Your mainframe installation uses z/Linux, z/VSE and/or z/VM in addition to z/OS, and you need to integrate these platforms in a cross-platform real-time monitoring? SF-Sherlock provides the following powerful options:
• z/Linux without z/VM+RACF-based authentication: The syslog of all z/Linux systems will be automatically forwarded to SF-Sherlock for passing its intensive security scan.
• z/Linux combined with authentication via z/VM+RACF: Aside from the automated syslog scan, all SMF records resulting from z/VM’s RACF will also become part of the SF-Sherlock-based security monitoring. For example, to immediately detect any suspicious behavior in the mass of z/Linux logins.
• z/VSE: The Basic Security Manager (BSM) is a standard component of z/VSE’s kernel, and provides basic security capabilities. With version 4.1 this includes the creation of RACF-compatible SMF records. Simply forward these records to SF-Sherlock for being analyzed, and your z/VSE is covered by its strong monitoring.
• z/VM: RACF on z/VM creates regular RACF SMF records that will be forwarded to SF-Sherlock for setting up a correspondingly high surveillance level on z/VM.
Employing the SF technologies provides the easiest way to fully secure the “entire z”.