RACF ポリシーを適用して、メインフレーム環境のセキュリティーを保護
IBM Security zSecure Command Verifier は、内部エラーや非準拠コマンドによって引き起こされるセキュリティー・ブリーチ (抜け穴) および監査失敗のリスクを軽減するのに役立ちます。
- IBM RACF® に基づいて積極的にポリシー・コンプライアンスを適用します。
- 非準拠の RACF コマンドの実行を防止することで、データベースの汚染を低減します。
- RACF データベースのクリーンアップ時間を排除し、監査に関わる問題を減らすことで、プログラミングおよび管理のリソースを節約できます。
- 内部エラーや非準拠コマンドによって引き起こされるセキュリティー・ブリーチおよび監査失敗のリスクを軽減します。
- 危険なコマンドの実行時にアラートを発して、障害のリスクを軽減できるように支援します。
- 製品の旧称は IBM Tivoli zSecure Command Verifier です。
- サポートされるオペレーティング・システム: z/OS
製品について
ご購入 IBM Security zSecure Command Verifier
初年度の IBM ソフトウェア・サブスクリプション & サポートは製品価格に含まれています。
ご購入には諸手続きが必要になりますので、弊社窓口までお問い合わせください。
| Features | Advantages | Benefits |
|---|---|---|
| Supports policy definitions to provide mandatory and default values when RACF does not provide appropriate defaults. | Automates the process of ensuring mandatory values are used and prohibiting inappropriate default values. | Enables preventative controls for important policy and naming requirements to improve your security posture. |
| Prevents noncompliant administrative command execution. | Automatically verifies command keywords against your specified policies as soon as a RACF command is issued —from Time Sharing Option (TSO), Interactive System Productivity Facility (ISPF), batch jobs, or the operator console. | Proactively enforces compliance on RACF to help reduce the risks of security breaches and database "pollution." |
| Command Audit Trail feature stores changes to profiles in the RACF database. | Easily discover when a change to a profile was made and which administrator issued a particular command. | Eliminates labor intensive searches and investigation of log files and guessing about which changes occurred and by who. |
| Independent installation on all systems on which you want to enforce policies. | Implemented as part of the RACF Common Command Exit as a standard RACF application programming interface (API). | Eliminates designing, coding and maintaining assembler routines to handle parsing of keywords. You can use it independently of Security zSecure suite solutions and as an add-on to other third-party RACF tools that lack this functionality. |
| Grant users granular access to specific commands they would normally be unable to access. | Allows selective distribution of command access. | By providing access to the specific commands users require to do their jobs, you reduce the risks associated with accidental or malicious actions of privileged users. |
Business benefits
Mainframe policy enforcement solution adds granular controls for RACF to help prevent errors and noncompliant commands.
-
インフラストラクチャー保護
- IBM Endpoint Manager for Mobile Devices
- IBM Security Network Active Bypass
- IBM Security Network Controller
- IBM Security Network Intrusion Prevention System for Crossbeam
- IBM Security Network Intrusion Prevention System
- IBM Security Network Intrusion Prevention System Virtual Appliance
- IBM Security zSecure Admin
- IBM Security zSecure Alert for ACF2
- IBM Security zSecure Alert for RACF
- IBM Security zSecure Alert
- IBM Security zSecure Audit for ACF2
- IBM Security zSecure Audit for RACF
- IBM Security zSecure Audit for Top Secret
- IBM Security zSecure Audit
- IBM Security zSecure CICS Toolkit
- IBM Security zSecure Command Verifier
- IBM Security zSecure Suite
- IBM Security zSecure Visual
- Tivoli Endpoint Manager for Core Protection
- Tivoli Endpoint Manager for Patch Management
- Tivoli Endpoint Manager for Security and Compliance
- Tivoli Security Information and Event Manager
- Tivoli Security Management for z/OS
- Tivoli zSecure Manager for RACF z/VM
- IBM Security zSecure Admin
- IBM Security zSecure Alert
- IBM Security zSecure Alert for ACF2
- IBM Security zSecure Alert for RACF
- IBM Security zSecure Audit
- IBM Security zSecure Audit for ACF2
- IBM Security zSecure Audit for RACF
- IBM Security zSecure Audit for Top Secret
- IBM Security zSecure CICS Toolkit
- IBM Security zSecure Command Verifier
- IBM Security zSecure Visual
- Tivoli zSecure Manager for RACF z/VM