IBM Systems Magazine, Mainframe - July/August 2017 - 19
Enhanced reporting is available for partitioned data sets (PDS and PDS/E). PDS are used to contain configuration information, so being able to detect changes on a member level is very important. It can now detect whether a member is open for read only or whether it has been deleted, renamed or replaced. Figure 3 (page 18) shows activity on DB2 system parameters (ZPARMs) including adding a new member (NUACCESS), renaming it (ACCESS) and creation and deletion of member TEMP. For data sets, new capability exists to detect and report on FTP activity through z/OS UNIX* System Services (USS). An FTP copy of a file from the mainframe would be indicated as a DATA SET CLOSE as the file is moved to the USS address space before being sent to the FTP client. Figure 4 (page 18) is an example activity report that shows a variety of FTP activity to and from the mainframe server. For IMS, the ability to report on individual high availability logical database (HALDB) partitions is enhanced. For organizations that segregate activity into separate HALDB partitions, they can now create separate reports for those partitions. Reduce Risk and Cost With the huge amounts of valuable data on the mainframe, a single breach could quickly and easily harvest millions of sensitive records. Is the risk to your organization's reputation worth risking your crown jewels? Data protection and privacy regulations require extended reporting capabilities that are expensive to develop and deliver in-house and take valuable and skilled resources away from business-critical tasks. With Guardium for z/OS 10.1.3, data protection and risk miti- gation are enhanced with the addition of capabilities such as blocking and more detailed and granular monitoring. The addition of additional filtering criteria and internal performance optimizations reduce the overall cost of implementing a monitoring solu- tion, especially when weighed against the cost of rolling your own solution. In short, Guardium can help organizations reduce risk, more easily demonstrate compliance, and detect or block threats from inside or outside the organization. Pen Testing to Reveal the Truth About Mainframe Security Monday, July 24 | 10 PT / Noon CT / 1 ET Leverage the tools you already have to see real-time mainframe vulnerabilities in your SIEM or IT SOC. featuring: Mainframe security researcher, Philip Young, will take us through a penetraPhilip Young tion test to expose potential mainframe Information Security Specialist Visa vulnerability and simulate a cyberattack. Amazingly, all the tools he'll be using are free tools found online! Peter Mills of CorreLog will show how Phil's attacks can be easily detected and what those attacks would look like in a SIEM. Peter Mills VP Product Development & Support CorreLog, Inc. Register Today: webcasts.com/ibmsystemsmag sponsored advertising content ibmsystemsmag.com JULY/AUGUST 2017 // 19
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.