On October 1, 2015 IBM issued a Statement of Direction about providing 64-bit addressing support in IBM Security zSecure. This support has now become available as a Service Stream Enhancement (SSE) to zSecure 2.2.0.
64-bit addressing allows the use of memory above the 2GB "bar" implied by addresses consisting of only 31 bits. Besides allowing the program to store and retrieve larger amounts of data, this also frees up memory "below the bar" that can be used by (other) 31-bit addressing programs.
Typical functions in zSecure that benefit from having a lot of memory available include
- processing very large numbers of events from the SMF event log, e.g. as sent on to IBM Security QRadar SIEM;
- analyzing data for many security databases and LPARs at the same time;
- rule-based compliance analysis based on many underlying technical reports;
- analyzing large intervals (possibly a year or more) of access use data, e.g. to identify obsolete permissions.
The SSE also includes enhancements to 31-bit addressing support. Details can be found in this blog entry by Jeroen Tiggelman on the Service Management Connect - System z blog.
The changes apply to all components of zSecure for z/OS except for zSecure CICS Toolkit and zSecure Command Verifier. For the full benefits a z196 or newer hardware is required.
Short URL for this post: http
IBM provides advance notification of End Of Support (EOS) dates allowing customers reasonable time to complete software upgrades or to refresh appliance products. To view upcoming EOS dates by product segment, click a link in the list below.
Important EOS Announcement: Effective July 31, 2016 IPS firmware versions prior to 4.6.1 will reach End of Support.
View all IBM Software EOS announcements for 2016 and 2017.
Q: What are the major Support Lifecycle milestones?
A: The major Support Lifecycle milestones are:
Q: How do you determine if your installed software is still supported?
A: Search by product name or keyword using the Supp
Q: What happens when EOS is announced?
A: Often, there is a newer version of the software available for download. In most cases, you’ll have sufficient time to plan for and install the latest version. For more information on the lifecycle stages, including EOS, view this short YouTube video on the IBM
Q: What is the standard version format for IBM Software products?
A: The full product version is expressed by a four-digit code known as the IBM Version, Release, Modification and Fix Level structure, or VRMF. View this Technote for additional information and description of each element. You may also find this Glossary of product support and maintenance terms helpful.
Q: Where can you view additional details on product updates or replacement information?
A: Using the Support Lifecycle Search, search for your product, select View for details and click the EOS announcement link to view Repl
Q: What are your options if you are unable to upgrade or refresh your current products before the EOS date?
A: You can request a Support Extension. Support Extensions are available for Customers who are unable to migrate to a supported version, release or appliance platform prior to EOS. For more information, visit the IBM
Q: How do you stay connected for future product announcements?
A: There are several ways to receive product announcements:
Q: How can you connect with IBM Security on social media?
A: Follow us on Twitter - http
Q: Where can you find more information on IBM Support policies?
A: You can view and download the IBM
The IBM Support Lifecycle Policy sets forth the minimum length of time IBM will provide security content and technical support for a product version and release. Click the applicable product segment link below to view the Support Lifecycle Policy.
It provides currency support for:
* z/OS 2.2
It extends support for these security standards:
* Security Technical Implementation Guide (STIG) 6.24
* Payment Card Industry Data Security Standard (PCI-DSS) 3.1
It provides extended integration capabilities with:
* IBM Security QRadar SIEM
* IBM Security Identity Governance
* IBM Integrated Cryptographic Services Facility
Details can be found on the Service Management Connect - System z blog
in this blog entry by Jeroen Tiggelman.
Earlier this month IBM Systems Magazine published an article by Joel Tilton
Note you can also navigate from there to Joel's earlier article on achieving PCI compliance for FTP.
You might also be interested in the Redbook
Products discussed include IBM InfoSphere Guardium, IBM Security zSecure, IBM Security QRadar, IBM Security Key Lifecycle Manager, IBM Security Identity Manager, IBM Security Access Manager, and others.
On the System z Management blog, Jeroen Tiggelman has posted a summary of recent RACF password security enhancements.
This blog entry discusses the corresponding updates to nearly all zSecure products for all releases in standard support, and also explains how related updates can be found for other products and components, such as IMS, CICS and JES3.
Links are provided to technotes made available by the RACF and zSecure teams containing more extensive documentation.
zSecure 2.1.1 has been announced with the following products...
... and the following solutions
Please refer to this blog entry on System z Management for details on the solutions.
