IBM® Security zSecure™ Admin enables you to automate recurring, time-consuming security tasks. You can delegate the authority to staff to perform password resets, resume a user and grant specific accesses without granting full administrative privileges to distributed staff. This capability enables frequently requested user support tasks to be managed by the support staff closest to the user, freeing up your security personnel for mission-critical tasks.
Quickly identify and analyze problems in IBM Resource Access Control Facility (RACF®) to minimize threats, such as missing or inconsistent definitions, enabling you to fix or prevent mistakes before they become a threat to security and compliance. You can also monitor privileged users to help ensure old accounts are properly deleted and products have been integrated appropriately. zSecure Admin integrates smoothly with zSecure Audit for end-to-end monitoring and remediation.
The RACF-offline function can be used in a variety of circumstances, such as combining workloads from newly acquired companies or providing a simulated RACF environment to aid in release-to-release RACF migrations. zSecure Admin can administer multiple systems with a single application interface for fast live data access on all of the selected systems in the enterprise to keep security synchronized.
Compare profiles and efficiently merge security rules from different databases using zSecure Admin. You can copy or move users, groups, resources, applications or whole databases between systems and rename IDs within the same database. When merging profiles from different databases, zSecure Admin performs extensive consistency checks and reports potential conflicts before generating commands, helping ease the burden of consolidation efforts.
RACF database usage reporting
zSecure Admin provides capabilities for reporting on actual usage of profiles and authorizations and relates that information to the information defined in the current RACF database. This helps you to understand how profiles and authorizations are being used
in production, while also providing user-to-resource
relationships. Identify unused or obsolete profiles and authorizations in
access control lists, as well as potential identity governance
issues due to over-entitlement.
Scalability for big data systems
zSecure exploits 64-bit storage to enable processing more data. This is especially useful when processing large amounts of events and accesses, or generating reports analyzing many system images at once.