that enable compliance data collection.

Additional information about z/OS collection sources and enablement:

  • For CICS® Transaction Server for z/OS 6.1, see Software Announcement JP22-0105, dated April 5, 2022.
  • For Db2® 13 for z/OS powered by AI innovations, see Software Announcement JP22-0003, dated April 5, 2022.

Prerequisite enablement software details:

  • z/OSMF with PTFs for APAR PH37308
  • CEA with PTFs for APAR OA61443
  • SMF with PTFs for APAR OA61444

Middleware and software evidence providers:

  • CPACF usage counters with PTFs for APAR OA61511
  • RACF® with PTFs for APAR OA61933
  • Communication server (FTP, TCP/IP, CSSMTP, TN3270) with PTFs for APAR PH37372
  • ICSF with PTFs for APAR OA61977
  • Db2 V13 for z/OS
  • CICS TS 6.1
  • IMS V15 with PTFs for APAR PH42600
  • MQ, SSHD, INETD, SMF, DFSMSrmm, DFSMSdfp, DFSMShsm, DFSMSdss, Consoles, USS

Linux® on IBM Z supports the collection of compliance data from the Linux environment.

Prerequisite operating system details:

  • Red Hat Enterprise Linux 8.0 (RHEL) on IBM Z, or later
  • SUSE Linux Enterprise Server (SLES) 15 on IBM Z
  • Ubuntu Server LTS for IBM Z 22.04

Middleware and software evidence providers:

  • Oracle 19c
  • PostgreSQL 13.x, 14.x

Such information is provided subject to the following terms. IT system security involves protecting systems and information through prevention, detection, and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated, or misused, or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service, or security measure can be completely effective in preventing improper use or access. IBM systems, products, and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products, or services to be most effective.

Important: IBM does not warrant that any systems, products, or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.

IBM Support

IBM Support is your gateway to technical support tools and resources that are designed to help you save time and simplify support. IBM Support can help you find answers to questions, download fixes, troubleshoot, submit and track problem cases, and build skills. Learn and stay informed about the transformation of IBM Support, including new tools, new processes, and new capabilities, by going to the IBM Support Insider.

Additional IBM support

IBM Client Engineering

Client Engineering is a framework for accelerating digital transformation. It helps you generate innovative ideas and equips you with the practices, technologies, and expertise to turn those ideas into business value in weeks. When you work with Client Engineering, you bring pain points into focus. You empower your team to take manageable risks, adopt leading technologies, speed up solution development, and measure the value of everything you do. Client Engineering has experts and services to address a broad array of use cases, including capabilities for business transformation, hybrid cloud, analytics and AI, infrastructure systems, security, and more. Contact Client Engineering at sysgarage@ibm.com.

Planning information

Packaging

This offering is delivered through the internet as an electronic download from Shopz. There is no physical media.

Direct client support

For technical support or assistance, contact your IBM representative or go to the IBM Support website.



Back to topBack to top

Ordering information

Top rule

Consult your IBM representative.


Value Unit exhibit VUE007

  MSUs minimum MSUs maximum Value Units/MSU
Base 1 3 1
Tier A 4 45 0.45
Tier B 46 175 0.36
Tier C 176 315 0.27
Tier D 316 + 0.20

Ordering example

The total number of Value Units is calculated according to the following example.

If your required license capacity is 1,500 MSUs for your selected IBM Z IPLA product, the applicable Value Units would be:

Tier MSUs Multiplied by Value Units per MSU Equal Value Units
Base 3 1.00 3.00
Tier A 42 .45 18.90
Tier B 130 .36 46.80
Tier C 140 .27 37.80
Tier D 1,185 .20 237.00
Total 1,500   343.50

When calculating the total number of Value Units, the sum is to be rounded up to the next integer.

