Security Center

Windows-Based Administration - Vanguard SecurityCenter™ is the first Windows-based graphical user interface for IBM's Security Server™ and DB2 security administration.

Running under Windows 2000, 2003, 7 or XP, SecurityCenter is the ideal solution for decentralized security administration. SecurityCenter graphically presents hard-to-find security information, enabling the experienced security administrator to work more efficiently. Point-and-click and drag-and-drop operations replace dozens of native commands. SecurityCenter also provides an easy, intuitive training environment that brings less experienced staff members up to speed quickly.

Administration Complexities

Despite its complexities, IBM's Security Server (RACF) is the leading product used to secure mainframe systems. It was designed to process access requests, not administrative tasks, as quickly as possible. Consequently, security administration tends to focus on individual users, groups, resources and accesses - and not on the overall strategic picture, which is critical to business needs.

Even experienced security personnel find that the Security Server commands can be very involved, often with numerous interrelated parameters.

While the Security Server database contains valuable information, interpreting this data and answering basic questions such as which files a particular user may access - is a very difficult, time-consuming and potentially error prone process.

That's where Vanguard SecurityCenter comes in. With the ease of point-and-click and drag-and-drop functionality, SecurityCenter graphically presents the Security Server data, enabling the experienced security administrator to work more efficiently, while providing an easy, intuitive environment for less experienced staff members.

Administering DB2 Security with Security Server

Although the Security Server can be used to administer DB2 security, it does have drawbacks: The Security Server protects DB2 resources through long profile names that are cumbersome to read and type. DB2 administrators lose the ability to see what an AUTHID (user or group) has access to without running a batch utility. Finally, some DB2 applications, such as QMF, cannot be secured through Security Server.

Vanguard SecurityCenter can be used to administer DB2 resources whether they are protected by native DB2 security or z/OS Security Server. When DB2 resources are protected by native DB2 security, SecurityCenter presents the security information in a format that is intuitive for both Security Server and DB2 administrators.

Easy to Use

SecurityCenter provides all the ease-of-use features you expect from a Windows-based product. This significantly improves the efficiency, accuracy, and speed with which the administrator can complete security administration tasks. A point-and-click replaces what would previously have required numerous Security Server commands. SecurityCenter automatically generates the Security Server and DB2 commands. No Security Server or DB2 syntax knowledge is required.

All SecurityCenter users benefit from the reduced time and effort required to administer their security environment. And as a training tool, novice users benefit greatly from seeing the complete commands generated by SecurityCenter.

Seeing the Big Picture

Using Vanguard SecurityCenter, administrators can see the Security Server group tree structure displayed in a Windows Explorer-like format, allowing them to then expand or collapse the view and restructure it as needed using Windows drag-and-drop. This unified view provides administrators with an unprecedented "Big Picture" of the entire security environment enabling them to make informed choices about implementing a security strategy.

With SecurityCenter, an administrator can even manage multiple RACF databases simultaneously. The SecurityCenter client permits the administrator to have several RACF databases open at once, navigate from one database to another freely, and even issue commands that update multiple databases simultaneously.

Decentralized Administration

Vanguard SecurityCenter permits security administrators to decentralize appropriate tasks to departmental level personnel by offering them a view limited to those users, groups and resources within their responsibility. This can dramatically improve problem resolution. And it removes some of the routine tasks from security administrators, giving them time to concentrate on more important tasks, such as overall security strategy.

Time is Money

In security administration, the time saved by means of automating or simplifying routine tasks directly translates into cost savings. Vanguard SecurityCenter expedites daily Security Server and DB2 security tasks, reducing associated costs and increasing accuracy. Data is entered using familiar Windows-style features such as drop-down lists, radio buttons and check boxes.

Many routine tasks, such as connecting users to groups, can be accomplished automatically by dragging a user icon onto a group icon. SecurityCenter automatically generates the correct commands to accompany each action.

Real-Time Security Information

Vanguard SecurityCenter processes all information in real-time, ensuring that the information being accessed is accurate and up to date. SecurityCenter is aware of all relevant Security Server and DB2 changes, synchronizing information at all times. If changes occur outside of SecurityCenter, such as when privileges are revoked for a user, SecurityCenter captures the alterations instantly. This assures that security administrators always work with the most current information.

