IBM Security zSecure Audit integration with Guardium Vulnerability Assessment
JeroenTiggelman 27000186A5 Comment (1) Visits (11720)
Integration between IBM
zSecure Audit analyzes the protection of DB2 objects by RACF and internal security and makes these available to Guardium. Guardium includes new entitlement reports and delivers over 60 new vulnerability tests.
Mainframes continue to be the home for mission critical information and essential business production applications in many organizations due to the strong heritage of integrated security support capabilities across hardware, operating system, software and applications. In addition, many industries have security standards and compliance regulations such as HIPAA (Health Insurance Portability and Accountability Act) for healthcare, PCI-DSS (Payment Card Industry-Data Security Standards) for retail, and SOX (Sarbanes-Oxley Act) and others for financial institutions that require special security controls and auditing.
IBM Security zSecure builds on security provided in z/OS and Resource Access Control Facility (RACF) to enhance mainframe security capabilities. zSecure 2.1 added deep analysis capabilities for DB2 object access.
IBM InfoSphere Guardium
IBM Guardium Vulnerability Assessment helps ensure the security, privacy and integrity of information in your data center by scanning for vulnerabilities and identifies exposures. Guardium also provides entitlement reports that show you who has access to a particular resource.
From the Guardium point of view a new DB2 schema is available that describes the effective access controls of DB2 objects. Guardium will check for the information in this schema within your DB2 subsystem automatically when you ask for a related report. The new vulnerability tests start with "zSecure".
zSecure provides a number of jobs to help you set up this DB2 schema in your DB2 subsystem and to load the data into it by invoking zSecure Audit to perform the analysis of the DB2 access control lists, including the effects of both external (RACF) and internal security.
To benefit from this integration the following is required:
on the zSecure side:
on the Guardium side:
* IBM InfoSphere Guardium 9
* Patch 100 for this version to upgrade it to release 9.1
If you have any questions, please post them here or on the zSecure forum.