IBM Security zSecure V2.1 enhances mainframe security intelligence and automates compliance auditing
IBM United States Software Announcement 213-293July 23, 2013
ENUS213-293.PDF
|
| At a glance |
 |
IBM® Security zSecure™ suite V2.1 delivers:
- Additional IBM DB2® compliance analysis and reporting
- Enhancements in the digital certificate management area
- Ability to ease compliance reporting (including a user interface for the Defense Information Systems Agency (DISA), Security Technical Implementation Guide (STIG) (DISA-STIG), and Payment Card Industry Data Security Standard (PCI-DSS))
- Additional integration with QRadar® SIEM
- Extensions to the Access Monitor component, such as identifying which digital certificates are effectively still in use, aiding administrators in removing obsolete certificates and unused IDs, and access to resources
- Currency with IBM z/OS®
- Various interface improvements, for example, in working with multiple systems simultaneously
IBM Security zSecure Compliance, Auditing, and Administration solutions are now at V2.1.
For ordering, contact your IBM representative, an IBM Business Partner, or IBM Americas Call Centers at 800-IBM-CALL (Reference: ME001).
Back to top
|
|
| Overview |
|
IBM Security zSecure suite consists of multiple individual products designed to help you administer your mainframe security, monitor for threats, enforce policy compliance, audit usage and configurations, and assist in compliance management and audit reporting.
IBM Security zSecure Admin, IBM Security zSecure Visual, and IBM Security zSecure CICS® Toolkit provide administrative, provisioning, and management components that can significantly reduce administration time, effort, and costs, and help improve productivity and response time, as well as help reduce training time for new administrators.
IBM Security zSecure Audit, IBM Security zSecure Alert, and IBM Security zSecure Command Verifier provide security policy enforcement, audit, monitoring, and compliance management capability. These offerings help ease the burden of compliance audits, help reduce the time and costs of performing compliance and monitoring, can improve security and incident handling, and can increase overall operational effectiveness.
Additional offerings include IBM Security zSecure Manager for RACF® z/VM® .
IBM Security zSecure Compliance, Auditing, and Administration solutions are now at V2.1. Refer to the Description section for more information.
Back to top
|
|
| Key prerequisites |
|
For details, refer to the Hardware requirements and Software requirements sections.
Back to top
|
|
| Planned availability date |
|
September 6, 2013
Back to top
|
|
| Description |
|
The IBM Security zSecure suite provides a user-friendly interface for RACF , with extensive auditing and monitoring capabilities for the enterprise security hub. It can result in more efficient and effective administration and compliance to defined security policies.
Helps free administrators to focus on security
While preventing security breaches is paramount, administrators are frequently bogged down with tedious, time-consuming, day-to-day tasks that divert their attention from security issues. The IBM Security zSecure suite offers a range of products designed to help reduce administration time, and enable valuable mainframe resources to focus on improving security quality.
IBM Security zSecure Admin is a leading security software program that enables efficient and effective IBM RACF administration, typically using significantly less resources. By putting a user-friendly layer over your RACF databases, you can quickly enter and process administrative commands, generate custom reports, and clean up databases. By implementing a repeatable process for security management, IBM Security Secure Admin can help you reduce errors and improve the overall quality of services and security levels.
RACF administrators can create a mirrored offline copy of the RACF database that can be used to check and verify configuration changes, without affecting the production database. This ability to test changes and review the results before implementing them can reduce the risks of introducing errors into the production database, through human error, and possible outages of security. The zSecure Admin RACF offline database is an excellent training ground for new administrators since it does not affect the production RACF database.
zSecure Admin also offers the capability to compare RACF databases to identify the differences in access and users. It also provides the capability to merge RACF databases, thereby, helping reduce the number of databases.
RACF database cleanup Access Monitor function addresses the problem of obsolete authorizations, for example, by removing authorizations that have not been used for a year, which is an administrative issue that is increasingly unacceptable from a compliance, governance, and risk perspective. This pertains to unused permits (user and group authorizations) as well as unused connects (group membership). At the same time, if the authorizations are obsolete, it is likely that the corresponding resources are equally obsolete and should also be cleaned up. Obsolete resources on the system represent a security risk because they could be reused for another purpose, and inappropriate access might be granted by virtue of the obsolete authorizations lingering in the security database.
Removal of unused profiles is also possible but requires a manual review step since there exists reasons for the existence for a profile that the program cannot know. The RACF cleanup function can be used to reduce the overhead of the processing around yearly authorization reviews demanded by some regulations.
IBM Security zSecure Visual can reduce the need for expensive, RACF-trained expertise through a Microsoft™ Windows-based GUI for RACF administration. With the ability to establish a secure connection directly with RACF , Security Secure Visual is ideal for decentralizing RACF administration or enabling central security administration from outside Interactive System Productivity Facility/Time Sharing Option (ISPF/TSO).
Tracks security events and helps prevent exposures to compliance requirements
Over the past decade, the number of requirements organizations must comply with has increased dramatically. Keeping up with the demands for audit and controls documentation, while also trying to prevent security breaches, can be overwhelming. Security zSecure suite delivers auditing, monitoring, and compliance management solutions designed to help reduce security exposures.
IBM Security zSecure CICS Toolkit adds mainframe administration capabilities to the CICS environment, such as password resets and authorization management. Its easy-to-use menu enables users to stay within the CICS application, to issue security commands to the mainframe, rather than forcing them into another environment. Your field administrators can quickly issue commands through a user-friendly menu for functions such as password resets for failed user logins and user additions.
If you have an application on your web server that communicates with CICS on your mainframe, your CICS application can use the advanced COBOL API capabilities in Security zSecure CICS Toolkit to execute select RACF security functions. Such functions could be verification of a user ID and password entered on the web interface against the RACF database or retrieval of information about a user ID and its privileges from the RACF database that gets passed on to the web application.
You can easily customize Security zSecure CICS Toolkit screens by using the API, which can be contacted by any CICS program with a standard CICS command area. Use the API to tailor the look of your screens to the requirements of a specific installation and show as little or as much as you want to your decentralized administrators. The API facilitates access checks of more than 2,000 resources, enabling you to easily replace an application's internal security with RACF security and helping to significantly improve the application's performance. Security zSecure CICS Toolkit API can centralize - in the RACF database - the security management of (homegrown) applications built for CICS .
IBM Security zSecure Audit delivers a mainframe compliance management and audit solution that enables you to quickly analyze and report on mainframe events, and automatically detect security exposures through extensive status auditing. zSecure Audit provides extended and independent monitoring to track and assess the consistency of security relevant changes to z/OS across systems and the compliance of those changes in comparison to a best practice knowledge base.
Unlike offerings that only report on a copy of a database, Security zSecure Audit allows you to access live security data on mainframes running IBM z/OS with RACF , ACF2, or Top Secret helping deliver audit accuracy. Analyzing the active z/OS system control blocks can help you quickly identify possible issues that could have a negative effect on the stability of security.
After auditing and analyzing the z/OS operating system, Security zSecure Audit prioritizes and highlights security concerns. It provides displays to view definitions, tables, exits, and other vital z/OS information and identifies problems or potential problems. Issues are ranked by audit priority, with a number indicating the relative impact of a problem.
Security zSecure Audit can also provide extensive audit and analysis capabilities beyond z/OS systems, including the ability to audit UNIX™ security definitions on the mainframe and automatically find problems within the security definitions in the UNIX subsystem. In addition, Security zSecure Audit provides audit support for Linux™ on System z® , IBM DB2 security events, IBM CICS and IBM IMS™ security audit events, and audit security events from IBM Security Key Lifecycle Manager, IBM WebSphere® Application Server, IBM Tivoli® OMEGAMON® XE on z/OS , Hierarchical Storage Manager, IBM Communication Server network configuration for TCP/IP, and partition dataset extended (PDSE) member level auditing.
