Vanguard Enforcer™

Vanguard Enforcer provides continuous monitoring of security controls with an automated process to compare your current z/OS Security Server configuration controls against the previously established baseline.

More Audit & Compliance Products

Provides complete collection of reporting and system events to enable powerful forensic analysis.

Delivers expert-level vulnerability assessments of z/OS Security Server configuration controls and settings with the ability to produce audit results in minutes.

Automates review of current z/OS Security Server configurations against prevailing standards to include DISA STIG, NIST and DB2 hardening standards and Vanguard Best Practices dramatically reducing personal cost and time to verify compliance.

An easy-to-use toolkit that provides Authentication, Authorization and Accounting for enterprises extending security database to their applications.

Performs millions of critical compliance checks to guarantee adherence to Vanguard and IBM z/OS Security Server and RACF best practices

A simulation-testing application that allows security administrators to test and evaluate the impact of new RACF commands before implemented in a production environment.

Dramatically reduces security risks and improves regulation compliance, minimizing the need for expensive remediation, while increasing staff productivity

Vanguard Enforcer has options to notify and or automatically correct deviations from the baseline.

  • Enforcer is an intrusion detection system, originally designed at NASA.
  • Do you have an intrusion management solution that protects your critical infrastructure ensuring company security control is not compromised?
  • Is your security personnel notified when the occurrence of a threat is detected and delivered with corrective actions reinforcing approved company security policies?



  • Extensive security checking performed to minimize possible leakage of authentication information.
  • Extensive effort used to minimize the administrative effort required to build the baseline information.
  • Standard z/OS services used to ease installation’s migration to a new system, software or enhancement release.



  • Detects and corrects changes to the system that would violate security policies.
  • Enforcer’s active alerts provides immediate notification of security events or combinations of events.
  • Captures and baselines current security configurations and profiles for future comparison.
  • Monitors system critical resources including the most privileged data sets and programs.
  • Addresses PCI DSS 8.3 and 11.4.