Type80 SMA_RT: A Leading z/OS SIEM Agent

SMA_RT z/OS SIEM Agent: Security Monitoring Solution

In a standard z/OS environment, the three principal z/OS security packages, as implemented, utilize simple logic: actions are either allowed but in most cases not reported; or they are not allowed and a violation log is created. Such violations generally are examined using batch-mode analysis often many hours after the fact, and any reports generated by such alerts typically remain within the z/OS environment (not externalized to log consolidators). This can result in a number of security problems and unrecognized threats.

Type80 Security Software’s SMA_RT product is a z/OS SIEM agent that aims to address these key problem areas. Our z/OS SIEM agent makes z/OS security state-of-the art. By analyzing data from both Operator (WTO) messages and the Systems Management Facility (SMF), Type80 SMA_RT gathers detailed information about potential security events on z/OS. This data is then interpreted, normalized in standard Syslog format and delivered in real-time to those responsible for enterprise security. This gives an organization an enterprise-wide view of all the events they need to capture in order to stay abreast of attacks against their infrastructure.

For a FREE trial of our z/OS SIEM agent complete our security software trial form online today. You can also contact us directly to learn more about this product and how our z/OS SIEM agent can help improve your enterprise-wide security monitoring efforts.

How SMA_RT z/OS SIEM Agent Benefits You

IBM Security Business Partner

Our revolutionary SMA_RT z/OS SIEM agent allows administrators to designate specific items of interest for deeper security monitoring than is normally provided in the z/OS environment. For example, an administrator can specify files of interest (perhaps those with credit card data for PCI compliance, or those related to patient data for HIPAA compliance), and capture all relevant data whenever those items are accessed – even by authorized users!

The SMA_RT product is dynamically installed and easy to implement by any z/OS Systems Programmer. Our z/OS SIEM ArcSight Tested | Security Software agent has a very small memory footprint and extremely low impact processor utilization. Once installed, SMA_RT’s security monitoring rules are very simple and easily entered through our TSO interface.

Further, SMA_RT requires no additional z/OS components or understanding of cumbersome languages or proprietary framework to operate. Our z/OS SIEM agent is designed to be used in tandem with an organization’s existing SIM, SIEM, and log consolidation monitoring platforms.

SMA_RT supports all three Security Access Facility products, providing a single solution for large organizations that need full coverage and enterprise-wide security monitoring.

SMA_RT z/OS SIEM Agent Key Points & Facts

Our z/OS SIEM agent is easy to implement and use and is an effective solution for real-time security monitoring in a z/OS environment. Key benefits include:

SMA_RT Security Monitoring Software: z/OS SIEM Agent
  • Improves the efficacy of RACF, ACF2, Top Secret, SMF and Console messages
  • Real-time delivery of z/OS alerts
  • State-of-the-art capture of alerts
  • Helps meet G/R/C logging requirements (SOX, PCI, HIPAA, and others)
  • Helps track “insider threat”
  • Easily integrates with any SIM, SIEM or log consolidation product
  • Batch Processing Program processes events from historical SMF data
  • Can be configured to create events as USER SMF records
  • Can be configured to create events in a Type80 audit file
  • CICS Application Programming Interface produces customized events
  • BATCH Application Programming Interface produces customized events
  • BATCH Rule Processing allows for filtering of events through a batch program
  • TSO Rule Processing allows for filtering of events through TSO panels
  • Produces statistical analysis of its memory usage and other vital information

Finally, no other z/OS SIEM agent or security product can come close to SMA_RT's ability to manage z/OS security events in real-time, with low resource consumption, low cost, and a wide range of customization options.

Get a Free Trial of the z/OS SIEM Agent

To learn more about our SMA_RT product or to request a free trial of any of our security monitoring products, complete our online Free Trial Request Form today. If you would like to learn more about each of our products and how our z/OS SIEM agent can be the security solution you need, you can also contact us online or by phone! Our experts look forward to answering all of your questions about our z/OS SIEM agent products and working with you to develop customized solutions for your z/OS security needs.

Copyright Type80 Security Software, Inc. - All rights reserved.
Software Diversified Services has acquired SMA_RT product - Press Release