IBM Security zSecure 2.1 support for CICS 5.2, additional DISA-STIG compliance checks, and usability enhancements
On June 13, 2014 IBM Background Mainframes continue to be the home for mission critical information and essential business production applications in many organizations due to the strong heritage of integrated security support capabilities across hardware, operating system, software and applications. IBM Security zSecure suite builds on the security support in z/OS and Resource Access Control Facility to enhance mainframe security capabilities.
The Security Technical Implementation Guide from the Defense Information Systems Agency provides a framework for ensuring that security is set up properly. IBM zSecure Audit helps automate compliance control points belonging to this standard as well as for the Paym
Benefits
The following updates are provided: These features apply to zSecure Audit for RACF and zSecure Audit for ACF2. Some features apply to zSecure Admin and zSecure Audit for Top Secret as well. Some of the underlying capabilities can be used in other components of the zSecure suite through the CARLa Auditing and Reporting Language (CARLa) though not exploited in the product 'out of the box'.
Documentation updates have been provided in a Technote. This Technote furthermore adds documentation on how to exploit zEnt
Prerequisites To fully benefit from these enhancements the following is required:
* IBM Security zSecure 2.1, or one of the zSecure Compliance and Auditing solutions The exploitation of zEnterprise Data Compression also described in the TechNote does not require any updates to zSecure. IBM Security zSecure CICS Toolkit 2.1 works with CICS V5R2 without modifications.
Migration The zSecure Audit Compliance Testing Framework has been extended with a new configuration member in the CKACUST customization data set. The job CKAZCUST to populate a CKACUST data set has been upgraded and this revised job can be re-run on an existing one prior to using option AU.R (rule-based compliance reporting) again. For best results the new member should be revised to conform to the installation's needs.
Further reading
This is the 4th service stream enhancement for zSecure 2.1. You can find the description of the new functions in the previous ones here:
Learn more about new mainframe security capabilities at the S
Note: The Migration section was added after original publication. |