Charge metric

The charge metrics for these licensed products can be found in the following License Information documents:

Program identifier License Information document title License Information document number
5655-CC1 IBM Z Security and Compliance Center L-MADP-CBNDQC

Select your language of choice and scroll down to the Charge Metrics section. Follow-on releases, if any, may have updated terms. See the License Information documents website for more information.

Basic license

Translation from MSUs to Value Units

  MSUs Value Units/MSU
Base 1-3 1
Tier A 4-45 0.15
Tier B 46-175 0.08
Tier C 176-315 0.04
Tier D 316 or greater 0.03

To order, specify the program ID number and the appropriate license or charge option.

Program name and number: IBM Z Security and Compliance Center (5655-CC1)

Entitlement identifier Description License option/Pricing metric
S018MC3 IBM Z Security and Compliance Center MultiVersion Measurement No Charge Value Units Qty 1
    On Off Cap on demand Temporary Use Charge MSU-DAY(s) Qty 1
    Use-Based License One-Time Charge Value Units Qty 1
Orderable supply ID Language
S018MC4 Multilingual

IBM recommends internet delivery. However, if you still require physical media, you can choose DVD.

Program name and number: IBM Z Security and Compliance Center Subscription and Support SW S&S (5655-CC2)

Entitlement identifier Description License option/Pricing metric
S018MC6 IBM Z Security and Compliance Center S&S Decline Subscribe and Suppt No Charge Base with Qty 0
    Multi-Version Measurement S&S, No Charge Value Units Qty 1
    SW Subs and Sup Rgst No Charge Per MSU Qty 0
    SW Subscription and Support Annual Support Charge Value Unit Qty 1
    SW Subscription and Support Monthly Support Charge Value U Qty 1
Orderable supply ID Language
S018MC7 Multilingual


Subscription and Support

To receive voice technical support by telephone and future releases and versions at no additional charge, Subscription and Support must be ordered. The capacity of Subscription and Support (Value Units) must be the same as the capacity ordered for the product licenses.

To order, specify the Subscription and Support program ID referenced above and the appropriate license or charge option.

IBM is also providing Subscription and Support for these programs with a separately purchased offering under the terms of the IBM International Agreement for Acquisition of Software Maintenance. This offering:

  • Includes and extends the support services provided in the base support to include telephone technical support.
  • Entitles you to future releases and versions, at no additional charge. Note that you are not entitled to new programs.

When Subscription and Support is ordered, the charges will automatically renew annually unless canceled by you.

The combined effect of the IPLA license and the Agreement for Acquisition of Software Maintenance gives you rights and support services comparable to those under the traditional ICA IBM Z license or its equivalent. To ensure that you continue to enjoy the level of support you are used to in the ICA business model, you must order both the license for the program and the support for the selected programs at the same Value Unit quantities.


On/Off CoD

The following programs are eligible for On/Off CoD with a temporary use charge calculated based on MSUs per-day usage.

IBM Z Security and Compliance Center 1.1 (5655-CC1)

Entitlement identifier Description License option/Pricing metric
S018MC3 IBM Z Security and Compliance Center On/Off CoD, Temporary Use Charge per MSUs per day

Customized Offerings

Product deliverables are shipped only through CBPDO and ServerPac. These customized offerings are offered for internet delivery. For more details on Internet delivery, go to the Help section on the Shopz website.

IBM recommends internet delivery. However, if you still require physical media, you can choose DVD.

Many products can be ordered in ServerPac the month following their availability in CBPDO. z/OS can be ordered through CBPDO and ServerPac on the planned availability date. Many products will also be orderable in a Product ServerPac without also having to order the z/OS operating system or subsystem.

Shopz and CFSW will determine the eligibility based on product requisite checking. For more details on the Product ServerPac, go to the Help section on the Shopz website.

Production of software product orders will begin on the planned availability date.

  • CBPDO shipments will begin within 3 business days after the planned availability date.
  • ServerPac availability and shipments will begin within 3 - 4 weeks after the planned product availability date due to additional customization and data input verification.



