Release notes
IBM® Security zSecure™ V2.2.0 is available. Read this document to find important installation information. You can also learn about compatibility issues, limitations, and known problems.
For information about the new features for zSecure V2.2.0, see What's new.
For information about the zSecure documentation and steps to obtain the licensed publications, see zSecure documentation.
If you are upgrading from a version of IBM Security zSecure that is older than V2.1.1, also see the Release Information for the versions that you skipped. You can find the documentation for all versions in the IBM Knowledge Center for IBM Security zSecure Suite.
Contents
Announcement
- Prerequisites
- Technical information
- Terms and conditions
- Ordering details
System requirements
Minimum | Advised | |
---|---|---|
Processor | Z800 | IBM System z9® or z10TM Enterprise Class (EC) or z9® or z10™ Business Class (BC) |
Disk space | 300 MB | 450 MB |
Memory | 1 GB | 2 GB |
Supported platforms and applications
- IBM z/OS version 1 release 12 (V1R12) through z/OS version 2 release 2 (V2R2)
- CICS Transaction Server version 3 release 1 (V3R1) through version 5 release 3 (V5R3)
- DB2 version 10 release 1 (V10R1) through DB2 version 11 release 1 (V11R1)
- IMS version 12 (V12) through version 14 (V14)
- WebSphere MQ version 7 release 1 (V7.1) through IBM MQ for z/OS version 8 (V8)
- CA ACF2 release 14 and 15
- CA Top Secret release 14 and 15
- zSecure Visual Client requires Microsoft Windows 7, 8, or 10
- All currently supported versions of WebSphere HTTP server
- Integrated Cryptographic Services Facility (ICSF) is supported up to HCR77B0
- DB2 version 9 release 1 (V9R1)
- IMS V11
Installing IBM Security zSecure
- Installation and deployment: CARLa-driven components
- CICS Toolkit
- Command Verifier
- RACF-Offline: New dynamic RACF interfacing code was added that eliminates the need to install in z/OS SMP/E zone, which simplifies installation.
For a complete installation roadmap on all steps to install, configure, and deploy a new installation of zSecure or an upgrade to zSecure V2.2.0, see the IBM Security zSecure CARLa-Driven ComponentsInstallation and Deployment Guide.
This documentation is available with the product at the IBM Knowledge Center for IBM Security zSecure Suite V2.2.0.
Incompatibility warnings
- Calling CKR4Z directly
- Starting with zSecure V2.2.0,
CKRCARLA is, architecturally, a stub program that might decide in
the future which CARLa engine variant to call based on, for example,
hardware considerations. It currently always invokes the CKR4Z program,
which is a CARLa engine that does not use 64-bit addressing. The CKR4Z
program identifies itself in SYSPRINT and other programs as CKRCARLA.
IBM has published a Statement of Direction that it intends to provide 64-bit addressing in the future. For legal disclaimers, see the announcement. The CKR8Z196 program name is reserved for a potential future variant of the CARLa engine that does use 64-bit addressing.
It is possible to call CKR4Z directly instead of calling CKRCARLA. For RACF or ACF2, you might have to grant extra authorizations to the CKR4Z program:- For RACF, if you consider to call CKR4Z directly, be sure to think about Program Access to Data Sets.
- For ACF2, if you consider to call CKR4Z directly, be sure to think about program pathing.
- zSecure Admin Access Monitor and zSecure Alert
- The C2PACMON and C2POLICE programs now allocate their buffers above the 2 GB boundary. Ensure that the associated started tasks specify a sufficiently large value for the MEMLIMIT to accommodate the required buffer space as specified in their startup parameters.
Limitations and known problems
- Scoping fixes
- When creating scoped reports, system-wide attributes might not
be used to determine if a profile is within your scope. You request
creating scoped reports by selecting View only profiles
you are allowed to change via SETUP VIEW (SE.5)
or specifying SUPPRESS MYACCESS<ADMIN. This issue
occurs, for example, when creating SMF-based reports.
APAR OA49249 has been opened to remediate this unintended change.
Limitations and problems that arise after publication are documented in technotes. Therefore, regularly scan for updates on IBM Security zSecure at IBM's Search support and downloads site. A general documentation technote lists all updates to the documentation of 2.2.0 since availability.
You might also want to scan the following recommended fixes. Some of these fixes introduce new functions and features.