IBM® Security zSecure® Alert for ACF2 is mainframe security monitoring software designed to provide threat detection and prevention monitoring in real time. It monitors for intruders and improper configurations with alerts and automated commands to counter attacks and configuration mistakes. It helps optimize security event management and audit efforts to reduce security maintenance, enhance system availability and supplement access controls.
IBM Security zSecure Alert for ACF2 is available for IBM z/OS® systems with IBM Resource Access Control Facility (RACF®) or CA ACF2.
IBM Security zSecure Alert for ACF2:
- Provides a threat knowledge base with parameters based on active configurations
- Offers a broad range of monitoring capabilities, including monitoring sensitive data for misuse
- Sends critical alerts to enterprise auditing, compliance and monitoring solutions
- Monitors critical system settings and sensitive data and sends alerts if changes are detected
- Provides flexibility to extend monitoring and alerting and offers support for customization to address local security requirements
Provides a threat knowledge base
- Helps isolate relevant attack patterns and detect multiple types of attacks and configuration threats
- Includes attack patterns, multiple types of attacks and configuration threats external to the System Management Facilities (SMF) log
- Helps you take action before others can exploit knowledge of configuration mistakes and attacks
Offers a broad range of monitoring capabilities
- Provides monitoring capabilities for IBM z/OS, CA ACF2, IBM DB2®, IBM CICS®, the IBM Communications Server, Linux on z Systems™ and UNIX subsystems
- Helps maintain strong access controls by identifying changes that expose sensitive resources
- Monitors critical data and aids in maintaining confidentiality, integrity and availability
- Helps anticipate and avoid potential security policy violations
- Sends critical alerts
- Can automatically send security information to IBM Security QRadar® SIEM, network and enterprise consoles
- Helps you quickly respond to security incidents that could have significant business impact
- Include mainframe security events in enterprise-wide monitoring tools, including automation packages
Monitors critical system settings and sensitive data
- Supports continuous monitoring of critical system settings to detect changes for which there are no event triggers
- Enables you to configure alerts to notify administrators and management when changes are detected
- Supports regulatory requirements, including standards such as Payment Card Industry Data Security Standard (PCI-DSS), through monitoring critical system resources and data
Provides flexibility to extend monitoring and alerting
- Creates custom alerts by copying pre-defined alert configurations
- Enables alerts to be created and managed by authorized users to enforce separation of duties between implementers and monitoring functions
- Allows you to specify company resources such as application data, including data sets containing card holder data