IBM® Security zSecure™ Alert for RACF makes mainframe security event management and auditing more efficient by providing near real time notification. It enables you to move from point-in-time monitoring to near real-time alerting to help ensure security breaches or mistakes are quickly intercepted. As a result, you can maintain confidentiality, integrity and availability of systems, applications and data.

IBM Security zSecure Alert for RACF monitors and generates near real-time alerts for IBM z/OS®, IBM Health Checker, IBM Resource Access Control Facility (RACF®), CA ACF2 and major sub-systems, including IBM Communications Server, UNIX, IBM Tivoli® Workload Scheduler and sensitive data.

IBM Security zSecure Alert for RACF:

  • Provides a threat knowledge base with parameters based on active configurations
  • Offers a broad range of monitoring capabilities including monitoring sensitive data for misuse
  • Sends critical alerts to enterprise auditing, compliance and monitoring solutions
  • Monitors critical system settings and data and sends alerts if changes are detected
  • Creates near real-time alert messages and offers extensive support for customization to address local security requirements

Provides a threat knowledge base

  • Helps isolate relevant attack patterns and detects multiple types of attacks and configuration threats
  • Includes attack patterns, multiple types of attacks and configuration threats external to the System Management Facilities (SMF) log
  • Helps you take action before others can exploit knowledge of configuration mistakes and attacks

Offers a broad range of monitoring capabilities

  • Helps maintain strong access controls by identifying changes that expose sensitive resources
  • Monitors critical data and aids in maintaining confidentiality, integrity and availability
  • Helps anticipate and avoid potential security policy violations

Sends critical alerts

  • Can automatically send security information to IBM Security QRadar® SIEM, network and enterprise consoles
  • Helps you quickly respond to security incidents that could have significant business impact
  • Include mainframe security events in enterprise-wide monitoring tools, including automation packages

Monitors critical system settings and sensitive data

  • Supports continuous monitoring of critical system settings to detect changes for which there are no event triggers
  • Enables you to configure alerts to notify administrators and management when changes are detected
  • Supports regulatory requirements, including standards such as Payment Card Industry Data Security Standard (PCI-DSS), by monitoring critical system resources and data

Creates near real-time alert messagess

  • Creates custom alerts by copying pre-defined alert configurations
  • Enables alerts to be created and managed by authorized users to enforce separation of duties between implementers and monitoring functions
  • Allows you to specify company resources such as application data, including data sets containing card holder data