IBM zSecure Command Verifier ensures commands that might affect your data are the correct. Your organization’s data is likely one of its most valuable assets. If that data is housed in a mainframe environment, in the interest of information risk management, why not prevent noncompliant administrative commands that can change or delete access. zSecure Command Verifier will automatically authenticate command keywords against your specified policies as soon as a command is issued.
You specify policies using RACF profiles to determine the type of verification and to define actions when a noncompliant command is detected, including prevention of command execution. The tool generates immediate alerts if certain commands are issued, helping to prevent system outages caused when administrators issue incorrect commands. In seconds, zSecure Command Verifier stores changes to profiles in the RACF database, building a record of when a change to a profile was made and which administrator issued the command.
Commands are intercepted as they are entered and compared to your security policy to determine whether or not they should be run.
Retrieve information on changes in seconds, saving hours of log file research and reduce the IT risks associated with accidental or malicious actions performed by privileged users.
Define and specify more focused commands using RACF policy. Generate alerts and grant commands beyond general verifications.
Prevent noncompliant administrative commands from privileged users that can change or delete all profiles within their scope. Automatically verify command keywords against your specified policies as soon as a command is issued to help prevent user errors, regardless of whether the command is initiated from a batch job, or the operator console.
zSecure Command Verifier stores changes to profiles in the RACF database, so you can easily discover when a change to a profile was made and which administrator issued a command. Retrieves information on changes in seconds, saving hours of labor.
Specify policies using RACF profiles to determine the type of verification to be performed and to define actions when a noncompliant command is detected, including prevention of command execution. Generate immediate, near real-time alerts if certain commands are issued, helping to prevent system outages caused when administrators issue incorrect commands. Send messages when commands are changed. Grant user access to specific commands.
- Privileged-user-policy monitoring and enforcement protects data
- Retrieves command information quickly
- Defines and determines different types of IT risk assessments
- Integrates with common IBM platforms
Note that your entitlement to support, if any, is dependent upon your license and/or maintenance agreements for zSecure Command Verifier.
- CA ACF2 and CA Top Secret
- IBM MQ
- IBM Integrated Cryptographic Service Facility (ICSF)
- Windows server
- Payment Card Industry-Data Security Standard (PCI-DSS)
- Defense Information Systems Agency Security Technical Implementation Guides (DISA STIGs)
Requirements: A supported IBM z Systems server that is capable of supporting z/OS V2.1, or later.
- IBM z/OS V1R12
- IBM z/OS V1R13
- IBM z/OS V2R1
A supported IBM z Systems server that is capable of supporting z/OS V2.1, or later.
- Processor: Z800 (minimum); IBM System z9 or z10 Enterprise Class (EC) (recommended)
- Disk space: 300 MB (minimum); 450 MB (recommended)
- Memory: 1 GB (minimum); 2 GB (recommended)