Back to topBack to top

Terms and conditions

Top rule

The information provided in this announcement letter is for reference and convenience purposes only. The terms and conditions that govern any transaction with IBM are contained in the applicable contract documents such as the IBM International Program License Agreement, IBM International Passport Advantage® Agreement, and the IBM Agreement for Acquisition of Software Maintenance.

Licensing

IBM International Program License Agreement including the License Information document and Proof of Entitlement (PoE) govern your use of the program. PoEs are required for all authorized use.

This software license includes Software Subscription and Support (also referred to as Software Maintenance).

Software Maintenance

The following agreement applies for Software Subscription and Support Software Maintenance):

  • IBM Agreement for Acquisition of Software Maintenance (JNTC-6011)
  • IBM Agreement for Acquisition of Software Maintenance (IAAS305 or others)
  • Exhibit for IBM Agreement for Acquisition of Software Maintenance (IAAS400)

These programs are licensed under the IBM International Program License Agreement (IPLA) and the associated Agreement for Acquisition of Software Maintenance, which provide for support with ongoing access to releases and versions of the program. These programs have a one-time license charge for use of the program and an annual renewable charge for the enhanced support that includes telephone assistance (voice support for defects during normal business hours), as well as access to updates, releases, and versions of the program as long as support is in effect.

License Information number

The following License Information documents apply to the offerings in this announcement:

Program identifier License Information document title License Information document number
5655-CC1 IBM Z Security and Compliance Center L-MADP-CBNDQC

Follow-on releases, if any, may have updated terms. See the License Information documents website for more information.

Limited warranty applies

Yes

Limited warranty

IBM warrants that when the program is used in the specified operating environment, it will conform to its specifications. The warranty applies only to the unmodified portion of the program. IBM does not warrant uninterrupted or error-free operation of the program or that IBM will correct all program defects. You are responsible for the results obtained from the use of the program.

IBM provides you with access to IBM databases containing information about known program defects, defect corrections, restrictions, and bypasses at no additional charge. For further information, see the IBM Support Guide.

IBM will maintain this information for at least one year after the original licensee acquires the program (warranty period).

Program technical support

Enhanced support

Technical support of a program product version or release will be available for a minimum of five years from the planned availability date, as long as your Software Subscription and Support is in effect.

This technical support allows you to obtain assistance (by telephone or electronic means) from IBM for product-specific, task-oriented questions regarding the installation and operation of the program product. Software Subscription and Support also provides you with access to updates (modifications or fixes), releases, and versions of the program. You will be notified, through an announcement letter, of discontinuance of support with 12 months' notice.

If you require additional technical support from IBM, including an extension of support beyond the discontinuance date, contact your IBM representative or IBM Business Partner. This extension may be available for a fee.

For additional information about the IBM Software Support Lifecycle Policies, see the Standard and enhanced IBM software support lifecycle policies website.

Money-back guarantee

If for any reason you are dissatisfied with the program and you are the original licensee, you may obtain a refund of the amount you paid for it, if within 30 days of your invoice date you return the program and its PoE to the party from whom you obtained it. If you downloaded the program, you may contact the party from whom you acquired it for instructions on how to obtain the refund.

For clarification, note that for programs acquired under any of IBM's On/Off Capacity on Demand (On/Off CoD) software offerings, this term does not apply since these offerings apply to programs already acquired and in use by you.

Volume orders (IVO)

No

Passport Advantage applies

No

Software Subscription and Support applies

Yes. During the Software Subscription and Support period, for the unmodified portion of a program, and to the extent problems can be recreated in the specified operating environment, IBM will provide the following:

  • Defect correction information, a restriction, or a bypass.
  • Program updates: Periodic releases of collections of code corrections, fixes, functional enhancements and new versions and releases to the program and documentation.
  • Technical assistance: A reasonable amount of remote assistance by telephone or electronically to address suspected program defects. Technical assistance is available from the IBM support center in the organization's geography.

Additional details regarding Technical Assistance, which includes IBM contact information, are provided in the IBM Support Guide.

