Using IBM zERT Network Analyzer

z/OS® Management Facility (z/OSMF) provides a web browser interface for a variety of z/OS system management functions. IBM® zERT Network Analyzer runs as a z/OSMF task and provides a structured interface for analyzing cryptographic protection data about your TCP and Enterprise Extender (EE) traffic that is collected in the form of zERT summary (Type 119 subtype 12) SMF records.

You can use the IBM zERT Network Analyzer task to perform the following functions:
  • Import one of more SMF dump data sets into the IBM zERT Network Analyzer database. As the SMF data set is imported, IBM zERT Network Analyzer extracts information from the zERT Summary SMF records in the data sets and organizes the information into representations of security sessions reported in the SMF records.
    • If the SMF records are written to an SMF data set, the records must be dumped to the data set using the IFASMFDP program.
    • If the SMF records are written to an SMF log stream, the records must be dumped to the data stream using the IFASMFDL program.
    Note: SMF data sets that you intend to import into IBM zERT Network Analyzer must be a cataloged sequential file.
  • Create and run queries to filter the imported security session data by date, system, endpoint or cryptographic protection attributes.
  • Examine the results of your query.
    • The summary view provides an overall view of security sessions organized by endpoint role of the local z/OS system: TCP server, TCP client, or Enterprise Extender (EE) peer.
    • Expand each summary row to examine details about the foreign endpoints that established connections with the local endpoint in the summary row.
    • The security session view provides the cryptographic details about the security sessions that are used by the application connections.
  • Export your query results to a comma-separated values (CSV) format file for additional analysis using a spreadsheet or analysis tool of your choice.

For additional information about using IBM zERT Network Analyzer in z/OSMF, see IBM z/OS Management Facility Configuration Guide.