Change, Risk, Audit, & Compliance Management
Change management, audit and security improvements (ZTA, MFA, MFE,..) with system integrity in z/OS, JES, VTAM, TCP/IP, CICS and IODF.
Detect the impact of additions, changes and the risks on your primary servers before they strike across your Test, Development & Production Services. Visualize RACF and various security points and connections including certificates, keyrings and much more.
zOSEM
zOSEM offers a methodology and ISPF interface to provide today's data center a proactive solution to the challenges of fewer systems programmers.
It also offers an opportunity to make the task of managing system environments an administrative one, rather than a technical programming issue. zOSEM makes it much easier for installations to manage system resources and to control how they are used. It enables z/OS management to:
Manage & Improve System Throughput
Eliminate Exits Migration Issues including any customization complexities
Reduce & Control ISV (& IBM) Costs utilizing Job and Step-level Resource Routing
Reduce HSM CPU Consumption & add comprehensive reporting for HSM activities
See some of the zOSEM functional area benefits.
zOSEM
zOSEM offers a methodology and ISPF interface to provide today's data center a proactive solution to the challenges of fewer systems programmers.
It also offers an opportunity to make the task of managing system environments an administrative one, rather than a technical programming issue. zOSEM makes it much easier for installations to manage system resources and to control how they are used. It enables z/OS management to:
Manage & Improve System Throughput
Eliminate Exits Migration Issues including any customization complexities
Reduce & Control ISV (& IBM) Costs utilizing Job and Step-level Resource Routing
Reduce HSM CPU Consumption & add comprehensive reporting for HSM activities
See some of the zOSEM functional area benefits.
zOSEM
zOSEM offers a methodology and ISPF interface to provide today's data center a proactive solution to the challenges of fewer systems programmers.
It also offers an opportunity to make the task of managing system environments an administrative one, rather than a technical programming issue. zOSEM makes it much easier for installations to manage system resources and to control how they are used. It enables z/OS management to:
Manage & Improve System Throughput
Eliminate Exits Migration Issues including any customization complexities
Reduce & Control ISV (& IBM) Costs utilizing Job and Step-level Resource Routing
Reduce HSM CPU Consumption & add comprehensive reporting for HSM activities
See some of the zOSEM functional area benefits.
zOSEM
zOSEM offers a methodology and ISPF interface to provide today's data center a proactive solution to the challenges of fewer systems programmers.
It also offers an opportunity to make the task of managing system environments an administrative one, rather than a technical programming issue. zOSEM makes it much easier for installations to manage system resources and to control how they are used. It enables z/OS management to:
Manage & Improve System Throughput
Eliminate Exits Migration Issues including any customization complexities
Reduce & Control ISV (& IBM) Costs utilizing Job and Step-level Resource Routing
Reduce HSM CPU Consumption & add comprehensive reporting for HSM activities
See some of the zOSEM functional area benefits.
z/OS EXIT Explorer
z/OS EXIT Explorer to determine where your inhouse, IBM and ISV z/OS exits have been applied to z/OS and associated sub-systems - all 500 plus - across diverse areas where no one manager or auditor will have relevant expertise to understand what is in place and what changes with new product installs or new z/OS releases. And with inhouse exits you have the added worries of relevant expertise in specialized assembler programmers "leaving".
Contact us for more detailed information on how to find and replace those difficult exits.
P-Tracker
P-Tracker collects usage information on all program and subprogram calls under z/OS including Batch, IMS/DC, CICS, TSO and other sub-system environments. Using P-Tracker, one can focus in on usage of modules, datasets, applications and products/licenses; and with inhouse applications determine the chained calls at sub-program level. One can quickly and easily identify applications and products that are unused, under-used, duplicated or scattered. Automatically collects information on every module invocation on the system, including sub-system level transactions
when required.
IPLCheck/AI
IPLCheck/AI uses Image FOCUS technology to help z/OS Systems Programmers protect system integrity and report also dynamic changes . It runs under the IBM HealthChecker to inspect IPL status and report any risks of issues in the IPL setup.
ICEDirect
ICEDirect was developed to answer an additional need created by the evolution in Operational Integrity: Data Visualization. With the requirements
for a ZTA (Zero Trust Architecture) and other information sources it became clear that the traditional reporting methods had enhanced requirements to share critical information captured and stored by various tools and services. ICEDirect is a highly secure browser interface into the ICE data space that can easily provide information from its data capture and store it in a format that is both intuitive and visually easy to understand.
ICEDirect also provides analytic capabilities for other z/OS critical data, such IODF configurations, the z/OS Health Checker (all LPARS in a SYSPLEX
in one view), RACF, Certificates management, and LD-IPL. These analytic capabilities allow for an easy method to view, understand, and make the audit legible for non-specialists of these sources.
A mitigation for vulnerabilities in customized versions of z/OS 3.1 is now available in the form of List Directed IPL (LD-IPL) and its two supporting components in Validated Boot and Secure Boot - Available for creation using ICE-Direct and for Inspection using Image Focus.
And in particular for those looking to resilience with planned and unplanned DRIFT across multiple version or deployed builds of a system then ICEdirect reports and visualizes that with ease even to the untrained personnel.
SAE - Stand Alone Environment
SAE - Stand Alone Environment allows access to z/OS volumes and datasets without having an z/OS active. Full range of ISPF like features, Fast DASD Erase to delete a farm in less than 30 minutes with audit report, and Dataset Utilities to ensure critical datasets are always immediately accessible including restore of datasets from DFDSS & FDR volume backups. SAE itself IPLs in 7 seconds, where normally your start-up pack requires 10 to 30 minutes. Essential to any disaster recovery plan as you execute your plan faster and have your production system up and running quicker, and avoid any back-outs.
With Rel. 17 it supports the HMC Integrated Console so you can IPL with Integrated 3270 (SYSG=ENABLE) as well as traditional IPL with console device (SYSG=DISABLE).
With Release 18 you have support for accessing datasets on volumes on alternate subchannel sets, and also perform DSS restores to volumes on alternate subchannel sets.
The Control Editor
The Control Editor (TCE) is designed to establish and maintain best practices for an institution to enforce Infrastructure Administration controls. Some of these best practices which can be automatically performed by TCE would be to always create a backup of critical components when changed and maintain history and versions for each change. Provide and enforce a method of consistent documentation for change activity. Create a persistent method of notification when action is taken that may change the definition or running (dynamic) values of z/OS LPAR and sub-systems.
TCE also provides additional controls beyond those provided by traditional External Security products, which allow for the requirements of Dependency Mapping and Excessive Access Checking (NIST SP 800-207). TCE can be the central tool in any Security policy enforcement for critical z/OS datasets, Load Libraries and UNIX files.
Image FOCUS
Image FOCUS provides a uniquely powerful capability to perform inspections & verifications of critical configuration elements that define and control the startup and operational parameters of a z/OS LPAR and major subsystems such as JES, VTAM, TCP/IP, CICS and security definitions like PAGENT
and SERVAUTH. Image FOCUS also detects changes to these same critical elements and evaluates the impact of the changes on the readiness and availability of the z/OS LPARS / SYSPLEX.