IBM Security zSecure Support invites you to thi
Subject matter experts will be available to answer your questions, which you can ask through web chat during the presentation.
You might also be interested in the latest zSecure Newsletter.
On October 1, 2015 IBM issued a Statement of Direction about providing 64-bit addressing support in IBM Security zSecure. This support has now become available as a Service Stream Enhancement (SSE) to zSecure 2.2.0.
64-bit addressing allows the use of memory above the 2GB "bar" implied by addresses consisting of only 31 bits. Besides allowing the program to store and retrieve larger amounts of data, this also frees up memory "below the bar" that can be used by (other) 31-bit addressing programs.
Typical functions in zSecure that benefit from having a lot of memory available include
- processing very large numbers of events from the SMF event log, e.g. as sent on to IBM Security QRadar SIEM;
- analyzing data for many security databases and LPARs at the same time;
- rule-based compliance analysis based on many underlying technical reports;
- analyzing large intervals (possibly a year or more) of access use data, e.g. to identify obsolete permissions.
The SSE also includes enhancements to 31-bit addressing support. Details can be found in this blog entry by Jeroen Tiggelman on the Service Management Connect - System z blog.
The changes apply to all components of zSecure for z/OS except for zSecure CICS Toolkit and zSecure Command Verifier. For the full benefits a z196 or newer hardware is required.
On February 16, 2016 IBM announced authentication enhancements for z Systems, including a new product IBM Multi-Factor Authentication for z/OS (5655-162), with a planned availability date of March 25, 2016.
IBM z/OS Security Server Resource Access Control Facility (RACF) provided enabling infrastructure updates for z/OS V2R1 and V2R2.
IBM Security zSecure suite provided supporting updates for zSecure 2.1, 2.1.1, and 2.2.
Multi-Factor Authentication raises the level of assurance of mission-critical systems by requiring authentication with multiple factors during the logon process.
Each authentication factor must be from a separate category of credential types:
1) Something you know (e.g. a password or PIN code),
2) Something you have (e.g. an ID badge or a cryptographic key),
3) Something you are (e.g. a fingerprint or other biometric data).
More details can be located through this blog entry by Jeroen Tiggelman on the Service Management Connect - System z blog.
You might also be interested in the zSec
It provides currency support for:
* z/OS 2.2
It extends support for these security standards:
* Security Technical Implementation Guide (STIG) 6.24
* Payment Card Industry Data Security Standard (PCI-DSS) 3.1
It provides extended integration capabilities with:
* IBM Security QRadar SIEM
* IBM Security Identity Governance
* IBM Integrated Cryptographic Services Facility
Details can be found on the Service Management Connect - System z blog
in this blog entry by Jeroen Tiggelman.
z/OS V2R2 was announced on July 28, 2015 with a planned availability date of September 30, 2015.
A summary of the toleration fixes that have been made available for zSecure 1.13.0, 1.13.1, 2.1.0, and 2.1.1 can be found on the Service Management Connect - System z blog.
You might also be interested in the following page that was recently added to the zSecure wiki: Samp
Release 1.11.2 of IBM
This release of zSecure for z/VM includes the zSecure Compliance Testing Framework that was first made available for z/OS in release 1.13.1. It also has many small applicable enhancements parallel to the 1.13.1, 2.1, and 2.1.1 releases. A summary is available on the Service Management Connect blog.
Jeroen Tiggelman posted a summ
An overview of all available compliance controls can be found in a new technote.
If you are planning maintenance for zSecure, you might also want to read up on recent updates to redu
You might also be interested in Issu
Earlier this month IBM Systems Magazine published an article by Joel Tilton
Note you can also navigate from there to Joel's earlier article on achieving PCI compliance for FTP.
You might also be interested in the Redbook
Products discussed include IBM InfoSphere Guardium, IBM Security zSecure, IBM Security QRadar, IBM Security Key Lifecycle Manager, IBM Security Identity Manager, IBM Security Access Manager, and others.
On the System z Management blog, Jeroen Tiggelman has posted a summary of recent RACF password security enhancements.
This blog entry discusses the corresponding updates to nearly all zSecure products for all releases in standard support, and also explains how related updates can be found for other products and components, such as IMS, CICS and JES3.
Links are provided to technotes made available by the RACF and zSecure teams containing more extensive documentation.
zSecure 2.1.1 has been announced with the following products...
... and the following solutions
Please refer to this blog entry on System z Management for details on the solutions.
All zSecure products support RACF. zSecure Audit and Adapters for QRadar SIEM support CA-ACF2 and CA-Top Secret. zSecure Alert supports CA-ACF2.
You might also be interested in this article on 50 years of mainframe security.
Edit: Updated zSecure for z/VM release from 1.11.1; 1.11.2 became available on March 13, 2015.
Edit: The latest zSecure for z/OS release is zSecure 2.2.
zSecure 2.1.1 has been announced on July 15, 2014, with a planned availability date of September 5, 2014.
This announcement includes a new product IBM
More details about the various integrations between zSecure and QRadar SIEM can be found in this blog entry by Jeroen Tiggelman on the Service Management Connect - System z blog.
You might also be interested in what else is new
* European zSecure User Group 2014
* System z Security Conference in Montpellier, France
* GSE UK Conference 2014
* The clock is ticking – zSecure 1.11, end of support date
* Request for Enhancement (RFE) has launched for System z
* zSecure Manager for z/VM – Beta Program Announcement
* UACC of READ and the PROGRAM class
* Recent fixes for zSecure
* CARLa Corner
* Useful Links
This time, the CARLa Corner discusses how to easily verify compliance with a rule that resource profiles must not be owned by individual user IDs.
You might also be interested in the video Main
You might also be interested in the video How
Guus.Bonnes has post
You might also be interested in....
Protect your critical assets with an integrated, cost-effective approach to vulnerability assessments and risk management.
Read this white paper to learn: