Deliver IBM z/OS RACF, ACF2, and Top Secret User plus DB2 Access Data
to Your Distributed SIEM in Real Time
CorreLog zDefender™ for z/OS expands the role of your corporate IT security system – whether CorreLog SIEM Correlation Server or other distributed SIEM collector – to include real-time mainframe messages from RACF, ACF2, Top Secret, DB2 accesses, and other important user activity data relevant to network security. Complete your SIEM strategy leveraging this powerful and unique real-time mainframe security management component.
For many large organizations, one or more IBM z/OS mainframes constitutes a strategic capital investment for the most mission-critical applications, processes and data. With security information and event management (SIEM) software platforms existing predominantly in distributed environments, the CorreLog SIEM Agent for z/OS allows organizations to include mainframe event log data for a uniﬁ ed, multi-platform view of enterprise security event data in a single console.
CorreLog zDefender™ for z/OS allows users to view mainframe RACF, ACF2, Top Secret, and DB2 events in real-time, alongside security events from Windows, UNIX, Linux, routers, ﬁrewalls, and other IT assets in an enterprise SIEM system. This not only provides companies with the best possible security in real-time, but also helps ensure regulatory compliance.
zDefender™ is easily configured, allowing users to select from a myriad of events including RACF, TSO Logons, Production Job ABENDs, TCP/IP Connections, FTP File Transfers, Top Secret, ACF2, and DB2/IMS dataset accesses. Out of this event log data, security systems administrators may filter further by sub-categories and receive only the data relevant to security threats. This filtering capability streamlines data flow to SIEM system consoles without compromising network bandwidth.
View mainframe security messages in a standard web browser
with CorreLog zDefender™ Visualizer for z/OS
The zDefender™ Visualizer is an affordable Security Information & Event Management (SIEM) system especially designed and pre-conﬁgured for use by z/OS security administrators and system programmers. It provides point-and-click functionality from a standard web browser into z/OS security and operational events. zDefender™ Visualizer provides dashboard views, event message correlation, and can send text messages as alerts of security events generated from z/OS. More info on zDefender™ Visualizer can be found here.
zDefender™ Visualizer also operates within the constraints of increasing compliance regulations such as PCI DSS, HIPAA, IRS Pub. 1075 FISMA, GLBA, NERC, Sarbanes-Oxley, and many other standards.