News
Abstract
This document describes the documentation updates as a result of the IBM® Security zSecure™ Event Correlation And Compliance Automation Service Stream Enhancement (for APAR numbers OA61058 and OA61059 - April 2021).
Content
The following enhancements were made:
- End-to-end event correlation between IBM® z/OS® Connect, CICS®, and Db2® events
- Support for a new layout of SMF record type 123, subtype 1 (z/OS® Connect records)
- Alerts 1124 (RACF®) and 2124 (CA ACF2) for a TSO logon from an IP address that is not allow-listed
- Support for tape data set sensitivities
- Ability to evaluate STCs through STIG by using a Site Security Plan approach
- More STIG automation (5 controls for CA ACF2, 3 controls for IBM® RACF® and CA Top Secret) and other STIG-related improvements, such as ensuring a result when no objects are evaluated
- More reporting of ICSF settings
- Audit concern for UACC of ID(*) access of ALTER to discrete profiles
- Ability to use CARLa literals for sorting only (NONDISPLAY)
- Ability to sort command output from RECREATE by profile
- Ability to use longer messages and descriptions in alerts
- Ability to show OPERROUT in exploded format
- Performance improvements for zSecure™ support for CA ACF2
The documentation updates apply to 2.4.0 zSecure™ Admin, zSecure™ Audit, and zSecure™ Alert. The following publications were updated:
Note:
| zSecure Messages Guide | Apr21SSE240_zSecMsgsGd.pdf |
| zSecure Admin and Audit for RACF User Reference Manual | Link |
| zSecure Audit for ACF2 User Reference Manual | Link |
| zSecure Audit for Top Secret User Reference Manual | Link |
| zSecure CARLa Command Reference | Link |
| zSecure Alert User Reference Manual | Apr21SSE240_zSecAlert.pdf |
Note:
- Referenced topics that were not changed are not included in these documents. You can find them in the (complete) publication that they apply to.
- The zSecure (Admin and) Audit User Reference Manuals and the zSecure CARLa Command Reference are available to licensed customers only. To access the zSecure™ 2.4.0 licensed documentation, you must sign in to the IBM Security zSecure™ Suite Library with your IBM® ID and password. If you do not see the licensed documentation, your IBM® ID is probably not yet registered. Send a mail to zDoc@nl.ibm.com to register your IBM® ID.
Incompatibility warnings
STIG members renamed
The SCKRCARL member C2RGM420 for control AAMV0420 was renamed from a generic name to a member name that is specific for the External Security Manager (ESM). Note that member C2RGM420 is now obsolete.
STIG members renamed
The SCKRCARL member C2RGM420 for control AAMV0420 was renamed from a generic name to a member name that is specific for the External Security Manager (ESM). Note that member C2RGM420 is now obsolete.
- RACF®: CKAGM420
- CA ACF2: C2AGM420
- CA Top Secret: CKTGM420
Related Information
[{"Type":"none","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU008","label":"Security"},"Product":{"code":"SSPQTM","label":"IBM Security zSecure Admin"},"ARM Category":[{"code":"a8m0z000000GoZlAAK","label":"zSecure Admin->Documentation"}],"Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"2.4.0"},{"Type":"none","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSPN95","label":"IBM Security zSecure Audit"},"ARM Category":[{"code":"a8m0z000000GoYsAAK","label":"zSecure Audit->Documentation"}],"Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"2.4.0"},{"Type":"none","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSPLQS","label":"IBM Security zSecure Alert"},"ARM Category":[{"code":"a8m0z000000GoZHAA0","label":"zSecure Alert->Documentation"}],"Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"2.4.0"},{"Type":"none","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU008","label":"Security"},"Product":{"code":"SSCHPT","label":"IBM Security zSecure Adapters for SIEM"},"ARM Category":[{"code":"a8m0z000000GoYsAAK","label":"zSecure Audit->Documentation"}],"Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"2.4.0"}]
Was this topic helpful?
Document Information
Modified date:
17 May 2021
UID
ibm16440499