Extended monitoring and alerting of security events from IBM Security Key Lifecycle Manager, IBM Tivoli OMEGAMON XE on z/OS , IBM DFSMS Removable Media Manager (DFSMSrmm), TCP/IP, and IBM WebSphere Application Server assist in providing an improved view of the overall security within the mainframe environment. The technology lets you create standard and customized reports that can be generated in Extensible Markup Language (XML) format and used in databases and reporting tools.
Security zSecure Audit also lets you send Simple Network Management Protocol (SNMP) messages to an enterprise management console for policy exceptions or violations that can indicate a security breach or weakness. This capability is provided for RACF , CA Top Secret, and CA ACF2 environments. In addition, zSecure Audit provides security information to IBM Security QRadar SIEM dashboard for ease of viewing important events in the z/OS environment, including RACF , ACF2, CICS , and DB2 .
IBM Security zSecure Alert offers a real-time mainframe threat monitoring solution that allows you to monitor intruders and identify misconfigurations that could hamper your compliance efforts. It goes beyond conventional intrusion detection solutions to support intrusion prevention by taking countermeasures via automatically generated commands.
In addition, Security zSecure Alert enables you to quickly determine unauthorized logons and attempts, user behavior that violates security policy, and when your core systems may be at risk. With this information readily in hand, you can help identify misconfigurations before they can be exploited. This capability is provided for RACF and CA ACF2 environments. This information can also be provided to QRadar SIEM for ease of viewing on the the interactive dashboard.
IBM Security zSecure Command Verifier is a robust policy enforcement solution that can help enforce mainframe compliance to company policies by preventing erroneous commands. As a result, it helps increase control and decrease security risks and cleanup costs. Running in the background, Security zSecure Command Verifier verifies RACF commands against your company's policies and procedures. When commands are entered, it verifies whether the commands comply with security policies -- and blocks or, optionally, adjusts the ones that do not comply.
IBM Tivoli Compliance Insight Manager Enabler for z/OS provides a link from zSecure Audit to the IBM Tivoli Security Information and Event Manager tool, so that the mainframe audit information is included in the enterprise dashboard view.
Security zSecure Admin, Audit, and Command Verifier support administration of, reporting on, and use of RACF commands and keywords.
Bringing it all together
IBM Security zSecure suite is a valuable part of managing mainframe security as a process that helps meet the needs of auditors and the business itself. These offerings are the result of a long-term commitment to innovation on the mainframe and to enabling you to improve and simplify mainframe security audit and administration. Through a broad range of offerings, Security zSecure suite helps you address your key mainframe challenges, such as:
- Audit and compliance management
- Report on questionable system configuration options and dangerous settings of privileged users.
- Integrate with Linux on System z , IBM DB2 , IBM CICS , IBM IMS , IBM Security Key Lifecycle Manager for z/OS , IBM WebSphere Application Server, and IBM Tivoli OMEGAMON XE on z/OS for security audit monitoring and reporting.
- Measure and verify the effectiveness of mainframe security and security policies.
- User and security administration
- Include centralized and decentralized management and provision of users, profiles, and resources.
- Constantly monitor crucial users and data for misuse.
- Include security risk detection and avoidance
- Can reduce operational costs and achieve faster incident detection.
- Generate alerts with instant reports about RACF , IBM System Management Facilities (SMF), IBM z/OS , IBM DB2 , IBM CICS , and the UNIX subsystem.
Additional offerings:
- IBM Tivoli Compliance Insight Manager Enabler for z/OS - IBM Security zSecure suite allows you to submit mainframe security information into an enterprise audit and compliance management solution, through the seamless integration with IBM Tivoli Security Information and Event Manager. Combining mainframe data with that from other operating systems, applications, and databases, Tivoli Security Information and Event Manager provides the ability to capture log data, interpret that data through sophisticated log analysis and communicate results in an efficient, streamlined manner for full enterprise-wide audit and compliance reporting. Tivoli Compliance Insight Manager Enabler for z/OS provides the event source connection to supply the mainframe information into the enterprise tool.
- IBM Security zSecure Manager for RACF z/VM V1.11.1 - IBM Security zSecure Manager for RACF z/VM provides administrators and auditors with tools to help unleash the potential of your mainframe system, enabling efficient and effective RACF administration and auditing of the z/VM environment including Linux on System z , while helping use fewer resources. By automating many recurring auditing and system administration functions, IBM Security zSecure Manager for RACF z/VM can help you maximize IT resources, reduce errors, improve quality of services, and demonstrate compliance.
IBM Security zSecure Compliance, Auditing, and Administration solutions
IBM Security zSecure Compliance, Auditing, and Administration solutions have also been updated to V2.1.
IBM Security zSecure Compliance, Audit, and Administration V2.1 solutions provide enhanced enterprise security management and can improve audit reporting and compliance management. These solutions help reduce administration time and costs, detect threats to reduce risks, and streamline auditing to demonstrate compliance. The three solutions and their components are:
- IBM Security zSecure Administration that simplifies mainframe security management with enhanced user-friendly interfaces and simplified user, group, and resource management. Its components are:
- IBM Security zSecure Admin
- IBM Security zSecure Visual
- IBM Security zSecure Compliance and Auditing that allows you to aggregate, analyze, and monitor for threats by auditing security changes that affect security information from IBM z/OS , IBM RACF , IBM CICS , IBM IMS , IBM DB2 , UNIX , Linux for System z , and other mainframe components. It offers a flexible reporting capability to create and customize reports. Its components are:
- IBM Security zSecure Audit
- IBM Security zSecure Alert
- IBM Security zSecure Command Verifier
- IBM Security zSecure Compliance and Administration that provides simplified security management along with security event monitoring, threat analysis, and audit reporting.
IBM Security zSecure Compliance and Administration combines the components of IBM Security zSecure Administration and IBM Security zSecure Compliance and Auditing for a more comprehensive offering.
Accessibility by people with disabilities
A US Section 508 Voluntary Product Accessibility Template (VPAT) containing details on accessibility compliance can be requested at
Business Partner information
If you are a Direct Reseller - System Reseller acquiring products from IBM, you may link directly to Business Partner information for this announcement. A PartnerWorld ID and password are required (use IBM ID).
Value Unit-based pricing
Value Unit pricing for eligible IBM System z IBM International Program License Agreement (IPLA) programs enables a lower cost of incremental growth and enterprise aggregation. Each System z IPLA product with Value Unit pricing has a single price per Value Unit and a conversion matrix, called Value Unit Exhibit, for converting from some designated measurement to Value Units. Most commonly, Millions of Service Units (MSUs) is the measurement designated by IBM to be converted to Value Units. Some other measurements are engines or messages. Since MSUs are the most common measurement, that measurement will be used for the remainder of this description.
Value Unit pricing offers price benefits for you. For each System z IPLA program with Value Unit pricing, the quantity of that program needed to satisfy applicable IBM terms and conditions is referred to as the required license capacity. Each of the various Value Unit Exhibits stipulate that the larger your required license capacity, the fewer Value Units per MSU you will need. Value Unit Exhibits are uniquely identified by a three digit code and referred to using the nomenclature VUExxx, where xxx is the three digit code.
Subsequent acquisitions of Value Unit priced programs offer additional price benefits. The quantity of each System z IPLA program that you have acquired is referred to as entitled license capacity . If you wish to grow your entitled license capacity for a System z IPLA program, the calculation to determine additional needed Value Units is based upon the number of Value Units already acquired.
