IBM Security Guardium

Edit online

The IBM® Security Guardium® can gather and report information from multiple agents running on multiple z/OS systems.

Note: In environments where multiple agents connect to a common IBM Guardium appliance, the z/OS® agent started task names (AUIASTC, AUILSTC, AUIFSTC) must be unique. Using unique started task names ensures that IBM Security Guardium S-TAP® for IMS™ policies pushed from the IBM Guardium appliance are attributed to, and monitored by, the correct z/OS agent.

IBM Security Guardium functions

The IBM Security Guardium:
  • Provides the user interface, which processes requests and displays the resulting information.
  • Enables you to create collection policies, which specify the types of data to be collected by the agent.
  • Stores the collected data.

IBM Security Guardium and S-TAP agent communication

The IBM Security Guardium and the IBM Security Guardium S-TAP for IMS agent communicate using a TCP/IP connection. The policies you create on the user interface determine which data the agent collects and determine filter information, such as which data sets are to be monitored for data accesses.

IMS batch and Online Data Collectors environment

The IMS batch and Online Data Collectors is a single component that:
  • Monitors DL/I calls from IMS online transactions, BMPs, and DLI/DBB batch jobs
  • Audits IMS control region start-up, shutdown, and user logons
  • Audits several IMS commands including database start/stop, program start/stop, database lock/unlock, program lock/unlock, DBRECOVRY, DBDUMP, and their Type-2 UPDATE commands.