The CorreLog Agent for IBM z/OS expands the role of your corporate IT security system – whether the CorreLog Enterprise Server or other SIEM (Security Information & Event Management) collector – to include true real-time monitoring of mainframe SMF messages, empowering you with new and important capabilities for enhanced visibility into your mainframe user activity. Complete your centralized log management and/or SIEM strategy leveraging this powerful and unique real-time mainframe security and compliance component.
For many large organizations, one or more IBM z/OS mainframes constitute a strategic capital investment for their most mission-critical applications and processes. The CorreLog Agent for z/OS enables these organizations to combine z/OS SMF events with SIEM Syslog data, giving IT security personnel a complete system-wide vantage point for cyber-threat and security breach alerts. With SIEM platforms existing predominantly in distributed environments, the CorreLog Agent for z/OS allows organizations to include mainframe event log data in real-time for a unified, multiplatform view of enterprise security event data in a single console.
In concert with SIEM monitoring applications such as the CorreLog Enterprise Server or competing solutions, the CorreLog z/OS Agent allows the user to view mainframe SMF security, database and TCP/IP events, alongside events from Windows, UNIX, Linux, routers, firewalls, and other IT assets and can alert IT security personnel of cyber-threats before they happen.
The CorreLog z/OS Agent installs quickly, uses minimal resources, and does not require extensive training, ongoing maintenance or administration. The Agent is easily configured, allowing users to select from a myriad of events including TSO Logons, Production Job ABENDs, TCP/IP Connections, FTP File Transfers, RACF, CA Top Secret, ACF2, and DB2 accesses. Out of this event log data, security systems administrators may filter further by sub-categories and receive only the data relevant to security threats. This filtering capability streamlines data flow to SIEM system consoles without compromising network bandwidth.
The z/OS Agent also operates within the constraints of increasing compliance regulations such as PCI DSS, FISMA, HIPAA, NERC and Sarbanes-Oxley.