IBM Security zSecure Manager for RACF z/VM 1.11.2
JeroenTiggelman 27000186A5 Visits (12885)
IBM Security zSecure Manager for RACF z/VM 1.11.2 was announced this week at IBM
Mainframes continue to be the home for mission critical information and essential business production applications in many organizations due to the strong heritage of integrated security support capabilities across hardware, operating system, software and applications. In addition, many industries have security standards and compliance regulations such as HIPAA (Health Insurance Portability and Accountability Act) for healthcare, PCI-DSS (Payment Card Industry-Data Security Standards) for retail, and SOX (Sarbanes-Oxley Act) and others for financial institutions that require special security controls and auditing. The Security Technical Implementation Guides (STIGs) from the Defense Information Systems Agency (DISA) are often used by government and commercial customers as technical guidance to "lock down" information systems and software that might otherwise be vulnerable to a malicious computer attack.
IBM Security zSecure for z/OS builds on security provided in z/OS and Resource Access Control Facility (RACF) to enhance mainframe security capabilities. The z/VM mainframe operating system is a hypervisor; z/OS instances can run under z/VM. RACF for z/VM and IBM Security zSecure Manager for RACF z/VM provide additional security capabilities for z/VM to help you secure the entire software stack.
The CARLa Auditing and Reporting Language (CARLa) is the common query language employed by zSecure Admin, zSecure Audit, zSecure Manager for RACF z/VM, zSecure Alert, and zSecure Adapters for QRadar SIEM.
IBM Security zSecure Manager for RACF z/VM 1.11.2 is based on IBM Security zSecure Suite 2.1.1 (for z/OS), thus providing enhancements that were made for zSecure for z/OS 1.13.1, 2.1.0, and 2.1.1 that apply to the z/VM environment.
The most notable of these features is the zSecure Audit Compliance Testing Framework introduced in zSecure 1.13.1 with the extensions to the user interface and configuration options provided by 2.1.0 and 2.1.1, allowing you to define your own security standard and report on compliance with it. A number of RACF STIG compliance controls as employed in zSecure Audit 2.1.1 are provided as CARLa samples.
A summary of the enhancements in this release can be found in the Knowledge Center on the What's New page
zSecure Manager for RACF z/VM 1.11.2 no longer provides service for z/VM V6R1 (which is out of support). Note that z/VM V5R4 is stil supported.
If you are migrating to z/VM V6R3 you should consider migrating to this release. For quintessential toleration support available for zSecure Manager for RACF z/VM 1.11.1 look here.
Data collected on z/VM by IBM Security Manager for RACF z/VM can be processed on z/OS by IBM Security zSecure Admin and Audit. The z/OS products are instrumented to help you view the z/VM data and reports and support combined analysis.
There is no announcement letter for this modification release. You can look at the product page for a description of all available features.
For a description of the previous zSecure Manager for RACF z/VM 1.11.1 release, look here.
If you have any questions, please post them here or on the zSecure forum. You can also visit the zSecure community and wiki. The current zSecure for z/OS release is 2.1.1. The I
Edit: Added link to What's new page
Edits: Added references to z/VM 6.4 and 7.1 compatibility.