Configure IBM z/OS Encryption Readiness Technology (zERT) Network Analyzer

To use IBM z/OS Encryption Readiness Technology (zERT) Network Analyzer, you must configure it as described in this topic.

Dependencies on other z/OSMF services

None.

Security setup

To assist you with performing the security setup, IBM provides the sample security job IZUNASEC in SYS1.SAMPLIB.

Do the following:
  1. Make a copy of the IZUNASEC job.
  2. Review and edit the job, if necessary.
  3. Submit the job as a batch job on your z/OS system.

Ensure that the IZUNASEC job completes with return code 0000. To verify, check the results of the job execution in the job log, for example, by using SDSF.

Host system customization

If you selected to configure IBM z/OS Encryption Readiness Technology (zERT), you have additional system customization to perform, as described in the following sections:

Db2 for z/OS customization for the IBM zERT Network Analyzer task

The IBM zERT Network Analyzer task stores and queries SMF data in a Db2 for z/OS database. Before you can use the task, this database must be created in a suitable Db2 for z/OS subsystem and the connectivity information for the database must be configured in the IBM zERT Network Analyzer.

Requirement: A given IBM zERT Network Analyzer database must only be accessed by one IBM zERT Network Analyzer plug-in at a time. Concurrent access to a single database by more than one zERT Network Analyzer plug-in will generate unpredictable results.
Procedure:
  1. Determine the local resource requirements and location for the IBM zERT Network Analyzer database.

    Your DBA decides which Db2 for z/OS subsystem contains the IBM zERT Network Analyzer database objects. The DBA also decides which specific Db2 for z/OS resources need to be allocated for these objects.

  2. Create the IBM zERT Network Analyzer database.

    Your DBA should use the sample database schema tooling (IZUZNADx members) in the SYS1.SAMPLIB dataset to create the database for your environment. See below for more information on this tooling.

  3. Define the IBM zERT Network Analyzer database user ID (the z/OS user ID that is permitted to connect to, store data into, and query data in the IBM zERT Network Analyzer database).
  4. Collect the connectivity information required to connect the IBM zERT Network Analyzer service with the Db2 database. This information is necessary for the steps below.

Connect IBM zERT Network Analyzer task with the Db2 for z/OS database

You must provide the IBM zERT Network Analyzer task with Db2 for z/OS database connectivity information before using the task for any additional functions.

Procedure:
  1. Start the IBM zERT Network Analyzer task. The first time that you start the task, you are directed immediately to the Database Settings page.
  2. Enter the database connectivity information that is provided to you by the DBA as part of completing the procedure in Db2 for z/OS customization for the IBM zERT Network Analyzer task.
    Note: After you save the connectivity information, the IBM zERT Network Analyzer task restarts, using the configuration information.

Optional extensions to this service

None.