Monitoring and analyzing event logs are critical to risk management and mainframe compliance in z/OS systems and security server environments. Failure to identify an attempted break-in or misuse of a resource can cost an organization millions. Vanguard Advisor for RACF, ACF2 and Top Secret (TSS) is a customizable event-driven engine that provides notifications and real-time reporting on security events and changes to security sub-systems.
• Provides powerful system event reporting
• Advisor’s Active Alerts provides immediate notification of security events
Auditing z/OS system integrity is now easier than ever before. Vanguard Analyzer is a comprehensive system integrity verification and auditing tool, providing z/OS assessment, risk identification and threat analysis, as well as specific instructions on how to fix problems. Vanguard Analyzer has been designed from the ground up to address the complexity of today’s z/OS environment. It provides advanced cybersecurity audit tools and services that auditors require to ensure a high level of z/OS system integrity and security.
• Runs thousands of integrity checks for z/OS Security Server
• Provides file change detection of sensitive corporate data
• Delivers quick find and fix functionality providing direct remediation from a finding
Vanguard Cleanup is a feature of the Vanguard Governance, Risk Management and Compliance (GRC) suite. Vanguard Cleanup generates commands to remove unused profiles, permissions, users and groups from the RACF database using historical RACF requests. Vanguard Cleanup provides maintenance functions that allow you to add and view the various users and/or groups that you excluded from the Vanguard Cleanup process.
• Generates commands to delete (and restore) unused and unwanted profiles
• Produces a wide-range of usage reports for auditors and security administrators
• Analyzes the database to identify and report on all unreferenced or unused RACF entities
• Ability to view Vanguard Offline SURROGAT Class reports
Vanguard Compliance Manager is a mainframe compliance tool that automates vulnerability assessment solutions that assists organizations in passing a Security Readiness Review (SRR) for a z/OS mainframe environment. It eases the auditing burden of an SRR by automating the step-by-step procedures. Vanguard Compliance Manager collects the required information, analyzes the system software installation and configuration accordingly and identifies the vulnerabilities found.
Assists in adherence to:
• Security Technical Implementation Guide (STIG)
• DB2 security checks
• Best practices
• Baseline checks customized to your own regulatory and audit requirements
Vanguard Enforcer is an automated security management solution for z/OS systems that periodically scans critical z/OS system services and RACF security profiles. A Vanguard Enforcer security baseline specifies the precise security implementation that is to be maintained for specified libraries, data sets, resources, users and security-relevant z/OS services.
• Detects and corrects changes to the system that would violate security policies
• Enforcer’s active alerts provides immediate notification of security events
• Monitors system critical resources including the most privileged data sets and programs
Vanguard ez/Integrator is an API (Application Programming Interface) that extends the security capabilities of ESMs on the mainframe. It allows developers to concentrate on writing application code without having to design and maintain an internal security implementation. Vanguard ez/Integrator eliminates redundant security administration activities saving time, money and resources and uses one platform for all of your enterprise-wide authentication and authorization requirements.
• Provides the capability to authenticate user IDs and passwords from many applications
• Allows applications to use the z/OS Security Server to perform authorization checking
• Delivers customizable, mainframe-strength centralized accounting facilities
Vanguard Policy Manager is a cybersecurity audit tool designed to ensure that supported z/OS Security Server RACF commands are compliant with policy. Each command submitted for execution goes through a thorough compliance check to ensure the entire command is compliant with customer enabled Best Practices and Command Policies. The “policy profiles” are created and administered using user-friendly ISPF panels or native z/OS Security Server (RACF) commands.
• Compliance enforcement
• Where possible, modifies commands to be compliant
• Provides and audit trail within the profile of the command history
• Provides pre-defined best practice policies
• Delivers the ability to create and customize user defined policies
Vanguard Privileged Access Monitoring (VPA) monitors Privileged Users, data set and general resource access in both RACF and ACF2, monitors ESM commands, z/OS commands, started tasks and logon/initializations events of interest for security and/or auditing purposes.
• VPA monitors data sets, general resource access, RACF, ACF2, z/OS commands and task
• Specifies selection criteria to narrow the scope of the user’s interest
• VPA will specify criteria, such as data set name, general resource name, and audit attributes
• Specify selected criteria by using the online interface available on the VSS main menu
• The criteria selection process may also be manually created