Vanguard Offline™

Vanguard Offline is a simulation-testing application that allows security administrators to test and evaluate the impact of new commands before being implemented in a production environment.

More Audit & Compliance Products

Provides complete collection of reporting and system events to enable powerful forensic analysis.

Delivers expert-level vulnerability assessments of z/OS Security Server configuration controls and settings with the ability to produce audit results in minutes.

Automates review of current z/OS Security Server configurations against prevailing standards to include DISA STIG, NIST and DB2 hardening standards and Vanguard Best Practices dramatically reducing personal cost and time to verify compliance.

Provides continuous monitoring of security controls with an automated process to compare your current z/OS Security Server configuration controls against the previously established baseline.

An easy-to-use toolkit that provides Authentication, Authorization and Accounting for enterprises extending security database to their applications.

Performs millions of critical compliance checks to guarantee adherence to Vanguard and IBM z/OS Security Server and RACF best practices

Dramatically reduces security risks and improves regulation compliance, minimizing the need for expensive remediation, while increasing staff productivity

Vanguard Offline allows detailed reporting of how resources are accessed including, who, when, where, and what level of authority. This allows for complete and accurate remediation of excessive or inappropriate access to resources.

  • Do you have a method for simulation testing prior to implementation in a production environment?
  • How do you know what impact your changes will have on the company or users?
  • Do you have a method to report on how resources were accessed, including who, when, where, and what level of authority they have?



  • Offline captures the authentication requests including the ones designated as bypass, Vanguard has the ability to show those liabilities.
  • Automates tests and analyzes how new z/OS Security Server commands will impact users and processes before those commands are executed in a production environment.
  • Uses actual z/OS Security Server authorization and authentication requests as input to the verification engine resulting in avoidance of operational disruption while making changes to the z/OS Security Server.



  • Security administrators can execute commands against a copy of their database as if against a production system and analyze the potential impact of the new commands and all consequences thereof.
  • Collects and aggregates all security decisions into a database.
  • Produces a wide-range of usage reports for auditors and security administrators.
  • Provides complete accounting of all authorization requests.
  • Provides a simple method for remediation of elevated access and authorities.
  • Offline addresses PCI DSS 10.1, 10.2, 10.3, 10.4, 10.5, and 10.6.