IBM zERT Network Analyzer

z/OS® Management Facility (z/OSMF) V2R3 with APAR PH03137, provides a new plug-in named IBM® zERT Network Analyzer. IBM zERT Network Analyzer is a web-based graphical user interface that z/OS network security administrators can use to analyze and report on data reported in zERT Summary records.

z/OS V2R3 Communications Server introduced a new feature called z/OS Encryption Readiness Technology (zERT). zERT positions the TCP/IP stack to act as a focal point for collecting and reporting the cryptographic security attributes of IPv4 and IPv6 TCP and Enterprise Extender (EE) connection traffic that is protected using the TLS/SSL, SSH and IPSec cryptographic network security protocols. Connection data is written to z/OS System Management Facility (SMF) in two new SMF type 119 records:
  • zERT Connection Detail (subtype 11) records are written on a per-connection basis to record the cryptographic protection history of a given TCP or EE connection.
  • zERT Summary (subtype 12) records are written on a per-security-session basis at the end of each SMF interval to summarize the repeated use of security sessions during the interval.
z/OS Management Facility (z/OSMF) V2R3 is enhanced by APAR PH03137 to provide a new plug-in named IBM zERT Network Analyzer. IBM zERT Network Analyzer is a web-based graphical user interface that z/OS network security administrators can use to analyze and report on data reported in zERT Summary records.

To get a quick start with IBM zERT Network Analyzer, see IBM zERT Network Analyzer tutorial.

Dependency:
  • You must have installed z/OSMF V2R3 APARs PH04391 and PH00712 to use IBM zERT Network Analyzer.
  • The IBM zERT Network Analyzer task requires Db2® 11 for z/OS and above.
Table 1. IBM zERT Network Analyzer
Task/Procedure Reference
Enable collection of zERT Summary (SMF Type 119 subtype 12) SMF records
  • Enable zERT Aggregation function by specifying the GLOBALCONFIG ZERT AGGREGATION statement.
  • Direct zERT aggregation to write the zERT Summary SMF records to the System Management Facility (SMF) by specifying the SMFCONFIG TYPE119 ZERTSUMMARY statement.
  • Enable the recording of type 119 records, and optionally define the SMF interval duration, in your SMF parmlib member.
Dump the collected zERT Summary records to a sequential data set using the IFASMFDP or IFASMFDL program
  • Use IFASMFDP for SMF data sets
  • Use IFASMFDL for SMF log streams
 z/OS MVS System Management Facilities (SMF)
Enable the IBM zERT Network Analyzer plug-in in z/OSMF by adding ZERT_ANALYZER to the PLUGINS statement. IZUPRMxx reference information in IBM z/OS Management Facility Configuration Guide
Authorize the user IDs that will be using IBM zERT Network Analyzer Updating z/OS for the IBM zERT Network Analyzer plug-in in IBM z/OS Management Facility Configuration Guide
Create the proper Db2 for z/OS database definitions to use with IBM zERT Network Analyzer Updating z/OS for the IBM zERT Network Analyzer plug-in in IBM z/OS Management Facility Configuration Guide
Start the z/OSMF IBM zERT Network Analyzer plug-in
  • When using the z/OSMF traditional view, expand the Analysis category in the navigation area, and select IBM zERT Network Analyzer.
  • When using the z/OSMF desktop view, click the IBM zERT Network Analyzer icon.
Import the dumped zERT SMF Summary records into IBM zERT Network Analyzer IBM zERT Network Analyzer online help, Analysis category under the IBM z/OS Management Facility online help
Analyze the imported zERT Summary data using IBM zERT Network Analyzer query and reporting functions IBM zERT Network Analyzer online help, Analysis category under the IBM z/OS Management Facility online help
To find all related topics about IBM zERT Network Analyzer, see Table 2.
Table 2. All related topics about IBM zERT Network Analyzer
Book name Topics
z/OS Communications Server: IP Configuration Guide
z/OS Communications Server: IP Programmer's Guide and Reference
IBM z/OS Management Facility Configuration Guide
IBM zERT Network Analyzer online help Messages: IZUETXXXXX