RACF Services
RACF PCI Assessment
A RACF PCI Assessment is an in-depth assessment showing how well your z/OS RACF controls have been, or have not been, configured to comply with the PCI Data Security Standards. Our team of RACF PCI experts will work with and educate your security administrators on what is expected from them to be PCI compliant. Vanguard will deliver a “customizable” document that will be maintained by you and can be used to demonstrate your compliance with the annual Report on Compliance (ROC) that is prepared by your Qualified Security Assessor (QSA).
This review is the most intensive z/OS RACF assessment for PCI compliance that is available in the marketplace today. The review of each PCI requirement includes supporting documentation, policy statements, reference materials, comments and recommendations that will demonstrate PCI compliance to your auditors and assessors. PCI remediation and retainer services are also available.
RACF Security Assessment
This offering is typically a 3 to 5 day assignment per database. The objective is to identify security vulnerabilities through interviews with RACF security personnel and analysis of existing RACF environment. The deliverable is a document identifying potential security exposures and vulnerabilities. At the conclusion, our consultant reviews the assessment findings with the client and provides recommendations for enhancing their RACF security environment.
RACF Migration Assessment
These assessments are typically 3-day assignments per database. The objective is to learn as much about the ACF2/TSS and OS/390 environments as possible through personal interviews with staff members and by gathering data from the ACF2/TSS database. We also identify elements in the ACF2/TSS environment that will complicate the conversion process for the ACF2/TSS environment. The deliverable is a statement of work for migrating the client from ACF2/TSS to RACF.
RACF Migration Services
Vanguard offers the most comprehensive program in the world for migration from ACF2/TSS to RACF. Our specialists help clients properly implement RACF protocols according to "best practices" methodologies and processes. Vanguard is one of the world's few vendors certified to use IBM's ACF2 and Top Secret Migration Utilities. We use these utilities in addition to our own unique security assurance software tools to deliver a complete migration that is unobtrusive and efficient as possible. A RACF Migration Assessment typically PRECEDES this offering.
Using RACF to protect SDSF Resources
This is a very complex implementation requiring five RACF General Resource Classes. At Vanguard we have developed an automated methodology to provide a quick and accurate implementation of RACF profiles to replace the SDSF ISFPARMS security parameters and put security enforcement where it belongs for SDSF; namely in the hands of the RACF Security team. Vanguard professional services consultants will work shoulder to shoulder with your RACF Security team to accomplish this transition.
DB2 to RACF Security Migration
Vanguard offers a comprehensive program for migration from DB2 internal Grant/Revoke security to RACF security. Our specialists help clients properly implement RACF protocols according to "best practices" methodologies and processes. Vanguard's specialists have extensive experience using the IBM DB2 to RACF Conversion Utility in addition to our own unique security assurance software tools to deliver a complete migration that is unobtrusive and efficient as possible. A full day class on DB2 security for DBAs and RACF administrators is part of the migration services.
