zERT Product documentation
Read the zERT documentation to learn about the technical details of zERT:
IBM zERT Network Analyzer is a web-based graphical user interface that z/OS network security administrators can use to analyze and report on data reported in zERT Summary records.
For more hands-on details of IBM zERT Network Analyzer, see IBM zERT Network Analyzer tutorial.
zERT aggregation provides an alternative SMF view of the collected security session data in the form of SMF 119 zERT Summary (subtype 12) records that summarize the repeated use of security sessions by many application connections over time. zERT Summary records are written at the end of each SMF interval. Compared to zERT discovery alone, zERT aggregation can significantly reduce the volume of SMF records while still providing the critical security information.
zERT discovery discovers the network encryption attributes for each TCP and Enterprise Extender connection by positioning the z/OS TCP/IP stack as a central collection and reporting point for the cryptographic protection attributes for TLS, SSL, SSH, and IPSec security sessions.