IBM Systems Magazine, Mainframe - July/August 2017 - 18

IT TODAY

the subsequent cost this might
introduce. With a little planning,
this wouldn't be an issue. Not only
do flexible rules exist to filter out
unneeded traffic on the server,
Guardium can also offload some
data collection and transmission
processing to IBM z Systems*
Integrated Information Processors (zIIP). With proper tuning,
Guardium clients have seen CPU
overhead on their servers of 1 to 5
percent, depending on what they
want to collect, and some clients
are able to see even less than
1 percent.
Every release, Guardium continues to optimize performance.
In the latest release, 10.1.3,
enhancements are designed
to reduce CPU cost of filtering
collecting object events on the
mainframe server.
For DB2, table-level filtering is
now moved to an earlier stage of
processing, which could significantly reduce overhead and
improve throughput for policy
rules that include tables as filtering
criteria. Internal lab results show
significant, measurable decreases
in both DB2 Class 2 and address
space CPU usage of S-TAP V10.1.3
versus S-TAP V10.0. Total Class 2
time was reduced by up to 37 percent and the address space (started
task) CPU was reduced by up to
38 percent. The improvement
in CPU will vary under different
workloads and environments.
For IMS, users can now filter
out more trusted traffic to reduce
collection of unnecessary events,
such as IMS logical terminals
(LTERM), and specific region
types such as batch processing
regions. For example, a large
bank considers any transaction
from internet/ATM to be secure.
If a teller entered a transaction,
however, the customer would consider it to be non-secured. Adding
LTERM as filter will provide the
bank with the ability to exclude

Figure 3: Member Activity on DB2 System Parameters

Figure 4: FTP Activity on System Data Sets

secure events. Not only does this
improve performance, it simplifies security analysis by reducing
unnecessary noise.
Another new option to reduce
overhead and noise is the ability
to filter by region types. IMS S-TAP
already supports the ability to
filter out batch traffic (i.e., batch
message processing) because it's
considered trusted and low risk.
With this enhancement, administrators can filter out several other
region types including IMS Fast
Path, IMS message processing
programs and CICS*.

Monitoring Capabilities
All of the performance
enhancements in the world are
meaningless without robust
data protection and monitoring
capabilities.
Guardium V10.1.3 is now able
to track and correlate an audit
event across IMS, data sets and
DB2 using a CICS unit of work

identifier. For example, assume
a transaction adds records to a
VSAM data set and then updates
a counter in a DB2 table as part
of the same transaction. Figure 1
(page 17) represents data from a
Guardium report that shows how
these activities can be correlated
using the CICS unit of work
identifier.
In DB2, there's the ability to
immediately block access from
specific users to specific tables or
schemas (see Figure 2, page 17).
Blocking can help organizations
add enhanced protection to data
as well as react immediately to
possible security breaches.
The DB2 collect bind and rebind
events enhancement is requested
by organizations concerned about
bind activity occurring on "locked
down" production systems. Binds
could indicate that someone has
made an unauthorized application
change, and could even indicate
a breach.

18 // JULY/AUGUST 2017 ibmsystemsmag.com

pg 16-19.indd 4

6/15/17 11:05 AM


http://www.ibmsystemsmag.com

Table of Contents for the Digital Edition of IBM Systems Magazine, Mainframe - July/August 2017