For each System z IPLA program with Value Unit pricing, you should:
- Determine the required license capacity, in MSUs
- Aggregate the MSUs across the enterprise
- Convert the total MSUs to Value Units, using the applicable Value Unit Exhibit
- Multiply the price per Value Unit by the total number of Value Units to determine the total cost
To simplify conversion from the designated measurement to Value Units or vice-versa, use the Value Unit Converter Tool. For additional information or to obtain a copy of the Value Unit Converter Tool, visit the Value Unit Converter Tool website
Note that Value Units of a given product cannot be exchanged, interchanged, or aggregated with Value Units of another product.
To determine the required license capacity for the System z IPLA program you selected, refer to the Terms and conditions section.
Back to top
|
|
| Product positioning |
|
IBM Security zSecure suite with IBM Security QRadar SIEM
Security zSecure suite leverages the capabilities of IBM Security QRadar SIEM to enable inclusion of mainframe reporting on RACF , IBM CICS , IBM DB2 , CA ACF2, and CA Top Secret into QRadar SIEM enterprise-wide compliance dashboard and reporting, so that users can view the status of their enterprise security hub along with the rest of their environment.
IBM Security zSecure Alert with IBM Security QRadar SIEM
IBM Security QRadar SIEM and Security zSecure Alert are companion products that can deliver a comprehensive view of the mainframe threats and incidents. QRadar SIEM manages security operations effectively and efficiently with centralized security event correlation, prioritization, investigation, and response.
IBM Security zSecure with RACF
Your investment in RACF may be enhanced with the addition of Security zSecure suite, which provides integrated security audit and compliance management and administration for z/OS and RACF .
Mainframe auditing - For data center auditors, security managers, system programmers, and IT managers who need to monitor mainframe events and incidents, help reduce security vulnerability, and help enforce security policy compliance and generate audit reports, Security zSecure suite offers a mainframe audit solution that provides analysis and reporting of mainframe events and automated detection of exposures through extensive status auditing.
Mainframe security administration - For RACF administrators and IT managers who need to simplify and automate routine administrative tasks, and decentralize administration control, Security zSecure suite offers a mainframe administration suite that enables efficient and effective RACF administration typically using less resources and providing richer functionality, and helping address compliance initiatives. And by implementing a repeatable process for security management, Security zSecure suite can help you reduce errors and improve the overall quality of services.
Back to top
|
|
| Program number |
|
IBM Security zSecure suite V2.1
Program
number VRM Name
5655-N16 2.1 IBM Security zSecure Admin
5655-N17 2.1 IBM Security zSecure Audit
5655-N18 2.1 IBM Security zSecure CICS Toolkit
5655-N19 2.1 IBM Security zSecure Command Verifier
5655-N20 2.1 IBM Security zSecure Visual
5655-N21 2.1 IBM Security zSecure Alert
5655-N22 2.1 IBM Tivoli Compliance Insight Manager Enabler
for z/OS
IBM Security Compliance, Auditing, and Administration solutions
Program
number VRM Name
5655-N23 2.1 IBM Security zSecure Administration
5655-N24 2.1 IBM Security zSecure Compliance and Auditing
5655-N25 2.1 IBM Security zSecure Compliance
and Administration
Product identification number
IBM Security zSecure suite V2.1
Subscription and
Program PID number Support PID number
5655-N16 5655-T03
5655-N17 5655-T04
5655-N18 5655-T06
5655-N19 5655-T08
5655-N20 5655-T10
5655-N21 5655-T12
5655-N22 5655-T16
IBM Security zSecure Compliance, Auditing, and Administration solutions
Subscription and
Program PID number Support PID number
5655-N23 5655-SE4
5655-N24 5655-SE5
5655-N25 5655-SE6
Back to top
|
|
| Education support |
|
IBM training provides education to support many IBM offerings. Descriptions of courses for IT professionals and managers are on the IBM training website
Call IBM training at 800-IBM-TEACH (426-8322) for catalogs, schedules, and enrollments.
Back to top
|
|
| Offering Information |
|
Product information is available via the Offering Information website
Back to top
|
|
| Publications |
|
No hardcopy publications are shipped with these products.
Unlicensed publications
Unlicensed publications are available on the Security zSecure Suite Documentation CD provided with the products, with the exception of the Security zSecure Quick Reference and the Security zSecure Release Information. These publications are available only from the Security zSecure Information Center website at general availability.
Table 1 lists the unlicensed Security zSecure suite V2.1 publications, which are available in English. These publications can be viewed and downloaded from the Security zSecure Information Center website at general availability.
National language unlicensed publications will be available from the Security zSecure Information Center website 30 days after general availability.
Security zSecure Information Center website
Table 1: English unlicensed publications
Title Order number
IBM Security zSecure
Audit for ACF2 Getting Started GI13-2325-00
Admin and Audit for RACF Getting Started GI13-2324-00
Alert User Reference Manual SC27-5642-00
Visual Client Manual SC27-5647-00
CICS Toolkit User Guide SC27-5649-00
Command Verifier User Guide SC27 5648-00
CARLa-Driven Components Installation and SC27-5638-00
Deployment Guide
Messages Guide SC27-5643-00
Quick Reference SC27-5646-00
Licensed publications
Table 2 lists the Security zSecure suite V2.1 licensed publications, which are available in English. These publications are available only to licensed users and are included on the Security zSecure Suite Documentation CD provided with your product order.
To obtain an electronic copy of a licensed publication, send an email requesting the publication to tivzos@us.ibm.com. Include your IBM customer number, form number for each publication, and contact information. You will be contacted with further instructions for fulfilling your order.
For an additional charge, you can order a manufactured documentation CD from the IBM Publications Center. For ordering instructions, go to the Security zSecure Information Center website at
Click the link entitled Obtaining a licensed publication.
National language versions of the licensed documentation are available on an updated version of the Security zSecure Suite Documentation CD after general availability.
Table 2: English Licensed publications
Title Order number - IBM Security zSecure Admin and Audit for RACF User Reference Manual LC27-5639-00 Audit for ACF2 User Reference Manual LC27-5640-00 Audit for Top Secret User Reference Manual LC27-5641-00 IBM Security zSecure Suite Documentation CD LCD7-5373-00
IBM Security Compliance, Auditing, and Administration V2.1 solutions publications
The publications for the components in each of the IBM Security Compliance, Auditing, and Administration V2.1 solutions are shown below. They are available and can be ordered now.
Tables 1a, 1b, and 1c list the unlicensed publications. Tables 2a, 2b, and 2c list the licensed publications. Both types of publications are available in English.
Unlicensed publications
Unlicensed publications are available on the IBM Security zSecure Suite Documentation CD provided with each of the products.
Unlicensed publications can be viewed and downloaded from the following IBM Security zSecure Information Center website
Table 1a: IBM Security zSecure Compliance and Administration English unlicensed publications
Title Order number Command Verifier User's Guide SC27-5648-00 Admin and Audit for RACF Getting Started GI13-2324-00 CARLa-Driven Components Installation SC27-5638-00 and Deployment Guide Audit for ACF2 Getting Started GI13-2325-00 Quick Reference SC27-5646-00 Alert Users Reference Manual SC27-5642-00 Messages Guide SC27-5643-00 Visual Client Manual SC27-5647-00
Table 1b: IBM Security zSecure Administration English unlicensed publications
Title Order number Admin and Audit for RACF Getting Started GI13-2324-00 CARLa-Driven Components Installation SC27-5638-00 and Deployment Guide Quick Reference SC27-5646-00 Messages Guide SC27-5643-00 Visual Client Manual SC27-5647-00
Table 1c: IBM Security zSecure Compliance and Auditing English unlicensed publications
Title Order number Command Verifier User's Guide SC27-5648-00 Admin and Audit for RACF Getting Started GI13-2324-00 CARLa-Driven Components Installation SC27-5638-00 and Deployment Guide Audit for ACF2 Getting Started GI13-2325-00 Quick Reference SC27-5646-00 Alert User Reference Manual SC27-5642-00 Messages Guide SC27-5643-00
Licensed publications
Table 2 lists the licensed publications which are available in English. These publications are available only to licensed users and are included on the IBM Security zSecure Suite Documentation CD provided with each of the products.
