Home

Z software

Z security

zSecure

Manager for RACF z/VM

 IBM zSecure Manager for RACF z/VM
Enhance RACF network security management in a VM environment
Threat Intelligence Report 2024
People at IBM mainframe showcase

Power up your VM Network management

IBM® zSecure Manager for RACF® z/VM® simplifies the complex security administration and IT compliance issues inherent in a virtual machine environment such as IBM z/VM, which is used in cloud infrastructure and critical applications.
Automate routine tasks

Simplify security administration tasks with easy one-step actions, no RACF knowledge required.
Minimize mainframe threats

Quickly assess z/VM data, detect threats, fix issues, and rank issues by audit priority.
Have a single source of truth

Merge security rules from different databases and rename IDs within the same database.
Verify security effectiveness

Perform—when merging—extensive consistency checks and report potential conflicts.

Program directory for IBM zSecure Manager for RACF z/VM

This program directory is intended for the system programmer responsible for program installation and maintenance. It contains information about the materials and procedures associated with the installation of IBM zSecure Manager for RACF z/VM.

 Download the program directory

Designed for your needs

Simplify security administration through automation Read and update the RACF database directly from an OS-formatted disk or a copied database. Query file access and special users' password changes. Analyze System Management Facility (SMF) data from live or archived sources. Quickly view and interact with live event information.
Analyze RACF profiles to get fast answers Identify RACF issues on z/VM such as missing definitions and inconsistencies to address security threats. Monitor privileged users to confirm proper account deletions and product integration, preventing vulnerabilities for exploitation.
Lower breach risks with automated analysis and reporting Detect and block unauthorized admin commands that can modify or delete all profiles in their area. Validate command keywords instantly against set policies to prevent user mistakes, even if commands are from batch jobs or the operator console.
Customize reports to meet your specific needs Report capabilities include generating reports in XML, importing data into databases and reporting tools, and viewing data in Microsoft Internet Explorer or Excel. Managers can sort, annotate and centrally distribute audit reports to decentralized groups.
Merge security rules from different databases Copy or move users, groups, resources, applications or whole databases, and rename IDs within the same database. Produce reports in email format daily, on a custom schedule, only when specific events occur or when there is a security breach. Modify displays and reports by using CARLa Auditing and Reporting Language (CARLa).
Support external files of existing data Filter external supplementary information from existing data sources and corporate applications (such as unit, department and personnel data) and present it alongside the technical data from z/VM and IBM RACF in automatically generated reports.
Simplify security administration through automation Read and update the RACF database directly from an OS-formatted disk or a copied database. Query file access and special users' password changes. Analyze System Management Facility (SMF) data from live or archived sources. Quickly view and interact with live event information.
Analyze RACF profiles to get fast answers Identify RACF issues on z/VM such as missing definitions and inconsistencies to address security threats. Monitor privileged users to confirm proper account deletions and product integration, preventing vulnerabilities for exploitation.
Lower breach risks with automated analysis and reporting Detect and block unauthorized admin commands that can modify or delete all profiles in their area. Validate command keywords instantly against set policies to prevent user mistakes, even if commands are from batch jobs or the operator console.
Customize reports to meet your specific needs Report capabilities include generating reports in XML, importing data into databases and reporting tools, and viewing data in Microsoft Internet Explorer or Excel. Managers can sort, annotate and centrally distribute audit reports to decentralized groups.
Merge security rules from different databases Copy or move users, groups, resources, applications or whole databases, and rename IDs within the same database. Produce reports in email format daily, on a custom schedule, only when specific events occur or when there is a security breach. Modify displays and reports by using CARLa Auditing and Reporting Language (CARLa).
Support external files of existing data Filter external supplementary information from existing data sources and corporate applications (such as unit, department and personnel data) and present it alongside the technical data from z/VM and IBM RACF in automatically generated reports.
Technical details Technical specifications

IBM zSecure V2.2.1 updates compatibility with various products, applications and standards, such as CA ACF2, CA Top Secret, IBM® MQ, ICSF, Windows server, PCI-DSS and DISA STIGs.

 Software requirements

An IBM® z Systems® server that can support z/OS® V2.1 or later versions, such as IBM z/OS V1R12, V1R13 and V2R1.

 Hardware requirements

A supported IBM z Systems server that can support z/OS V2.1 or later.

zSecure value assessments

In this three-hour (remote or onsite) engagement, our team reviews your existing utilization of zSecure to ensure ROI for your investments. Assessments are delivered by our top zSecure technical specialists and practitioners who work side by side with your security team, at no cost to you.

For participating, you will receive a report explaining how to optimize your overall security posture. The report will:

  1. Outline our recommended mainframe security end state, including any developments or changes in strategy or environment since implementation
  2. Provide actionable, prioritized recommendations to move from your current state to the desired state
  3. Update your team on the evolving solution set
  4. Show how zSecure can continue being an enabler for your business in the future

Final reports are typically delivered within a week from the end of the assessment.

Resources

IBM Z® security workshops: Basic and advanced

Receive basic and advanced level evaluations to help ensure that your mainframe security framework is following best practices.

 View workshops Mainframe security blog

Learn from Z people sharing their personal, professional and technical stories with Marilyn Thornton, BU executive for Z Mainframe.

 Read the blogs IBM Security zSecure Suite

Get an interactive guide to IBM solutions for managing and maintaining security on the mainframe.

 Read the report Your biggest vulnerability: The privileged user

Find out how to reduce the risk that comes from privileged user errors or malicious external impersonation on mainframes.

 Read the report
Take the next step

Schedule a meeting with an IBM expert to learn more about IBM zSecure Manager for RACF z/VM.

 Join the community
More ways to explore Community Blog Learning Academy Support Documentation Installation and deployment