Table of Contents
Editor's Desk: Learning About Cognitive Capabilities
Partner PoV: A Clear Picture: IT operational analytics tools can provide a view of management data
Trends: The Connected Mainframe: Java on z Systems delivers portability, security and other benefits
Currents: Keeping Out Risks: Secure Service Containers are a virtual appliance framework for sensitive workloads
IT Today: Protecting Your Crown Jewels: IBM Guardium updates help organizations reduce risk and demonstrate compliance
Feature: Accounting for the Future: Bankwest modernizes its mainframe integration environment with a RESTful API framework and Java
Cover Story: Modeling Machine Learning: Cognitive on IBM z gives clients the tools to make better, faster decisions
Feature: A Thoughtful Pairing: Keeping IBM Machine Learning z/OS next to the data on the mainframe enhances analytics
HotTECH Products
TECH Showcase: Plan for Protection: Five points to consider when preparing for backup and recovery
Hot Topics: Optimized for the Enterprise: IBM Machine Learning for z/OS is supported by Acache Spark
Solutions: JES2MAIL/JES2FTP V5.1, CASI Software; ReACT V5.0, Advanced Software Product Group Inc.; FDR/UPSTREAM Web Portal V2.0.00, INNOVATION Data Processing
Stop Run: Traveling Through Time: IBM archivist assists 'Hidden Figures' movie production with authentic artifacts
Reference Point - Global Events, Education, Resources for Mainframe
2017 Mainframe Solutions Edition
IBM Systems Magazine, Mainframe - July/August 2017 - Intro
IBM Systems Magazine, Mainframe - July/August 2017 - Cover1
IBM Systems Magazine, Mainframe - July/August 2017 - Cover2
IBM Systems Magazine, Mainframe - July/August 2017 - 1
IBM Systems Magazine, Mainframe - July/August 2017 - Table of Contents
IBM Systems Magazine, Mainframe - July/August 2017 - 3
IBM Systems Magazine, Mainframe - July/August 2017 - 4
IBM Systems Magazine, Mainframe - July/August 2017 - 5
IBM Systems Magazine, Mainframe - July/August 2017 - Editor's Desk: Learning About Cognitive Capabilities
IBM Systems Magazine, Mainframe - July/August 2017 - 7
IBM Systems Magazine, Mainframe - July/August 2017 - Partner PoV: A Clear Picture: IT operational analytics tools can provide a view of management data
IBM Systems Magazine, Mainframe - July/August 2017 - 9
IBM Systems Magazine, Mainframe - July/August 2017 - Trends: The Connected Mainframe: Java on z Systems delivers portability, security and other benefits
IBM Systems Magazine, Mainframe - July/August 2017 - 11
IBM Systems Magazine, Mainframe - July/August 2017 - 12
IBM Systems Magazine, Mainframe - July/August 2017 - Currents: Keeping Out Risks: Secure Service Containers are a virtual appliance framework for sensitive workloads
IBM Systems Magazine, Mainframe - July/August 2017 - 14
IBM Systems Magazine, Mainframe - July/August 2017 - 15
IBM Systems Magazine, Mainframe - July/August 2017 - IT Today: Protecting Your Crown Jewels: IBM Guardium updates help organizations reduce risk and demonstrate compliance
IBM Systems Magazine, Mainframe - July/August 2017 - 17
IBM Systems Magazine, Mainframe - July/August 2017 - 18
IBM Systems Magazine, Mainframe - July/August 2017 - 19
IBM Systems Magazine, Mainframe - July/August 2017 - Feature: Accounting for the Future: Bankwest modernizes its mainframe integration environment with a RESTful API framework and Java
IBM Systems Magazine, Mainframe - July/August 2017 - 21
IBM Systems Magazine, Mainframe - July/August 2017 - 22
IBM Systems Magazine, Mainframe - July/August 2017 - 23
IBM Systems Magazine, Mainframe - July/August 2017 - 24
IBM Systems Magazine, Mainframe - July/August 2017 - 25
IBM Systems Magazine, Mainframe - July/August 2017 - Cover Story: Modeling Machine Learning: Cognitive on IBM z gives clients the tools to make better, faster decisions
IBM Systems Magazine, Mainframe - July/August 2017 - 27
IBM Systems Magazine, Mainframe - July/August 2017 - 28
IBM Systems Magazine, Mainframe - July/August 2017 - 29
IBM Systems Magazine, Mainframe - July/August 2017 - Feature: A Thoughtful Pairing: Keeping IBM Machine Learning z/OS next to the data on the mainframe enhances analytics
IBM Systems Magazine, Mainframe - July/August 2017 - 31
IBM Systems Magazine, Mainframe - July/August 2017 - 32
IBM Systems Magazine, Mainframe - July/August 2017 - 33
IBM Systems Magazine, Mainframe - July/August 2017 - 34
IBM Systems Magazine, Mainframe - July/August 2017 - 35
IBM Systems Magazine, Mainframe - July/August 2017 - HotTECH Products
IBM Systems Magazine, Mainframe - July/August 2017 - 37
IBM Systems Magazine, Mainframe - July/August 2017 - 38
IBM Systems Magazine, Mainframe - July/August 2017 - 39