All zSecure products support RACF. zSecure Audit and Adapters for QRadar SIEM support CA-ACF2 and CA-Top Secret. zSecure Alert supports CA-ACF2.
You might also be interested in this article on 50 years of mainframe security.
Edit: Updated zSecure for z/VM release from 1.11.1; 1.11.2 became available on March 13, 2015.
Edit: The latest zSecure for z/OS release is zSecure 2.2.
zSecure 2.1.1 has been announced on July 15, 2014, with a planned availability date of September 5, 2014.
This announcement includes a new product IBM
More details about the various integrations between zSecure and QRadar SIEM can be found in this blog entry by Jeroen Tiggelman on the Service Management Connect - System z blog.
You might also be interested in what else is new
In this demo
You might also be interested in.....
Get the latest on IBM security intelligence and big data. Use IBM solutions to uncover actionable insights into modern, advanced data threats. Read this whitepaper and learn about:
In this demo
Bravo shows how QVM can be used to filter out vulnerabilities that have not experienced traffic recently and how to filter out vulnerabilities based on whether there are virtual patch rules in place on the IPS systems to block exploitation of the vulnerability. He shows how QVM can read Security Information and Event Management (SIEM) data to prioritize the vulnerability instances that have actually experienced exploit traffic. He also demonstrates how QRadar Risk Manager (QRM) can be used to generate policy-based risk assessments on the infrastructure and use those assessments to further prioritize the security team's work. Finally, he demonstrates QVM's ability to assign vulnerability management to members of the IT security team and track remediation activities. \
You might also be interested in.....
Use IBM security intelligence and big data solutions to uncover actionable insights into modern,advanced data threats. Read the white paper and learn about understanding and identifying advanced threats, expanding visibility with QRadar Security Intelligence, and security Intelligence with InfoSphere® BigInsights™.
Over at the Read
You might also be interested in:
In this paper we discuss ways to identify and protect against internal threats through a combination of robust foundational controls, intelligent reporting, and management tools.
Read the white paper to learn about:
-- the evolution of insider threats
On April 15th, IBM's key subject matter experts in IT Security forensics will be hosting a webinar to introduce the new QRadar Incident Forensics offering.
With the introduction of the new IBM Security QRadar Incident Forensics, the IBM security intelligence platform adds to its repertoire to not only detect security incidents and offenses, but also fully retrace the incident or offense, maximize the productivity of available security resources and even improve the detection of emerging threats or risky behaviors.
From the event description:
Time is of the essence, especially when attempting to prevent, detect and respond to security breaches. IT security teams require the ability to attain context around an attack to establish direction, prioritize and improve the efficacy of a security inve
Marc van Zadelholl
If you want see a concise history of the past three years of IT Security incidents, you need to download the IBM
As you can tell by the change in colors as you scan the graphic from left to right, the industry is starting to get a handle on DDoS atacks and SQL injection attacks, while attack types based on physical access to machines and distribution of malware are becoming more common. As noted in the report:
"The declines in vulnerabilities demonstrated at the end of 2013 in both XSS and SQL injection could indicate that developers are doing a better job at writing secure web applications, or possibly that traditional targets like content management systems (CMSs) and plug-ins are maturing as older vulnerabilities have been patched. As noted, XSS and SQL injection exploitation continue to be observed in high numbers, indicating there are still legacy systems or other unpatched web applications that remain vulnerable. This is expected, considering there are many thousands of blogs and other websites run by individuals who may not have the skills or awareness to update to later versions of their platform or framework."
The other thing to note in the graphic is that the overall number of incidents overall impact of IT security incidents aren't exactly going down, so it seems there is still plenty of job security in the IT security arena in 2013.
"More than half a billion records of personally identifiable information such as names, emails, credit card numbers, and passwords were leaked in 2013 -- and these incidents show no signs of stopping."
That's the headline message in the Thr
Jose Bravo has posted a ne
Shahnawaz Backer has published a how-to guide on how
From the abstract:
"This article highlights the configuration necessary for bonding―or teaming―the Network Interface Card (NIC) for the QRadar Security Information and Event Management (SIEM) appliance. It addresses topics related to high availability of the QRadar SIEM appliances and is intended for administrators in charge of maintaining those appliances."
You might also be interested in...
Protect your critical assets with an integrated, cost-effective approach to vulnerability assessments and risk management.
Read this white paper to learn:
Download "Managing security risks and vulnerabilities."