Reduced Training Requirements

Vanguard SecurityCenter presents information in an intuitive, easy-to-understand manner and automatically generates all Security Server and DB2 commands. Users enter data by selecting from drop-down lists and by using other Windows facilities. Since no special knowledge of commands or syntax is required, the amount of Security Server or DB2 training and expertise required to effectively administer security is dramatically reduced.

Administration Timesavers

Vanguard SecurityCenter makes administrative tasks easier than ever. Some examples: SecurityCenter can apply revoke/resume changes to all connections of the group or user you're administering instead of one at a time. When you select a general resource class in Resource Explorer, all of its resources will immediately appear on the resource worksheet. Expert users can learn keyboard shortcuts from the help facility for each toolbar button.

Point-and-Click Auditing

Vanguard SecurityCenter enhances the availability of security information by correlating Security Server data both with itself and with DB2 security data. Auditors can hierarchically view all information associated with users and groups without the tedious task of printing and analyzing reports. Using SecurityCenter's point-and-click capabilities, auditors can effortlessly access all user or group information.

For example, with the click of a mouse, an auditor can display the access list for a given resource, another click shows the groups permitted to that resource, and another click displays the connected users.

Obsolete IDs, Delete and Cleanup

Vanguard SecurityCenter identifies obsolete IDs (deleted users and groups) that still appear as owners or on access lists. These obsolete IDs are represented by a special icon alerting the administrator to the situation. SecurityCenter automatically prevents the picking up of an obsolete ID's permissions when a new user or group with the same ID is added.

SecurityCenter automates the cleanup of these "Ghost" ID's by automatically generating all the commands necessary to remove the ownership and permissions.

In any IT organization, the adding, changing and deletion of users is a routine task that is required daily. When a user or group is deleted, SecurityCenter automatically deletes the associated Security Server profiles, DB2 authorities, and Security Server access list entries. This eliminates not only the time-consuming procedure of having to remove each individual occurrence, it also removes the potential security exposure.

Data Correlation, Cross Referencing and Reporting

Although the Security Server database contains all of the information needed to provide security, the information is not readily accessible. Vanguard SecurityCenter provides a unique real-time data correlation, cross referencing and reporting solution by correlating Security Server and DB2 information, providing it instantly to the user at a click of the mouse.

Separate Help Desk and Security Administration Functions

Vanguard SecurityCenter's Help Desk Administration function relieves system administrators of ordinary help desk duties by allowing authorized personnel to perform password resets and replacements without having the system-special or group-special attribute.

Through the Help Desk Administration window, help desk personnel can view significant information about a user without having access to the potentially confidential information displayed in the User Administration window. Read-only fields provide fixed information about a user, and a drop-down calendar simplifies the revoking and resuming of user accesses.

Stability, Recovery and Retry

Vanguard SecurityCenter's client/server architecture utilizes TCP/IP. SecurityCenter recovers from server and client-side TCP/IP and other communication failures, and permits SecurityCenter sessions to continue seamlessly after a failure is corrected.

Vanguard Security Solutions

Vanguard SecurityCenter is part of the comprehensive Vanguard Security Solutions™. This software solution fully integrates the formerly independent functions of security administration, reporting, assessment and monitoring into a single solution - a concept unprecedented in mainframe security.

How It Works:

Vanguard SecurityCenter permits security administrators to decentralize appropriate tasks to departmental level personnel by offering them a view limited to those users, groups and resources within their responsibility. This can dramatically improve problem resolution. And it removes some of the routine tasks from security administrators, giving them time to concentrate on more important tasks, such as overall security strategy.

  • In security administration, the time saved by means of automating or simplifying routine tasks directly translates into cost savings. Vanguard SecurityCenter expedites daily Security Server and DB2 security tasks, reducing associated costs and increasing accuracy.
  • Data is entered using familiar Windows-style features such as drop-down lists, radio buttons and check boxes.
  • Many routine tasks, such as connecting users to groups, can be accomplished automatically by dragging a user icon onto a group icon. Vanguard SecurityCenter automatically generates the correct commands to accompany each action.
  • Vanguard SecurityCenter presents information in an intuitive, easy-to-understand manner and automatically generates all Security Server and DB2 commands. Users enter data by selecting from drop-down lists and by using other Windows facilities.


Terms of Use © 2005 - 2014 Vanguard Integrity Professionals - Nevada All Rights Reserved.