SF-Sherlock optimizes maximum mainframe security and compliance as your all-in-one solution in detecting – alerting – combating and monitoring.

Your mainframe platform is finally actively protected to the max by our maximum security software SF-Sherlock – a single, integrated, plug & play auditing solution. SF-Sherlock’s all-inclusive real-time configuration and event auditing software does it all. It detects, verifies and/or blocks suspicious behavior, manipulation, and fraud in both the dynamic and static functions of your entire system.

Only a few markets, like here that in Switzerland, can boast of maximum or extraordinary information protection laws and requirements. For more than a decade, the Swiss financial sector has counted on our unique software solution to both achieve and maintain maximum security.

To achieve and maintain maximum security with SF-Sherlock means:

N
No MIPS, but value-based fees, including the “software as a service” (saas) option
N
No “n product fractioning” for optimized budget draining, but a product design customized to your requirements and goals
N
No support charges based on “egg timers”, but comprehensive premium service

In having constantly developed and implemented highly innovative and reliable IT security technologies for over a decade, we provide protection capabilities that are unique worldwide. No wonder we are partners with the world’s largest companies and institutions in successfully achieving and maintaining maximum secure environments.

You are aware of today’s risks and dangers

and therefore place a very high value on maximum IT security to protect your company’s major assets. In the era of the Internet and E-Commerce you want to keep trusting in the idea of »Mainframe = Highest Security«.

You know the current, strict legal regulations and recommendations

such as Basel II, IT Baseline Protection Manual (German Federal Office for Information Security), Sarbanes Oxley (SOX), U.S. DOD Regulations, Gramm Leach Bliley Act (GLBA), KonTraG, RS FAIT 1, HIPAA Security, 95/46/EC Data Protection Directive, etc. and the certification criteria according to ISO or BS. These standards require your company to apply precise, efficient and effective measures for securing all IT-based processes and related audit trails, including the underlying technology, against internal and external attacks. You also need to have clear evidence of relief to customers, shareholders and legislators by proving that everything possible, both technically and legally, has been done to ensure the highest standards in security and quality – also for the purpose of achieving a good [risk] rating. Your goal for your company’s mainframes is to meet all these legal and technical requirements with minimal effort. This allows you to search for a comprehensive solution that works automatically, technically perfectly and highly effectively, and that is legally accepted and audit-secure.

You regard security, quality and cost efficiency as extremely important competitive factors.

You know that only with increased quality and the highest level of automation in your daily work processes can you achieve the required highest level of productivity. Accomplishing this will give you the flexibility and time necessary to meet the actual business challenges and opportunities which the future brings.

You want a single solution

that performs all the necessary tasks, such as monitoring events, examining the weak areas of your system by a constant vulnerability assessment, and practically covering the complete technological spectrum of the mainframe platform. At the same time, at your desired level of increased value, this solution should allow for daily application and organized cooperation from all different departments, from the technical level up to the highest level of management.

You also demand openness to integration.

into company-wide, cross-platform security management and audit solutions. You never want to doubt your investments in these areas. The solution you aim for should indeed consistently support your interests, also within the scope of ITIL, COBIT, BS7799, among others.

Solution:

SF-Sherlock Real-time security and Quality Monitoring

Technology

SF-Sherlock represents the high performance real-time monitoring technology for establishing complete security and quality automation on the z platform by integrating the monitoring, recording, notification, reaction, reporting and possibilities for simulation (e.g. IPL) into an overall solution. With its components, SF-Sherlock is a constantly running system process that monitors and examines the security system (Security Server or RACF as well as CA-TopSecret and CA-ACF2), specific processes and subsystems (DB2, LDAP, etc.) as well as the z/OS operating system with all its components. It records relevant changes in an audit-secure manner and informs the person concerned just in time and specifically about area-related events, such as errors, attacks, manipulations, changes, etc., for instance by e-mail or SMS. The auditing department correspondingly achieves continuously automated monitoring and rating, including reporting. This means no one has to manually process the results and waste time with routine tasks, since all procedures are fully automated. This gives you freedom, flexibility, and security. SF-Sherlock goes beyond pure reporting in well defined cases. For instance, with its optional automatic and instant reaction, SF-Sherlock throws intruders out of the system immediately. With this constant control and observation, realized as 24-hour protection, you achieve the required top-level of security and quality that lets you take command of your system and reduce costs.