IBM Systems Magazine, Mainframe - July/August 2017 - 40
IBM Systems Magazine, Mainframe - July/August 2017 - TECH Showcase: Plan for Protection: Five points to consider when preparing for backup and recovery
IBM Systems Magazine, Mainframe - July/August 2017 - 42
IBM Systems Magazine, Mainframe - July/August 2017 - 43
IBM Systems Magazine, Mainframe - July/August 2017 - 44
IBM Systems Magazine, Mainframe - July/August 2017 - 45
IBM Systems Magazine, Mainframe - July/August 2017 - 46
IBM Systems Magazine, Mainframe - July/August 2017 - 47
IBM Systems Magazine, Mainframe - July/August 2017 - Hot Topics: Optimized for the Enterprise: IBM Machine Learning for z/OS is supported by Acache Spark
IBM Systems Magazine, Mainframe - July/August 2017 - 49
IBM Systems Magazine, Mainframe - July/August 2017 - 50
IBM Systems Magazine, Mainframe - July/August 2017 - 51
IBM Systems Magazine, Mainframe - July/August 2017 - 52
IBM Systems Magazine, Mainframe - July/August 2017 - 53
IBM Systems Magazine, Mainframe - July/August 2017 - Solutions: JES2MAIL/JES2FTP V5.1, CASI Software; ReACT V5.0, Advanced Software Product Group Inc.; FDR/UPSTREAM Web Portal V2.0.00, INNOVATION Data Processing
IBM Systems Magazine, Mainframe - July/August 2017 - 55
IBM Systems Magazine, Mainframe - July/August 2017 - Stop Run: Traveling Through Time: IBM archivist assists 'Hidden Figures' movie production with authentic artifacts
IBM Systems Magazine, Mainframe - July/August 2017 - Cover3
IBM Systems Magazine, Mainframe - July/August 2017 - Cover4
IBM Systems Magazine, Mainframe - July/August 2017 - Reference Point - Global Events, Education, Resources for Mainframe
IBM Systems Magazine, Mainframe - July/August 2017 - 2017 Mainframe Solutions Edition
IBM Systems Magazine, Mainframe - July/August 2017 - SE2
IBM Systems Magazine, Mainframe - July/August 2017 - SE3
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20191112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/relevantz_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2019mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20190102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20181112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20180102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/2018mfse
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20171112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_sesupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20170102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_linuxsupp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20161112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/MainframeSecurity
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20160102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20151112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910_se
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150910
http://www.ibmsystemsmagmainframedigital.com/MFSkills
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506_supp
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20150102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20141112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_gt_201405
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/BigData
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20140102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20131112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910_v2
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20130102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20121112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/buyersguide2013
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20120102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/ibmsystems_mainframe_2012bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20111112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20110102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20101112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100910_bg
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100506
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100304
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20100102
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20091112
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090910
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090708
http://www.ibmsystemsmagmainframedigital.com/nxtbooks/ibmsystemsmag/mainframe_20090506
http://www.nxtbook.com/nxtbooks/ibmsystemsmag/mainframe_20090304
http://www.nxtbook.com/nxtbooks/mspcomm/ibmsystems_mainframe_200901
http://www.nxtbookMEDIA.com