IBM Security zSecure 2.1IBM Notable features include: * a user interface to ease rule-based compliance reporting against standards such as DISA-STIG (the Security Technical Implementation Guide from the Defense Information Systems Agency) and GSD331/ISeC (a global services document with security controls documentation from IBM). *automatic collection of DB2 catalog resource data including databases, table spaces, storage groups, sequences, stored procedures, and Java archives, with extensive analysis capabilities for DB2 access control lists for both DB2 internal and external (RACF) security *digital certificate and token management capabilities including certificate templates, advanced search criteria, and extended work flows for improved security and reduced complexity * enhancements to the zSecure Admin Access Monitor component, including for user ID tracking and access simulation to support ID usage reporting and access restructuring * ability to configure site-specific scripts for use from the zSecure Visual (decentral administrator's) user interface
In addition, this release further extends the integration between zSecure and IBM
This release provides currency with z/OS V2R1.
Edit: The original description of the Information Management service stream enhancements to zSecure 2.1 is here. Edit: Details on the PTFs for PCI-DSS rule-based auditing support can be found here. Edit: The service stream enhancement for CICS V5.2, additional DISA-STIG controls and more was first mentioned here. Edit: The latest information on zSecure for z/VM at the time of original publication is here. There is now a newer release. Questions can be posted on the zSecure forum on developerWorks. You can also visit the zSecure community and wiki.
[1] If you have the auto-update feature of QRadar SIEM enabled, the required upgrades to the z/OS DSM should be done seamlessly. |