IBM® Security zSecure™ V2.3 suite helps:

• Enhance mainframe security position to better demonstrate compliance with regulations.
• Enhance real-time security intelligence analytics and alerts.
• Enhance identity governance for the mainframe to:
  • Help organizations understand, control, and make business decisions that are related to user access.
  • Assess risks.
• Secure cloud and mobile applications.
• Utilize the inherent security advantages offered by mainframes that include pervasive encryption for enhanced data protection.

This video provides an overview and a demonstration of the IBM Enterprise Key Management Foundation (EKMF), a highly secure key management system for the enterprise.

High volume certificates and encryption keys can be managed centrally and uniformly with Enterprise Key Management Foundation independent of target platforms. EKMF manages keys and certificates for cryptographic coprocessors, hardware security modules (HSM), software implementations like Java key store, ATMs, and point of sale terminals. EKMF offers an intensive support for EMV® chip cards, both for issuers, acquirers, and for card brands.

Duration: 37 minutes

Overview

This course describes audit concerns that IBM® Security zSecure™ Audit reports. The course explains auditing your RACF® database and z/OS subsystems such as CICS, IMS, and DB2. You can measure your security and z/OS system settings against the security requirements of a selected policy level. Also, you learn about an Access Monitor data set containing historic RACF access decisions statistics. This information is used to find profiles, permissions, or connections that are unused and can be removed from the RACF database. Furthermore, you learn reviewing the general SMF and RACF audit settings. This course explains how to use and interpret predefined SMF reports, and how to create customized SMF reports. Finally, the Library and sequential data set status and change analysis functions are explained.

Objectives

• Describe and explain the flow of a security call from z/OS and resource Managers to RACF
• Perform user ID and password audit analysis
• Audit sensitive user IDs and z/OS resources and create audit reports about who can define RACF profiles
• Create audit reports for the CICS, IMS, and DB2 subsystems
• Review the system-wide Audit settings, select and process predefined SMF reports, and define custom SMF reports
• Utilize the Access Monitor reports to clean up the RACF database
• Audit changes to system-sensitive libraries and sequential data sets

Overview

In this workshop, you learn how to maintain a Resource Access Control Facility (RACF®) database with IBM® Security zSecure Admin and monitor the system with IBM Security zSecure Audit. During hands-on exercises, you act as a RACF security administrator for a fictitious company. In this simulated job role, you learn to define a RACF security environment for a specific department.

This workshop teaches the basics of the security administration process and how to implement company security policies and guidelines into specific RACF profile definitions and settings. You learn to verify the quality and validity of the RACF profiles that you define. Finally, you learn how to interpret and report SMF events that the z/OS system logs during the workshop.

Objectives

• Describe the purpose and flow of the RACF management workshop
• Set up a flexible RACF group structure for a department based on PMI security policies and IT guidelines
• Define a departmental security administrator user ID, user IDs for plot writers, verify password quality, and create and refresh an IBM Security zSecure CKFREEZE data set
• Create role-based function groups, resource profiles, and an IBM Security zSecure UNLOAD data set
• Implement role-based access using connections and permissions to the function groups
• Use and explain the various zSecure Admin Verify functions, define a started task, verify started procedures, and manage staff member changes
• Review and, if applicable, maintain RACF audit settings and report and examine SMF records that are logged during this workshop
• Prevent users with OPERATIONS from accessing your PMI departmental data sets
• Clean up RACF profiles and, if applicable, data sets and catalog aliases

This document contains an overview of the IBM Security zSecure job roles, training paths, and the standard zSecure courses that IBM offers for customers.