A Service Stream Enhancement to zSecure 2.3.0 has been released.
This provides enhanced ACF2 support:
* analysis of protection of CICS transactions
* mapping of z/OS UNIX UIDs and GIDs to ACF2 logonids and groups
* user interface extensions (divisions; installation defined LID fields)
And enhanced compliance features:
* easy checking of individual DB2 object permissions
* automatically tagging data sets with multiple sensitivities
* reporting improvements
And more zERT connection encryption data is sent to IBM QRadar SIEM
You can find technical details on the Service Management Connect - System z blog, in this entry.
Jeroen Tiggelman posted a sum
The new checks are centered around CA-ACF2 data set related controls.
An overview of all available compliance controls can be found in an updated technote.
You might also be interested in rece
On October 1, 2015 IBM issued a Statement of Direction about providing 64-bit addressing support in IBM Security zSecure. This support has now become available as a Service Stream Enhancement (SSE) to zSecure 2.2.0.
64-bit addressing allows the use of memory above the 2GB "bar" implied by addresses consisting of only 31 bits. Besides allowing the program to store and retrieve larger amounts of data, this also frees up memory "below the bar" that can be used by (other) 31-bit addressing programs.
Typical functions in zSecure that benefit from having a lot of memory available include
- processing very large numbers of events from the SMF event log, e.g. as sent on to IBM Security QRadar SIEM;
- analyzing data for many security databases and LPARs at the same time;
- rule-based compliance analysis based on many underlying technical reports;
- analyzing large intervals (possibly a year or more) of access use data, e.g. to identify obsolete permissions.
The SSE also includes enhancements to 31-bit addressing support. Details can be found in this blog entry by Jeroen Tiggelman on the Service Management Connect - System z blog.
The changes apply to all components of zSecure for z/OS except for zSecure CICS Toolkit and zSecure Command Verifier. For the full benefits a z196 or newer hardware is required.
Release 1.11.2 of IBM
This release of zSecure for z/VM includes the zSecure Compliance Testing Framework that was first made available for z/OS in release 1.13.1. It also has many small applicable enhancements parallel to the 1.13.1, 2.1, and 2.1.1 releases. A summary is available on the Service Management Connect blog.
Jeroen Tiggelman posted a summ
An overview of all available compliance controls can be found in a new technote.
If you are planning maintenance for zSecure, you might also want to read up on recent updates to redu
You might also be interested in Issu
You might also be interested in the video How
IBM Security QRadar Vulnerability Manager helps redefine how IT security teams collect and use vulnerability assessment data by identifying your organization's largest exposures and building a smarter remediation and mitigation action plan. It adds enhanced scanning and analysis capabilities to QRadar SIEM, letting users correlate scan results with the security intelligence data of QRadar SIEM. The most security-conscious benefits QVM adds to a protection portfolio is a high level of automation that makes it easy for the security officer to quickly prioritize the vulnerabilities that present the greatest potential dangers and avoid false positives or those already classified as non-threatening -- scans are automatically triggered, launched as the result of network behavior or programmed to run at regularly scheduled intervals against either all components or just a specified subsegment of assets.
The recent developerWorks article An architectural view of QRadar Vulnerability Manager provides a strong first look at how QVM works and interacts with existing security systems.
In one way, mainframe environments are just like server environments; they are increasingly exposed to the Internet. In a more important way, though, they are different -- they have more complex security requirements than many server systems. Security intelligence -- a single view of threats, automated assistance, deeper experiential insight, and real-time detection -- is the component that allows these two factors to meet and merge into a meaningful solution.
Here are two painlessly short articles that can jumpstart your journey into understanding and implementing an intelligent security policy and mechanism tailored to meet the complex requirements of the mainframe environment:
IT infrastructures are managed by privileged users -- administrators, operators, and managers with escalated rights to manage business-critical resources such as databases, network devices, and applications -- who need to be centrally managed and protected. Security regulations and industry standards tightly control data security and the privileged accounts that can access that data. Maintaining and demonstrating compliance with these standards demand appropriate control and handling of privileged accounts. Learn how to address these issues with IBM Security Privileged Identity Manager, as documented in the IBM Redpaper, "Man