To obtain PDF or printed copies of licensed publications, send an email requesting the publication to tivzos@us.ibm.com. Include your IBM customer number, list of publication numbers that you want to order, and preferred contact information. You will be contacted for further instructions for fulfilling your order.
Table 2a: IBM Security zSecure Compliance and Administration English licensed publications
Title Order number Admin and Audit for RACF User Reference Manual LC27-5639-00 Audit for ACF2 User Reference Manual LC27-5640-00 Audit for Top Secret User Reference Manual LC27-5641-00
Table 2b: IBM Security zSecure Administration English licensed publications
Title Order number Admin and Audit for RACF User Reference Manual LC27-5639-00
Table 2c: IBM Security zSecure Compliance and Auditing English licensed publications
Title Order number Admin and Audit for RACF User Reference Manual LC27-5639-00 Audit for ACF2 User Reference Manual LC27-5640-00 Audit for Top Secret User Reference Manual LC27-5641-00
The IBM Publications Center
The Publications Center is a worldwide central repository for IBM product publications and marketing material with a catalog of 70,000 items. Extensive search facilities are provided. Payment options for orders are via credit card (in the U.S.) or customer number for 20 countries. A large number of publications are available online in various file formats, and they can all be downloaded by all countries, free of charge.
Back to top
|
|
| Technical information |
|
Specified operating environment
Hardware requirements
Minimum and recommended processor, disk space, and memory requirements for IBM Security zSecure suite V2.1 and IBM Security zSecure Compliance, Auditing, and Administration solutions V2.1
Minimum Recommended
Processor Z800 IBM System z9® or z10™ Enterprise Class (EC)
or z9® or z10 Business Class (BC)
Disk space 300 MB 450 MB
Memory 1 GB 2 GB
Software requirements
IBM Security zSecure suite V2.1 and IBM Security zSecure Compliance, Auditing, and Administration solutions V2.1 are supported in the following environments:
- IBM z/OS V1R12
- IBM z/OS V1R13
- IBM z/OS V2R1
Security zSecure products that include features for CA ACF2 and CA Top Secret support CA ACF2 R14 and R15, and CA Top Secret R14 and R15.
The program's specifications and specified operating environment information may be found in documentation accompanying the program, if available, such as a readme file, or other information published by IBM , such as an announcement letter. Documentation and other program content may be supplied only in the English language.
IBM Electronic Support
The IBM Support Portal is your gateway to technical support. This includes IBM Electronic Support tools and resources, for software and hardware, to help save time and simplify support. The Electronic Support tools can help you find answers to questions, download fixes, troubleshoot, automate data collection, submit and track problems through the Service Request online tool, and build skills. All these tools are made available through your IBM support agreement, at no additional charge.
Read about the Electronic Support portfolio of tools
Access the IBM Support Portal
Access the online Service Request tool
Planning information
Direct customer support
Direct customer support is provided by IBM Operational Support Services - SoftwareXcel. This fee service enhances your productivity by providing voice and electronic access into the IBM support organization. IBM Operational Support Services - SoftwareXcel helps answer questions pertaining to usage and suspected software defects for eligible products.
Installation and technical support is provided by Global Services. For more information call 800-IBM-4YOU (426-4968).
For technical support or assistance, contact your IBM representative or visit
Packaging
IBM Security zSecure products and solutions are distributed with:
- International Program License Agreement (Z125-3301)
- License Information document
- Tape
- Publications (refer to the Publications section)
Security, auditability, and control
IBM Security zSecure products and solutions use the security and auditability features of the operating system software. The customer is responsible for evaluation, selection, and implementation of security features, administrative procedures, and appropriate controls in application systems and communication facilities. The customer is responsible for evaluation, selection, and implementation of security features, administrative procedures, and appropriate controls in application systems and communication facilities.
Back to top
|
|
| Software Services |
|
IBM Software Services has the breadth, depth, and reach to manage your services needs. You can leverage the deep technical skills of our lab-based, software services team and the business consulting, project management, and infrastructure expertise of our IBM Global Services team. Also, we extend our IBM Software Services reach through IBM Business Partners to provide an extensive portfolio of capabilities. Together, we provide the global reach, intellectual capital, industry insight, and technology leadership to support a wide range of critical business needs.
To learn more about IBM Software Services or to contact a Software Services sales specialist, visit
Back to top
|
|
| Ordering information |
|
Ordering z/OS through the Internet
ShopzSeries provides an easy way to plan and order your z/OS ServerPac or CBPDO. It will analyze your current installation, determine the correct product migration, and present your new configuration based on z/OS . Additional products can also be added to your order (including determination of whether all product requisites are satisfied). ShopzSeries is available in the US and several countries in Europe. In countries where ShopzSeries is not available yet, contact your IBM representative (or IBM Business Partner) to handle your order via the traditional IBM ordering process. For more details and availability, visit the ShopzSeries website at
Charge metric
IBM Security zSecure suite V2.1 Program name PID number Charge metric IBM Security zSecure Admin V2.1 5655-N16 Value Unit IBM Security zSecure Audit V2.1 5655-N17 Value Unit IBM Security zSecure CICS Toolkit V2.1 5655-N18 Value Unit IBM Security zSecure Command Verifier V2.1 5655-N19 Value Unit IBM Security zSecure Visual V2.1 5655-N20 Value Unit IBM Security zSecure Alert V2.1 5655-N21 Value Unit IBM Tivoli Compliance Insight Manager 5655-N22 Value Unit Enabler for z/OS V2.1
IBM Security Compliance, Auditing, and Administration Solutions V2.1
Program name PID number Charge metric IBM Security zSecure Administration V2.1 5655-N23 Value Unit IBM Security zSecure Compliance and 5655-N24 Value Unit Auditing V2.1 IBM Security zSecure Compliance 5655-N25 Value Unit and Administration V2.1
The programs in this announcement all have Value Unit-Based pricing.
Program
number Program name Value Unit exhibit
5655-N16 IBM Security zSecure Admin VUE020
5655-N17 IBM Security zSecure Audit VUE020
5655-N18 IBM Security zSecure CICS Toolkit VUE020
5655-N19 IBM Security zSecure Command Verifier VUE020
5655-N20 IBM Security zSecure Visual VUE020
5655-N21 IBM Security zSecure Alert VUE020
5655-N22 IBM Tivoli Compliance Insight Manager VUE020
Enabler for z/OS
5655-N23 IBM Security zSecure Administration VUE020
5655-N24 IBM Security zSecure Compliance VUE020
and Auditing
5655-N25 IBM Security zSecure Compliance VUE020
and Administration
For each System z IPLA program with Value Unit pricing, the quantity of that program needed to satisfy applicable IBM terms and conditions is referred to as the required license capacity . Your required license capacity is based upon the following factors:
- The System z IPLA program you select
- The applicable Value Unit Exhibit
- The applicable terms
- Whether your current mainframes are full capacity or sub-capacity
Value Unit exhibit VUE020
Value
Level Minimum Maximum Units/MSU
Base 1 3 1
Tier A 4 45 0.15
Tier B 46 175 0.08
Tier C 176 315 0.04
Tier D 316 + 0.03
Value Units for mainframes without MSU ratings:
Value
HW Units/machine
MP3000 H30 3
MP3000 H50 4
MP3000 H70 6
ESL models 1
Basic license
On/Off CoD
IBM Security zSecure is eligible for On/Off CoD with a temporary use charge calculated based on MSUs per-day usage.
