Combining a threat knowledge base with parameters from your active configuration, zSecure for ACF2 supports continuous monitoring of critical system settings to detect changes for which there are no event triggers. You can configure alerts to notify administrators and management when changes are detected. zSecure for ACF2 supports regulatory requirements, including standards such as Payment Card Industry Data Security Standard (PCI-DSS), through monitoring critical system resources and data.
Malicious activity detection
zSecure Alert for ACF2 detects malicious activity ― including attack patterns, multiple types of attacks and configuration threats ― external to the event logs. By providing a threat knowledge base, it helps isolate relevant attack patterns and detects multiple types of attacks and configuration threats. It helps you take action before others can exploit knowledge of configuration mistakes and attacks, helping keep your sensitive data and critical systems safe.
Broad range of monitoring capabilities
Provides monitoring capabilities for IBM z/OS, CA ACF2, IBM DB2®, IBM CICS®, the IBM Communications Server, Linux on z Systems™ and UNIX subsystems. Helps you maintain strong access controls by identifying changes that expose sensitive resources. Monitors your critical data and aids in maintaining confidentiality, integrity and availability. Helps you anticipate and avoid potential security policy violations.
Creates custom alerts by copying pre-defined alert configurations. Enables alerts to be created and managed by authorized users to enforce separation of duties between implementers and monitoring functions. Allows you to specify company resources such as application data, including data sets containing card holder data. Comparing real-time activity with recent access patterns, zSecure Alert for ACF2 can help discover additional threats.
Automatically sends security information to IBM Security QRadar® Security Information and Event Management (SIEM), network and enterprise consoles. Critical alerts help you quickly respond to security incidents that could have significant business impact. Mainframe security events are included in enterprise-wide monitoring tools and automation packets.
Scalability for big data systems
V2.2.1 allows storage above the 2 GB boundary ("the bar") to enable processing of more data. Note that the ability to use more virtual memory can have implications for paging and real storage needs. This also frees up storage below the bar for other programs. With models z196 or higher, 64-bit addressing is activated automatically, though reverting back to 31-bit addressing is optional. You can select the program to run on the second panel of menu option SE.0 (SETUP RUN).