IBM Security zSecure Audit integration with Guardium Vulnerability Assessment
JeroenTiggelman 27000186A5 Visits (730)
Integration between IBM
zSecure Audit analyzes the protection of DB2 objects by RACF and internal security and makes these available to Guardium. Guardium includes new entitlement reports and delivers over 60 new vulnerability tests.
Mainframes continue to be the home for mission critical information and essential business production applications in many organizations due to the strong heritage of integrated security support capabilities across hardware, operating system, software and applications. In addition, many industries have security standards and compliance regulations such as HIPAA (Health Insurance Portability and Accountability Act) for healthcare, PCI-DSS (Payment Card Industry-Data Security Standards) for retail, and SOX (Sarbanes-Oxley Act) and others for financial institutions that require special security controls and auditing.
IBM Security zSecure builds on security provided in z/OS and Resource Access Control Facility (RACF) to enhance mainframe security capabilities. zSecure 2.1 added deep analysis capabilities for DB2 object access.
IBM InfoSphere Guardium
From the Guardium point of view a new DB2 schema is available that describes the effective access controls of DB2 objects. Guardium will check for the information in this schema within your DB2 subsystem automatically when you ask for a related report. The new vulnerability tests start with "zSecure". This is explained in this tech talk.
zSecure provides a number of jobs to help you set up this DB2 schema in your DB2 subsystem and to load the data into it by invoking zSecure Audit to perform the analysis of the DB2 access control lists, including the effects of both external (RACF) and internal security. This is described in a Technote "Dat
To benefit from this integration the following is required:
on the zSecure side:
on the Guardium side:
* IBM InfoSphere Guardium 9
* Patch 100 for this version to upgrade it to release 9.1
Learn more about new mainframe security capabilities at IBM