Program name: IBM Security zSecure Admin V2.1
Program PID: 5655-N16
Entitlement License option/
identifier Description Pricing metric
S01791D zSecure Admin Basic OTC, per MSU-day TUC
Program name: IBM Security zSecure Audit V2.1
Program PID: 5655-N17
Entitlement License option/
identifier Description Pricing metric
S01791P RACF Basic OTC, per MSU-day TUC
S01791R ACF2 Basic OTC, per MSU-day TUC
S01791S Top Secret Basic OTC, per MSU-day TUC
Program name: IBM Security zSecure CICS Toolkit V2.1
Program PID: 5655-N18
Entitlement License option/
identifier Description Pricing metric
S01791W zSecure CICS Basic OTC, per MSU-day TUC
Toolkit
Program name: IBM Security zSecure Command Verifier V2.1
Program PID: 5655-N19
Entitlement License option/
identifier Description Pricing metric
S017920 zSecure Command Basic OTC, per MSU-day TUC
Verifier
Program name: IBM Security zSecure Visual V2.1
Program PID: 5655-N20
Entitlement License option/
identifier Description Pricing metric
S017921 zSecure Visual Basic OTC, per MSU-day TUC
Program name: IBM Security zSecure Alert V2.1
Program PID: 5655-N21
Entitlement License option/
identifier Description Pricing metric
S01795P RACF Basic OTC, per MSU-day TUC
S01795R ACF2 Basic OTC, per MSU-day TUC
Program name: IBM Security zSecure Administration V2.1
Program PID: 5655-N23
Entitlement License option/
identifier Description Pricing metric
S01796C Security zSecure Basic OTC, per MSU-day TUC
Administration
Program name: IBM Security zSecure Compliance and Auditing V2.1
Program PID: 5655-N24
Entitlement License option/
identifier Description Pricing metric
S01796G Security zSecure Compliance Basic OTC, per MSU-day TUC
and Auditing
Program name: IBM Security zSecure Compliance and
Administration V2.1
Program PID: 5655-N25
Entitlement License option/
identifier Description Pricing metric
S01796K Security zSecure Compliance Basic OTC, per MSU-day TUC
and Administration
Translation from MSUs to Value Units
MSUs Value Units/MSU
Base 1-3 1.00
Tier A 4-45 0.15
Tier B 46-175 0.08
Tier C 176-315 0.04
Tier D 316+ 0.03
To order, specify the program product number and the appropriate license or charge option. Also, specify the desired distribution medium. To suppress shipment of media, select the license-only option in CFSW.
Ordering information for Value Unit pricing - 5655-N16
Program name: IBM Security zSecure Admin V2.1
Program PID: 5655-N16
Entitlement License option/
identifier Description Pricing metric
S01791D zSecure Admin Basic OTC, per Value Unit
Orderable supply ID Language Distribution medium
S01791G Multilingual 3590 tape cartridge
Subscription and Support PID: 5655-T03
Entitlement License option/
identifier Description Pricing metric
S01471M zSecure Admin S&S Basic ASC, per Value Unit SW S&S
no charge, decline SW S&S
per MSU SW S&S registration
Orderable supply ID Language Distribution medium
S015T26 Multilingual Hardcopy publication
Ordering information for Value Unit Pricing - 5655-N17
Program name: IBM Security zSecure Audit V2.1
Program PID: 5655-N17
Entitlement License option/
identifier Description Pricing metric
S01791P RACF Basic OTC, per Value Unit
S01791R ACF2 Basic OTC, per Value Unit
S01791S Top Secret Basic OTC, per Value Unit
Orderable supply ID Language/Description Distribution medium
S01791L Multilingual RACF 3590 tape cartridge
S01791N Multilingual ACF2
S01791M Multilingual Top Secret
Subscription and Support PID: 5655-T04
Entitlement License option/
identifier Description Pricing metric
S01471N RACF S&S Basic ASC, per Value Unit SW S&S
no charge, decline SW S&S
per MSU SW S&S registration
S01471P ACF2 S&S Basic ASC, per Value Unit SW S&S
no charge, decline SW S&S
per MSU SW S&S registration
S01471R Top Secret S&S Basic ASC, per Value Unit SW S&S
no charge, decline SW S&S
per MSU SW S&S registration
Orderable supply ID Language/Description Distribution medium
S015TT2 Multilingual RACF Hardcopy publication
S015TT3 Multilingual ACF2
S015TT4 Multilingual Top Secret
Ordering information for Value Unit pricing - 5655-N18
Program name: IBM Security zSecure CICS Toolkit V2.1 Program PID: 5655-N18 Entitlement License option/ identifier Description Pricing metric S01791W zSecure CICS Toolkit Basic OTC, per Value Unit Orderable supply ID Language/Description Distribution medium S01791V Multilingual 3590 tape cartridge
Subscription and Support PID: 5655-T06
Entitlement License option/
identifier Description Pricing metric
S01472T zSecure CICS Toolkit Basic ASC, per Value Unit SW S&S
S&S no charge, decline SW S&S
per MSU SW S&S registration
Orderable supply ID Language/Description Distribution medium
S015TP6 Multilingual Hardcopy publication
Ordering information for Value Unit pricing - 5655-N19
Program name: IBM Security zSecure Command Verifier V2.1 Program PID: 5655-N19 Entitlement License option/ identifier Description Pricing metric S017920 zSecure Command Verifier Basic OTC, per Value Unit Orderable supply ID Language Distribution medium S01791Z Multilingual 3590 tape cartridge
Subscription and Support PID: 5655-T08
Entitlement License option/
identifier Description Pricing metric
S01471V zSecure Command Basic ASC, per Value Unit SW S&S
Verifier S&S no charge, decline SW S&S
per MSU SW S&S registration
Orderable supply ID Language Distribution medium
S015TPD Multilingual Hardcopy publication
Ordering information for Value Unit pricing - 5655-N20
Program name: IBM Security zSecure Visual V2.1 Program PID: 5655-N20 Entitlement License option/ identifier Description Pricing metric S017921 zSecure Visual Basic OTC, per Value Unit Orderable supply ID Language Distribution medium S017922 Multilingual 3590 tape cartridge
Subscription and Support PID: 5655-T10
Entitlement License option/
identifier Description Pricing metric
S014721 zSecure Visual S&S Basic ASC, per Value Unit SW S&S
no charge, decline SW S&S
per MSU SW S&S registration
Orderable supply ID Language Distribution medium
S015TPX Multilingual Hardcopy publication
Ordering information for Value Unit pricing - 5655-N21
Program name: IBM Security zSecure Alert V2.1 Program PID: 5655-N21 Entitlement License option/ identifier Description Pricing metric S01795P RACF Basic OTC, per Value Unit S01795R ACF2 Basic OTC, per Value Unit Orderable supply ID Language/Description Distribution medium S01795M Multilingual RACF 3590 tape cartridge S01795N Multilingual ACF2
Subscription and Support PID: 5655-T12
Entitlement License option/
identifier Description Pricing metric
S014733 RACF S&S Basic ASC, per Value Unit SW S&S
no charge, decline SW S&S
per MSU SW S&S registration
S014736 ACF2 S&S Basic ASC, per Value Unit SW S&S
no charge, decline SW S&S
per MSU SW S&S registration
Orderable supply ID Language/Description Distribution medium
S015TPZ Multilingual RACF Hardcopy publication
S015TR0 Multilingual ACF2
Ordering information for Value Unit pricing - 5655-N22
Program name: IBM Tivoli Compliance Insight Manager Enabler
for z/OS V2.1
Program PID: 5655-N22
Entitlement License option/
identifier Description Pricing metric
S017967 RACF Basic OTC, per Value Unit
S017964 ACF2 Basic OTC, per Value Unit
S017966 Top Secret Basic OTC, per Value Unit
S017965 DB2 Basic OTC, per Value Unit
S017968 CICS Basic OTC, per Value Unit
Orderable supply ID Language/Description Distribution medium
S017961 Multilingual RACF 3590 tape cartridge
S01796L Multilingual ACF2
S017962 Multilingual Top Secret
S017963 Multilingual DB2
S017960 Multilingual CICS
Subscription and Support PID: 5655-T16
Entitlement License option/
identifier Description Pricing metric
S01473K RACF S&S Basic ASC, per Value Unit SW S&S
no charge, decline SW S&S
S01474B ACF2 S&S Basic ASC, per Value Unit SW S&S
no charge, decline SW S&S
S01474C Top Secret S&S Basic ASC, per Value Unit SW S&S
no charge, decline SW S&S
S01474W DB2 S&S Basic ASC, per Value Unit SW S&S
no charge, decline SW S&S
S015TNK CICS S&S Basic ASC, per Value Unit SW S&S
no charge, decline SW S&S
Orderable supply ID Language/Description Distribution medium
S015TNS Multilingual RACF Hardcopy publication
S015TNR Multilingual ACF2
S015TNP Multilingual Top Secret
S015TNN Multilingual DB2
S015TNM Multilingual CICS
The following table shows the conversion from MSUs to Value Units.
