IBM® Security zSecure™ Alert helps you establish mainframe monitoring as part of your enterprise threat monitoring approach. It monitors for internal and external threats and improper configurations. IBM Security zSecure Alert provides responsive incident management and streamlines audit efforts to reduce security housekeeping on the mainframe, enhance system availability and supplement access controls.

IBM Security zSecure Alert helps you:

  • Maintain data integrity by monitoring critical data.
  • Prevent costly damage with fast, flexible alerts.
  • Gain guidance about countermeasures when a threat is detected.

Maintain data integrity

  • Monitors IBM z/OS®, IBM Resource Access Control Facility (RACF®), IBM DB2®, CA-ACF2, IBM CICS®, IBM IMS™, IBM Communications Server, IBM Health Checker, Linux on IBM System z® and UNIX subsystems.
  • Combines a threat knowledge base with parameters from your active configuration.
  • Detects malicious activity even if it is not recorded in the event log (SMF record) or z/OS system log.
  • Compares activity with recent access patterns to help discover additional threats.
  • Helps you detect multiple types of attacks and configuration threats.

Prevent costly damage

  • Notifies relevant personnel of changes, improper access events and security vulnerabilities.
  • Produces alerts with CARLa Auditing and Reporting Language (CARLa) and can be customized for email, cell phone and pager delivery.
  • Reconfigures selection and layout dynamically from an IBM Interactive System Productivity Facility (ISPF) application.
  • Integrates with other tools, enabling you to send relevant alerts to your central security or network management console.
  • Monitors critical system settings and sends alerts if changes are detected, and can also demonstrate compliance with regulations.

Gain guidance about countermeasures

  • Enables you to predefine and customize a countermeasure using IBM Security zSecure Admin.
  • Sends Write To Operator (WTO) messages to trigger automated operations or issue RACF commands autonomously.
  • Enables you to quickly diagnose and respond to failures or exposures through closed-loop monitoring, intervention and remediation.