Software Subscription and Support does not include assistance for:

  • The design and development of applications.
  • Your use of programs in other than their specified operating environment.
  • Failures caused by products for which IBM is not responsible under the IBM Agreement for Acquisition of Software Maintenance.

Software Subscription and Support is provided only if the program is within its support timeframe as specified in the Software Support Lifecycle policy for the program.

Yes. All distributed software licenses include Software Subscription and Support (also referred to as Software Maintenance) for a period of 12 months from the date of acquisition, providing a streamlined way to acquire IBM software and assure technical support coverage for all licenses. Extending coverage for a total of three years from date of acquisition may be elected.

While your Software Subscription and Support is in effect, IBM provides you assistance for your routine, short duration installation and usage (how-to) questions, and code-related questions. IBM provides assistance by telephone and, if available, electronic access, only to your information systems (IS) technical support personnel during the normal business hours (published prime shift hours) of your IBM support center. (This assistance is not available to your end users.) IBM provides Severity 1 assistance 24 hours a day, every day of the year. For additional details, go to the IBM Support Handbooks page.

Software Subscription and Support does not include assistance for the design and development of applications, your use of programs in other than their specified operating environment, or failures caused by products for which IBM is not responsible under this agreement.

Variable charges apply

No

Educational allowance available

Not applicable.

Multi-Version Measurement

Multi-Version Measurement (MVM) replaces the previously announced Migration Grace Period time limit of six months and allows unlimited time for clients to run more than one eligible version of a software program. Clients may run multiple versions of a program simultaneously for an unlimited duration during a program version upgrade. Clients may also choose to run multiple versions of a program simultaneously for an unlimited duration in a production environment. MVM does not extend support dates for programs withdrawn from service.

For more information about MVM, including requirements for qualification, see the MVM web page. For a list of eligible programs, see the IPLA Execution-Based web page.

Sub-capacity terms and conditions

IBM Getting Started Sub-capacity Pricing for z/OS IPLA Software applies.

Sub-capacity utilization determination

Sub-capacity utilization is determined based on the utilization of an eligible operating system and machine, for example, z/OS running in z/Architecture® (64-bit) mode on an IBM Z, or equivalent, server.

Sub-capacity utilization is determined based on the product's own execution as reported to IBM in accordance with the requirements for reporting sub-capacity utilization for products.

On/Off CoD

To be eligible for On/Off CoD pricing, you must be enabled for temporary capacity on the corresponding hardware, and the required contract, Attachment for IBM System z On/Off Capacity on Demand (JNTC-7883), must be signed prior to use.



Back to topBack to top

Statement of good security practices

Top rule

IT system security involves protecting systems and information through intrusion prevention, detection, and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, or misappropriated or can result in misuse of your systems to attack others. Without a comprehensive approach to security, no IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a regulatory compliant, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products, or services to be most effective.

Important: IBM does not warrant that any systems, products, or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.



Back to topBack to top

Prices

Top rule

For all local charges, contact your IBM representative.

Trademarks

IBM Z, z/OS, IBM, Power, Passport Advantage, z/Architecture, IBM Research, IBM Watson, IBM Security, IBM Cloud Pak, QRadar, Resilient, i2, Guardium, MaaS360, CICS, Db2, RACF and System z are registered trademarks of IBM Corporation in the United States, other countries, or both.

Red Hat and OpenShift are registered trademarks of Red Hat Inc. in the U.S. and other countries.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.

Other company, product, and service names may be trademarks or service marks of others.

Terms of use

IBM products and services which are announced and available in your country can be ordered under the applicable standard agreements, terms, conditions, and prices in effect at the time. IBM reserves the right to modify or withdraw this announcement at any time without notice. This announcement is provided for your information only. Additional terms of use are located at

Terms of use

For the most current information regarding IBM products, consult your IBM representative or reseller, or go to the IBM worldwide contacts page

IBM Japan