VUE020 MSUs Value Units/MSU Base 1-3 1.00 Tier A 4-45 0.15 Tier B 46-175 0.08 Tier C 176-315 0.04 Tier D 316+ 0.03
To order, specify the program product number and the appropriate license or charge option. Also, specify the desired distribution medium. To suppress shipment of media, select the license-only option in CFSW.
Ordering information for Value Unit pricing - 5655-N23
Program name: IBM Security zSecure Administration V2.1
Program PID: 5655-N23
Entitlement License option/
identifier Description Pricing metric
S01796C Security zSecure Basic OTC, per Value Unit
Administration
Orderable supply ID Language Distribution medium
S01796B Multilingual 3590 tape cartridge
Subscription and Support PID: 5655-SE4
Entitlement License option/
identifier Description Pricing metric
S017172 Security zSecure Basic ASC, per Value Unit SW S&S
Administration S&S no charge, decline SW S&S
per MSU SW S&S registration
Orderable supply ID Language Distribution medium
S017173 Multilingual Hardcopy publication
Ordering information for Value Unit pricing - 5655-N24
Program name: IBM Security zSecure Compliance and Auditing V2.1
Program PID: 5655-N24
Entitlement License option/
identifier Description Pricing metric
S01796G Security zSecure Compliance Basic OTC, per Value Unit
and Auditing
Orderable supply ID Language Distribution medium
S01796F Multilingual 3590 tape cartridge
Subscription and Support PID: 5655-SE5
Entitlement License option/
identifier Description Pricing metric
S017178 Security zSecure Basic ASC, per Value Unit SW S&S
Compliance and no charge, decline SW S&S
Auditing S&S per MSU SW S&S registration
Orderable supply ID Language Distribution medium
S017179 Multilingual Hardcopy publication
Ordering information for Value Unit pricing - 5655-N25
Program name: IBM Security zSecure Compliance and
Administration V2.1
Program PID: 5655-N25
Entitlement License option/
identifier Description Pricing metric
S01796K Security zSecure Compliance Basic OTC, per Value Unit
and Administration
Orderable supply ID Language Distribution medium
S01796J Multilingual 3590 tape cartridge
Subscription and Support PID: 5655-SE6
Entitlement License option/
identifier Description Pricing metric
S017175 Security zSecure Basic ASC, per Value Unit SW S&S
Compliance and no charge, decline SW S&S
Administration S&S per MSU SW S&S registration
Orderable supply ID Language Distribution medium
S017176 Multilingual Hardcopy publication
Subscription and Support
To receive voice technical support via telephone and future releases and versions at no additional charge, Subscription and Support must be ordered. The capacity of Subscription and Support (Value Units) must be the same as the capacity ordered for the product licenses.
To order, specify the Subscription and Support program number (PID) referenced above and the appropriate license or charge option.
IBM is also providing Subscription and Support for these products via a separately purchased offering under the terms of the IBM International Agreement for Acquisition of Software Maintenance. This offering:
- Includes and extends the support services provided in the base support to include technical support via telephone.
- Entitles you to future releases and versions, at no additional charge. Note that you are not entitled to new products.
When Subscription and Support is ordered, the charges will automatically renew annually unless cancelled by you.
The combined effect of the IPLA license and the Agreement for Acquisition of Software Maintenance gives you rights and support services comparable to those under the traditional ICA S/390® and System z license or its equivalent. To ensure that you continue to enjoy the level of support you are used to in the ICA business model, you must order both the license for the program and the support for the selected programs at the same Value Unit quantities.
Customized Offerings
Product deliverables are shipped only via CBPDO and ServerPac. These customized offerings are offered for Internet delivery in countries where ShopzSeries product ordering is available. Internet delivery reduces software delivery time and allows you to install software without the need to handle tapes. For more details on Internet delivery, refer to the Shopz help information at
You choose the delivery method when you order the software. IBM recom- mends Internet delivery. In addition to Internet and DVD, the supported tape delivery options include:
- 3590
- 3592
Most products can be ordered in ServerPac the month following their availability in CBPDO. z/OS can be ordered via CBPDO and , ServerPac. at general availability. Many products will also be orderable in a Product ServerPac without also having to order the z/OS operating system or subsystem.
Shopz and CFSW will determine the eligibility based on product requisite checking. For more details on the Product ServerPac, visit the Help section on the Shopz website at
Production of software product orders will begin on the planned general availability date.
- CBPDO shipments will begin one week after general availability.
- ServerPac shipments will begin two weeks after general availability.
Back to top
|
|
| Terms and conditions |
|
The information provided in this announcement letter is for reference and convenience purposes only. The terms and conditions that govern any transaction with IBM are contained in the applicable contract documents such as the IBM International Program License Agreement, IBM International Passport Advantage® Agreement, and the IBM Agreement for Acquisition of Software Maintenance.
Licensing
IBM International Program License Agreement including the License Information document and Proof of Entitlement (PoE) govern your use of the program. PoEs are required for all authorized use.
Agreement for Acquisition of Software Maintenance
The following agreement applies for Software Subscription and Support (Software Maintenance) and does not require customer signatures:
- IBM Agreement for Acquisition of Software Maintenance (Z125-6011)
These programs are licensed under the IBM Program License Agreement (IPLA) and the associated Agreement for Acquisition of Software Maintenance, which provide for support with ongoing access to releases and versions of the program. These programs have a one-time license charge for use of the program and an annual renewable charge for the enhanced support that includes telephone assistance (voice support for defects during normal business hours), as well as access to updates, releases, and versions of the program as long as support is in effect.
IBM System z Operational Support Services - SoftwareXcel is an option if you desire added services.
