Enterprise-wide monitoring of security events is critical, not only for tracking malicious activity, but also to meet compliance requirements. The three principal mainframe security packages, as implemented, utilize simple logic: actions are either allowed but in most cases not reported; or they are not allowed and a violation log is created. Such violations generally are examined using batch-mode analysis often many hours after the fact, and any reports generated by such alerts typically remain within the mainframe environment (not externalized to log consolidators, etc).
Type80 offers three products that provide immediate solutions for today’s market. All three products seamlessly transport security, log and audit information from the IBM z/OS environment, in Real-Time, to a SYSLOG listening device to your own SIM, SIEM or Log Consolidation software running in a distributed environment.
Type80’s most economical product is called SYSLOG. Type80 SYSLOG for z/OS enables extension of all mainframe console messages and write-to-operator messages to be routed to external log retention servers using the standard SYSLOG protocol. This also allows for easy integration with any centralized security activities within the enterprise, such as, SIM/SIEM products. Type80 SYSLOG messages are sent in "Real-Time" and provide a cost effective way to monitor the IBM z/OS mainframe as part of an Enterprise-wide security program.
Type80’s premier product is SMA_RT. SMA_RT is an acronym for Security Monitoring and Alert in Real-Time.
The SMA_RT product offers an additional SMA_RT DB2 Connector feature that allows you to capture DB2 Audit information in Real-Time.
Type80’s SYSLOG, SMA_RT, and SMA_RT with the additional DB2 Connector feature all share the same base code. The software’s activation and features are controlled by the customer’s license key.
All of Type80’s products are z/OS supported assembler written to IBM’s standard practices and will run using z/OS release levels as supported by IBM.