Feature spotlights

Sensitive data and critical systems monitoring

zSecure™ Alert for IBM® Resource Access Control Facility (RACF®) combines a threat knowledge base with parameters from your active configuration, supporting continuous monitoring of critical system settings to detect changes. It helps you maintain strong access controls by identifying changes that expose sensitive resources to anticipate and avoid security policy violations.

Malicious activity detection

zSecure Alert for RACF detects malicious activity external to the event logs. By providing a threat knowledge base, it helps isolate relevant attack patterns and detects multiple types of attacks and configuration threats. It helps you take action before others can exploit knowledge of configuration mistakes and attacks, helping keep your sensitive data and critical systems safe.

Broad range of monitoring capabilities

Monitoring capabilities include IBM z/OS®, RACF, IBM DB2®, CA, ACF2, IBM Customer Information Control System (CICS®), IBM Information Management System (IMS™), IBM Communications Server, IBM Tivoli® Workload Scheduler, IBM Health Checker, Linux on IBM z Systems™ and UNIX subsystems. Monitors critical data and aids in maintaining confidentiality, integrity and availability.

Near real-time alert messages

Creates custom alerts by copying predefined alert configurations. Enables alerts to be created and managed by authorized users to enforce separation of duties between implementers and monitoring functions. Allows you to specify company resources such as application data, including data sets containing card holder data. Comparing real-time activity with recent access patterns, zSecure Alert for RACF can help discover additional threats.

Fast, flexible and critical alerts

Automatically sends security information to IBM Security QRadar® Security Information and Event Management (SIEM), and network or enterprise consoles. Critical alerts help you quickly respond to security incidents that could have significant business impact. Mainframe security events are included in enterprise-wide monitoring tools and automation packets.

Scalability for big data systems

V2.2.1 allows storage above the 2 GB boundary ("the bar") to enable processing of more data. Note that the ability to use more virtual memory can have implications for paging and real storage needs. This also frees up storage below the bar for other programs. With models z196 or higher, 64-bit addressing is activated automatically, though reverting back to 31-bit addressing is optional. You can select the program to run on the second panel of menu option SE.0 (SETUP RUN).