The demand for action can not be denied

Since 2004, the German Federal Office for Information Security (BSI) has gone far beyond the compliance level of the U.S. Department of Defense by openly discussing the risks and defining the necessary security measures for the z/OS mainframe platform in its central security guide, the »IT Baseline Protection Manual«. The key message describes the demand for »using a real-time security monitor for z/OS systems to be able to determine security infringements faster«. Real-time monitoring for only a single isolated security aspect, such as SMF records, is still insufficient. Monitoring the entire z/OS with all its components and complex relations and details is necessary. SF-Sherlock monitors the z/OS system comprehensively and completely, since the dominant danger comes from unnoticed “tricky” procedures and concealed errors in the z/OS, such as for reaching higher authorizations, breaking the audit trail, and obtaining unnoticed access to resources. In this way, professionals can spy on all data by targeted bypassing and manipulating the security system while not even leaving a single SMF or log record. Correspondingly, any unnoticed remaining erroneous system parameter or configuration may question the availability of the entire system, at the latest with the next IPL. Both security and quality deficits equally present catastrophes and must be prevented »at any cost«. Therefore, after each modification performed in the system, SF-Sherlock automatically checks your security system as well as the parmlib and other important system files for any possible gaps and errors. A real-time technology is necessary because the lifetime of manipulation for professional illegal activities is extremely short – detection, prevention through reaction, and the consistent presentation of evidence are not possible any other way. The checklist of possible vulnerability and errors is extensive and can only be fulfilled by completely automated monitoring.

Technology that guarantees success

The automatic and comprehensive security and quality assurance technology of SF-Sherlock fully supports the above mentioned outstanding objectives and lets your mainframe platform comply with all the different legal regulations and requirements. With SF-Sherlock, not only do you meet the necessary requirements, you also accomplish both total quality assurance and comprehensive protection. SF-Sherlock paves the secure way of the future of your business. Constant and complete monitoring and examining, especially at deeper technical levels, are becoming increasingly important with the new z/OS functions (Unix System Services, Sysplex Technology, etc.) and with the new areas ofapplication, such as web servers, data servers, and E-commerce platforms. There is no doubt that standard measures thus gradually seem to be insufficient. SF-Sherlock’s function as an intrusion and extrusion detection system for the defence against internal and external attacks is even more significant as the highest level of protection against the increasing opening of previously closed systems and networks to the outside. With its leading technology, SF-Sherlock is an essential step in attaining a constant, up-to-date level of security and quality for combating these risks.

Productivity that guarantees success

As an automatic real-time process, SF-Sherlock works for the departments of security management and auditing, data and information protection as well as system technology. Furthermore, it integrates them into a common and highly efficient workflow, which leads to higher productivity and significant cost reduction. Through its comprehensive security and quality automation, SF-Sherlock is an integrated solution for the whole company, also in a cross-platform context. Its added value provides the highest profitability and cost effectiveness for everyone involved. With the plug&play implementation concept, you reach this goal and the corresponding work as well as legal relief with minimal time, cost and effort.

Security and quality automation with SF-Sherlock is the answer to the new z application fields in the era of the internet and E-business.

Automate your IT Security and Compliance to the max today!

Solutions to the max.

Cross-Platform Security Solutions

Constant monitoring and auditing of all computer systems is state of the art. For large enterprises it also requires a real-time integration of the mainframe platforms governing event monitoring, vulnerability assessment and compliance checking. With SF-Sherlock and SF-NoEvasion, your security monitoring solution is powerful and can be implemented across your enterprise through the easy integration of the mainframe.

