News
Abstract
This document describes the documentation updates as a result of the Service Stream Enhancement (SSE) for MQ auditing, compliance automation, Command Audit Trail, and other enhancements (APAR numbers OA59807, OA59823, OA59861, and OA59862).
Content
- MQ auditing:
- New report types:
- MQ_AUTHINFO to report on MQ authentication information objects.
- MQ_CHLAUTH to report on MQ channel authentication records.
- The MQ_REGION reports show the following:
- Authentication information object for user ID and password authentication.
- Certificates that the queue manager and queue sharing group use.
- Presence of various switch profiles.
- The MQ_CHANNEL report type identifies the security exit and the user data that is passed to it, as well as the channel's certification label.
- The disposition of inbound transmissions has been added to the MQ_INIT reports.
- New report types:
- STIG controls:
- Automation of more STIG controls: 17 for RACF, 8 for ACF2, and 8 for Top Secret.
- Equivalents of STIG controls RACF0570 and RACF0580 that allow for password phrases in addition to passwords are provided in the zSecure Extra standard.
- General improvements for checking general access and logging requirements.
- Command Verifier:
- Various enhancements have been made to the Command Audit Trail.
- Multiple commands can now be specified in a pre-command or post-command policy profile.
- Selection on audit and global audit settings are added to the RA.D and RA.R menu options.
- Db2 102 IFCid 106 events (Security parameters at start-up/reload) are now sent to IBM QRadar SIEM and Micro Focus ArcSight.
- Performance improvements are made for ACF2 TRUSTED reporting.
- ICSF settings are added to the IPL parameters report.
- Automatic sensitivities are added, for example, for inaccessible LPA or linklist libraries.
- New fields FALLBACK_DATASET and FALLBACK_DATASET_VOLSER are added to the SENSDSN report type to identify secondary, duplex, or backup RACF data sets.
Link to PDF file in IBM Security zSecure Suite Library | Open PDF file directly (unlicensed publications only) |
---|---|
zSecure CARLa-Driven Components Installation and Deployment Guide | SSE_V240_July'20-Installation.pdf |
zSecure Messages Guide | SSE_V240_July'20-MsgGd.pdf |
zSecure Command Verifier User Guide | SSE_V240_July'20-CmdVer.pdf |
zSecure Admin and Audit for RACF User Reference Manual | (Licensed publication) |
zSecure Audit for ACF2 User Reference Manual | (Licensed publication) |
zSecure Audit for Top Secret User Reference Manual | (Licensed publication) |
zSecure CARLa Command Reference | (Licensed publication) |
- The revision bars in the margin indicate updates since publication of the zSecure Service Stream Enhancement (SSE) for Further Automation Of DISA STIG Resource Controls And Other Enhancements (OA59004, OA59006) on April 11, 2020.
- Referenced or linked topics that have not changed are not included in this document. You can find them in the publication that the chapter applies to.
- The zSecure (Admin and) Audit User Reference Manuals and the zSecure CARLa Command Reference are available to licensed clients only. To access the zSecure V2.4.0 licensed documentation, sign in to the IBM Security zSecure Suite Library with your IBM ID and password. If you do not see the licensed documentation, your IBM ID is probably not yet registered. Send a mail to zDoc@nl.ibm.com to register your IBM ID.
STIG members renamed for controls AAMV0410 and AAMV0420
Original member name | Renamed for RACF systems | Renamed for ACF2 systems | Renamed for Top Secret systems |
C2RGM410 | CKAGM410 | C2AGM410 | CKTGM410 |
C2RGM420 | CKAGM420 | C2AGM420 | CKTGM420 |
Within a string literal crossing a line boundary, if a continuation line starts with an SO character, optionally preceded by Single-byte Character Set (SBCS) space characters, lines immediately preceding this line are trimmed away if they entirely consist of SBCS spaces. Trailing SBCS spaces in the line before these blank lines, if any, are trimmed away as well. If the trimmed line ends with an SI character and the continuation line starts with an SO character, these SI and SO characters are trimmed away, too.
For more information, see section "Syntax rules" in zSecure CARLa Command Reference.
Related Information
OA59807: IBM Security zSecure enhancements for MQ auditing, compliance automati…
OA59823: IBM Security zSecure enhancements for MQ auditing, compliance automati…
OA59861: IBM Security zSecure Command Verifier enhancements for command audit t…
OA59862: IBM Security zSecure Command Verifier enhancements for command audit t…
zSecure V2.4.0 documentation on IBM Knowledge Center
IBM Security zSecure Suite Library V2.4.0
Blog: IBM Security zSecure 2.4: MQ auditing, Command Audit Trail, compliance au…
Product Synonym
zSecure
Was this topic helpful?
Document Information
Modified date:
05 October 2020
UID
ibm16241394