SecureSphere Agent for z/OS Modernization Guide

SecureSphere Agent for z/OS provides real-time auditing of DB2 activity on z/OS systems. It acts as an adapter for the SecureSphere auditing software, leveraging Tomium Activity Monitor for DB2 to capture and analyze database interactions.

This is an application that extends the capabilities of SecureSphere to the z/OS platform. It integrates with existing DB2 subsystems and provides a mechanism for auditing and reporting on database activity.

Organizations that require strict auditing and compliance for their DB2 databases on z/OS. This includes industries such as banking, finance, insurance, and government where regulatory requirements are stringent.

Consider SecureSphere Agent for z/OS when you need real-time visibility into DB2 activity on your z/OS systems, especially for compliance or security monitoring purposes. It is also useful when you already have SecureSphere deployed in other environments and want to extend its coverage to the mainframe.

Alternatives include native DB2 auditing features, other third-party DB2 auditing tools, and general-purpose security information and event management (SIEM) systems. However, SecureSphere Agent for z/OS offers specific integration with the SecureSphere platform and Tomium Activity Monitor for DB2.

SecureSphere Agent for z/OS requires a z/OS environment with DB2 installed. It also requires the SecureSphere platform to be present for centralized management and reporting. Tomium Activity Monitor for DB2 is a key component for capturing DB2 activity.

Yes, SecureSphere Agent for z/OS runs in an LPAR under z/OS. It is dependent on the z/OS operating system and interacts with DB2 subsystems.

The agent communicates with the SecureSphere management server using standard network protocols. It also interacts with DB2 using DB2 APIs and interfaces. Tomium Activity Monitor for DB2 captures DB2 activity and forwards it to the agent.

The main components include the SecureSphere Agent, Tomium Activity Monitor for DB2, and the SecureSphere management server. The agent resides on the z/OS system, while the management server is typically on a separate platform.

SecureSphere Agent for z/OS provides real-time auditing of DB2 activity, which helps organizations meet compliance requirements and detect potential security threats. It provides a centralized view of DB2 activity across multiple platforms.

Without SecureSphere Agent for z/OS, organizations may lack real-time visibility into DB2 activity on z/OS, making it difficult to detect and respond to security incidents or meet compliance requirements. This can lead to increased risk of data breaches and regulatory fines.

The product integrates with the SecureSphere platform, providing a unified view of security events across different systems. This allows organizations to correlate DB2 activity with other security events and gain a more comprehensive understanding of their security posture.

SecureSphere Agent for z/OS supports various authentication methods, including RACF, ACF2, and Top Secret. It uses role-based access control (RBAC) to manage user permissions. Encryption is used to protect sensitive data in transit and at rest.

The product provides detailed audit logging of all DB2 activity, including user access, data modifications, and system events. These logs can be used for security investigations and compliance reporting.

SecureSphere Agent for z/OS helps organizations comply with various regulations, such as PCI DSS, HIPAA, and GDPR, by providing real-time auditing and reporting of DB2 activity. This helps demonstrate compliance to auditors and regulators.

Deployment typically involves installing the SecureSphere Agent on the z/OS system and configuring it to communicate with the SecureSphere management server. Tomium Activity Monitor for DB2 needs to be configured to capture DB2 activity.

Ongoing operational requirements include monitoring the agent's health and performance, reviewing audit logs, and updating the agent software as needed. Staffing requirements include personnel with z/OS and DB2 expertise.

Common implementation challenges include configuring the agent to properly capture DB2 activity, ensuring network connectivity between the agent and the management server, and integrating the agent with existing security systems.