License Information form number
Product LI form Document
number number
IBM Security zSecure Admin V2.1 L-KGAS-98F6G8 GI13-2276-00
(5655-N16)
IBM Security zSecure Audit V2.1 L-KGAS-98F68R GI13-2279-00
(5655-N17)
IBM Security zSecure CICS Toolkit V2.1 L-KGAS-98F5YW GI13-2281-00
(5655-N18)
IBM Security zSecure Command Verifier V2.1 L-KGAS-98F5LS GI13-2283-00
(5655-N19)
IBM Security zSecure Visual V2.1 L-KGAS-98F4X8 GI13-2285-00
(5655-N20)
IBM Security zSecure Alert V2.1 L-KGAS-98F5SN GI13-2287-00
(5655-N21)
IBM Tivoli Compliance Insight Manager L-KGAS-98F6K5 GI13-2289-00
Enabler for z/OS V2.1 (5655-N22)
IBM Security zSecure Administration V2.1 L-KGAS-98FPS9 GI13-2291-00
(5655-N23)
IBM Security zSecure Compliance and L-KGAS-98FPYX GI13-2293-00
Auditing V2.1 (5655-N24)
IBM Security zSecure Compliance and L-KGAS-98FQ7G GI13-2295-00
Administration V2.1 (5655-N25)
The program's License Information will be available for review on the IBM Software License Agreement website
Limited warranty applies
Yes
Limited warranty
IBM warrants that when the program is used in the specified operating environment, it will conform to its specifications. The warranty applies only to the unmodified portion of the program. IBM does not warrant uninterrupted or error-free operation of the program or that IBM will correct all program defects. You are responsible for the results obtained from the use of the program.
IBM provides you with access to IBM databases containing information on known program defects, defect corrections, restrictions, and bypasses at no additional charge. For further information, consult the IBM Software Support Handbook found at
IBM will maintain this information for at least one year after the original licensee acquires the program (warranty period).
Program support
Enhanced support, called Subscription and Support, includes telephone assistance, as well as access to updates, releases, and versions of the program as long as support is in effect. You will be notified of discontinuance of support with 12 months' notice.
Money-back guarantee
If for any reason you are dissatisfied with the program and you are the original licensee, you may obtain a refund of the amount you paid for it, if within 30 days of your invoice date you return the program and its PoE to the party from whom you obtained it. If you downloaded the program, you may contact the party from whom you acquired it for instructions on how to obtain the refund.
For clarification, note that for programs acquired under any of IBM's On/Off Capacity on Demand (On/Off CoD) software offerings, this term does not apply since these offerings apply to programs already acquired and in use by you.
Other terms
Volume orders (IVO)
No
IBM International Passport Advantage Agreement
Passport Advantage applies
No
Usage restriction
Yes. Usage is limited to the number of Value Units licensed.
For additional information, refer to the License Information document that is available on the IBM Software License Agreement website
Software Subscription and Support applies
No. For operating system software, the revised IBM Operational Support Services - SoftwareXcel offering will provide support for those operating systems and associated products that are not available with the Software Subscription and Support (Software Maintenance) offering.
This will ensure total support coverage for your enterprise needs, including IBM and selected non-IBM products. For complete lists of products supported under both the current and revised offering, visit
IBM Operational Support Services - SoftwareXcel
Yes
System i® Software Maintenance applies
No
Variable charges apply
Yes
Educational allowance available
Yes. A 15% education allowance applies to qualified education institution customers.
Sub-capacity terms and conditions
For each System z IPLA program with Value Unit pricing, the quantity of that program needed to satisfy applicable IBM terms and conditions is referred to as the required license capacity. Your required license capacity is based upon the following factors:
- The System z IPLA program you select
- The applicable Value Unit Exhibit
- The applicable terms
- Whether your current mainframes are full capacity or sub-capacity
For more information on the Value Unit Exhibit for the System z IPLA program you selected, refer to the Ordering information section.
Program Parent,
number Program name Terms if applicable
5655-N16 IBM Security zSecure Admin z/OS-based NA
5655-N17 IBM Security zSecure Audit z/OS-based NA
5655-N18 IBM Security zSecure CICS Execution-based NA
Toolkit
5655-N19 IBM Security zSecure Command z/OS-based NA
Verifier
5655-N20 IBM Security zSecure Visual z/OS-based NA
5655-N21 IBM Security zSecure Alert Execution-based NA
5655-N23 IBM Security zSecure z/OS-based NA
Administration
5655-N24 IBM Security zSecure Compliance z/OS-based NA
and Auditing
5655-N25 IBM Security zSecure Compliance z/OS-based NA
and Administration
Note: If IBM Security zSecure Alert is ordered as a separate product, sub-capacity charges are Execution-based rather than z/OS-based, as when it is included in one of these solutions.
Full-capacity mainframes
In cases where full capacity is applicable, the following terms apply.
Execution based, z/OS based, full machine based: The required capacity of a System z IPLA program with these terms equals the MSU-rated capacity of the machines where the System z IPLA program executes.
For more information on mainframe MSU-rated capacities, visit
Reference based: The required license capacity of a System z IPLA program with these terms equals the license capacity of the applicable monthly license charge (MLC) program. This MLC program is called the parent program.
Sub-capacity mainframes
In cases where sub-capacity is applicable, the following terms apply.
Execution based: The required capacity of a System z IPLA sub-capacity program with these terms equals the capacity of the LPARs where the System z IPLA program executes.
z/OS based: The required license capacity of a System z IPLA program with these terms equals the license capacity of z/OS on the machines where the System z IPLA program executes.
Reference based: The required license capacity of a System z IPLA program with these terms equals the license capacity of the applicable monthly license charge (MLC) program. This MLC program is called the parent program.
Full machine based: The required license capacity of a System z IPLA program with full machine based terms equals the MSU-rated capacity of the machines where the System z IPLA program executes.
For more information on mainframe MSU-rated capacities, refer to The IBM System z Machines Exhibit , Z125-3901, or visit the Mainframes section of the System z Exhibits website.
For additional information for products with reference-based terms, System z IPLA sub-capacity programs with reference-based terms adds value to the parent program across the environment, regardless of where in the environment the System z IPLA program executes.
An environment is defined as either a single or stand-alone machine or a qualified Parallel Sysplex® . You may have one or more different environments across the enterprise. To determine the required license capacity for each System z IPLA program with referenced-based terms, each environment should be assessed separately.
When a System z IPLA sub-capacity program with reference-based terms is used in a qualified Parallel Sysplex environment, the required license capacity of the System z IPLA program must equal with the license capacity of the parent program across the Parallel Sysplex . Qualified Parallel Sysplex refers to one:
- Where MLC pricing is aggregated across the sysplex
Sub-capacity eligibility
To be eligible for sub-capacity charging on select System z IPLA programs, you must first implement and comply with all terms of either sub-capacity Workload License Charges (WLC) or sub-capacity Entry Workload License Charges (EWLC). To implement sub-capacity WLC or EWLC, a machine must be System z (or equivalent). On that machine:
- All instances of the OS/390® operating system must be migrated to the z/OS operating systems.
- Any licenses for the OS/390 operating system must be discontinued.
- All instances of the z/OS operating systems must be running in z/Architecture® (64-bit) mode.
For that machine, you must create and submit a Sub-Capacity Report to IBM each month. Sub-Capacity Reports must be generated using the Sub-Capacity Reporting Tool (SCRT). For additional information or to obtain a copy of SCRT, visit the System z Software Pricing website
You must comply with all of the terms of the WLC or EWLC offering, whichever is applicable:
- The complete terms and conditions of sub-capacity WLC are defined in the IBM Customer Agreement - Attachment for System z Workload License Charges (Z125-6516).
- The complete terms and conditions for sub-capacity EWLC are defined in the IBM Customer Agreement - Attachment for IBM System z 890 and 800 License Charges (Z125-6587).
Additionally, you must sign and comply with the terms and conditions specified in the amendment to the IPLA contract - Amendment for IBM System z9 and System z Programs Sub-Capacity Pricing (Z125-6929). Once the amendment is signed, the terms in the amendment replace any and all previous System z IPLA sub-capacity terms and conditions.
IBM Getting Started Sub-capacity Pricing for z/OS IPLA Software applies.
Sub-capacity utilization determination
Sub-capacity utilization is determined based on the utilization of an eligible operating system and machine (for example, z/OS running in z/Architecture (64 bit) mode on a System z ((or equivalent) server).