Compliance

Over the past several years, compliance has become more and more an important issue, but also a tedious task. Our SF solutions assist you in automating the resulting workload to the max by also covering the entire mainframe platform - thanks to a 360-degree approach.

Protection

With SF-Sherlock, you can also protect your mainframe platform against attacks and combat high-level risks. Thanks to our max approach this also includes malicious code and exploits. Yes, both of these are real risks on the mainframe platform!

SF Solutions

All SF solutions are invented and developed in-house. Therefore, you can count on both our unique expertise and our high level of motivation in providing you with solutions and services with maximum performance, effectiveness, and productivity.

Are you expecting a governmental audit of your mainframe platform soon, as by the BaFin or ECB?

Let us help you prepare your mainframe security and compliance.

++800 - 37 333 853 or simply dial: ++800 - DRFEDTKE

Call our world-wide toll-free number now!

(++ represents the prefix for international calls; in most countries it is 00; in the U.S. it corresponds to 011)

News & IT Security Forum

08/2018 – SF-SafeDump supports external confidential data scanner (CDS) integration

Companies dealing with extremely sensitive data often use confidential data scanner (CDS) applications to do a general scan of all documents before they may leave house. It’s important to emphasize that such CDS solutions do not perform any kinds of anonymization, but instead scan documents (files) for possible sensitive content and create a corresponding report. With SF-SafeDump’s new PTF level 017 it’s easy to exploit the performance of any CDS, namely, for double-checking any anonymized dumps and log files as regards possible “leftovers.” But we don’t want to give you the wrong impression: the principal quality check, which is highly comprehensive and fully sufficient, also happens within SF-SafeDump. This means that you are safe and covered without a CDS. You should also be aware of the fact that SF-SafeDump covers many more categories of sensitive information than a CDS solution.

Overall, the integration of a given CDS into SF-SafeDump is fully optional. On the other hand, it’s a nice feature, since a CDS may increase the company-internal compliance level and promote good feelings while applying the “golden rule” of mandatory document scanning fully effectively to in fact any document, i.e. also to dump and log files originating from the mainframe. We definitely support any such scenario and won’t take it “personally” if users extend the already powerful quality assurance provided by SF-SafeDump through additional review capabilities. We are confident, since SF-SafeDump learns from the results of the CDS. To make this clear: it’s still the goal and duty of SF-SafeDump to leave any CDS report empty.

With PTF Level 017, everything is provided for such an integration of a CDS and to even fully automate the related procedures; the tools provided also solve all best practice problems that occur within such a CDS integration. The new PTF level 017 is now released and ready for download.

07/2018 – SF-Sherlock’s new PTF level provides performance improvements for environments with massive amounts of event data

SF-Sherlock has passed additional intensive performance reviews – driven by z/OS installations that process huge amounts of event data within their z/OS-SIEM integration. Larger amounts of event data easily result from the monitoring of DB2, CICS, MQ, Webshpere as well as other subsystems.

We achieved these great results by using the latest machine instructions supported by System Z machines as well as by further improving SF-Sherlock’s “event consolidation” feature supported by the real-time sniffer. The new PTF level 080 is now released and ready for download.

Join our newsletter list

Worldwide toll-free phone number

++800 - 37 333 853
or simply dial:
++800 - DRFEDTKE

Alternatively:
+41 41 710 4005

(++ represents the prefix for international calls; in most countries it is 00; in the U.S. it corresponds to 011)

Find Us

Headquarters

Seestrasse 3a, 6300 Zug, Switzerland

 

Visitors & Training

Dammstrasse 19, 6301 Zug, Switzerland

 

Social Media

Xing → Linkedin →

Write Us

Marketing
marketing@enterprise-it-security.com

copy the address

Technical support and hotline: hotline@enterprise-it-security.com

copy the address