Sub-capacity utilization is determined based on the product's own execution as reported to IBM in accordance with the requirements for reporting sub-capacity utilization for products.
On/Off Capacity on Demand (CoD)
To be eligible for On/Off CoD pricing, you must be enabled for temporary capacity on the corresponding hardware, and the required contract, Attachment for IBM System z On/Off Capacity on Demand (Z125-7883) must be signed prior to use.
Back to top
|
|
| Statement of good security practices |
|
IT system security involves protecting systems and information through prevention, detection, and response to improper access from within and outside your enterprise. Improper access can result in information being altered destroyed or misappropriated or can result in misuse of your systems to attack others. Without a comprehensive approach to security, no IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products, or services to be most effective. IBM does not warrant that systems and products are immune from the malicious or illegal conduct of any party.
Back to top
|
|
| IBM Electronic Services |
|
Electronic Service Agent™ and the IBM Electronic Support web portal are dedicated to providing fast, exceptional support to IBM Systems customers. The IBM Electronic Service Agent tool is a no-additional-charge tool that proactively monitors and reports hardware events, such as system errors, performance issues, and inventory. The Electronic Service Agent tool can help you stay focused on your company's strategic business initiatives, save time, and spend less effort managing day-to-day IT maintenance issues. Servers enabled with this tool can be monitored remotely around the clock by IBM Support all at no additional cost to you.
Now integrated into the base operating system of AIX® V5.3, AIX V6.1, and AIX V7.1, Electronic Service Agent is designed to automatically and electronically report system failures and utilization issues to IBM , which can result in faster problem resolution and increased availability. System configuration and inventory information collected by the Electronic Service Agent tool also can be viewed on the secure Electronic Support web portal, and used to improve problem determination and resolution by you and the IBM support team. To access the tool main menu, simply type smitty esa_main, and select Configure Electronic Service Agent . In addition, ESA now includes a powerful Web user interface, giving the administrator easy access to status, tool settings, problem information, and filters. For more information and documentation on how to configure and use Electronic Service Agent , refer to
The IBM Electronic Support portal is a single Internet entry point that replaces the multiple entry points traditionally used to access IBM Internet services and support. This portal enables you to gain easier access to IBM resources for assistance in resolving technical problems. The My Systems and Premium Search functions make it even easier for Electronic Service Agent tool-enabled customers to track system inventory and find pertinent fixes.
Benefits
Increased uptime: The Electronic Service Agent tool is designed to enhance the Warranty or Maintenance Agreement by providing faster hardware error reporting and uploading system information to IBM Support. This can translate to less wasted time monitoring the symptoms, diagnosing the error, and manually calling IBM Support to open a problem record. Its 24 x 7 monitoring and reporting mean no more dependence on human intervention or off-hours customer personnel when errors are encountered in the middle of the night.
Security: The Electronic Service Agent tool is designed to be secure in monitoring, reporting, and storing the data at IBM . The Electronic Service Agent tool securely transmits either via the Internet (HTTPS or VPN) or modem, and can be configured to communicate securely through gateways to provide customers a single point of exit from their site. Communication is one way. Activating Electronic Service Agent does not enable IBM to call into a customer's system. System inventory information is stored in a secure database, which is protected behind IBM firewalls. It is viewable only by the customer and IBM . The customer's business applications or business data is never transmitted to IBM .
More accurate reporting: Since system information and error logs are automatically uploaded to the IBM Support center in conjunction with the service request, customers are not required to find and send system information, decreasing the risk of misreported or misdiagnosed errors. Once inside IBM , problem error data is run through a data knowledge management system and knowledge articles are appended to the problem record.
Customized support: Using the IBM ID entered during activation, customers can view system and support information in the My Systems and Premium Search sections of the Electronic Support website at
My Systems provides valuable reports of installed hardware and software using information collected from the systems by Electronic Service Agent . Reports are available for any system associated with the customer's IBM ID. Premium Search combines the function of search and the value of Electronic Service Agent information, providing advanced search of the technical support knowledgebase. Using Premium Search and the Electronic Service Agent information that has been collected from your system, customers are able to see search results that apply specifically to their systems.
For more information on how to utilize the power of IBM Electronic Services, contact your IBM Systems Services Representative, or visit
Back to top
|
|
| Prices |
|
Pricing information is available through the IBMLink website. Registered external customer and IBM Business Partners can access IBMLink for product information. Authorization is required. To view pricing information, visit
For software prices, select "Look up IBM System z software prices (ESWPrice)" under "Prices." Specify "Price type," "Search type," and "Search value," then click "Search." Note: Enter program number in the "Search value."
Variable charges: The applicable processor-based one-time charge will be based on the group of the designated machine on which the program is licensed for use. If the program is designated to a processor in a group for which no charge is listed, the charge of the next higher group listed applies. For movement to a machine in a higher group, an upgrade charge equal to the difference in the then-current charges between the two groups will apply. For movement to a machine in a lower group, there will be no adjustment or refund of charges paid.
IBM Global Financing
IBM Global Financing offers competitive financing to credit-qualified customers to assist them in acquiring IT solutions. Offerings include financing for IT acquisition, including hardware, software, and services, from both IBM and other manufacturers or vendors. Offerings (for all customer segments: small, medium, and large enterprise), rates, terms, and availability can vary by country. Contact your local IBM Global Financing organization or visit
IBM Global Financing offerings are provided through IBM Credit LLC in the United States, and other IBM subsidiaries and divisions worldwide to qualified commercial and government customers. Rates are based on a customer's credit rating, financing terms, offering type, equipment type, and options, and may vary by country. Other restrictions may apply. Rates and offerings are subject to change, extension, or withdrawal without notice.
Financing from IBM Global Financing helps you preserve cash and credit lines, enables more technology acquisition within current budget limits, permits accelerated implementation of economically attractive new technologies, offers payment and term flexibility, and can help match project costs to projected benefits. Financing is available worldwide for credit-qualified customers.
For more financing information, visit
Back to top
|
|
| Order now |
|
To order, contact the Americas Call Centers or your local IBM representative, or your IBM Business Partner.
To identify your local IBM representative or IBM Business Partner, call 800-IBM-4YOU (426-4968).
Phone: 800-IBM-CALL (426-2255)
Fax: 800-2IBM-FAX (242-6329)
Internet: callserv@ca.ibm.com
Mail: IBM Teleweb Customer Support
ibm.com® Sales Execution Center, Americas North
3500 Steeles Ave. East, Tower 3/4
Markham, Ontario
Canada
L3R 2Z1
Reference: ME001
The Americas Call Centers, our national direct marketing organization, can add your name to the mailing list for catalogs of IBM products.
Note: Shipments will begin after the planned availability date.
Trademarks
zSecure, IMS, z10 and Electronic Service Agent are trademarks of IBM Corporation in the United States, other countries, or both.
IBM, DB2, z/OS, CICS, RACF, z/VM, System z, WebSphere, Tivoli, OMEGAMON, System z9, z9, S/390, Passport Advantage, System i, Parallel Sysplex, OS/390, z/Architecture, AIX and ibm.com are registered trademarks of IBM Corporation in the United States, other countries, or both.
Microsoft is a trademark of Microsoft Corporation in the United States, other countries, or both.
UNIX is a registered trademark of The Open Group in the United States and other countries.
Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both.
Other company, product, and service names may be trademarks or service marks of others.
Terms of use
IBM products and services which are announced and available in your country can be ordered under the applicable standard agreements, terms, conditions, and prices in effect at the time. IBM reserves the right to modify or withdraw this announcement at any time without notice. This announcement is provided for your information only. Additional terms of use are located at
For the most current information regarding IBM products, consult your IBM representative or reseller, or visit the IBM worldwide contacts page
