JVL | Edition de logiciels | Consulting

Edition de logiciels | Consulting

1

Articles


Vanguard Offline

Vanguard Offline is a simulation-testing and forensic analysis tool that saves time, reduces z/OS Security Server (RACF) errors and problems, and identifies who accessed or attempted to access System z resources over long periods of time.

Highlights

  • Tests and analyzes how new RACF commands will impact users and processes before commands are executed in a production environment.
  • Reduces the need for a dedicated test LPAR for RACF by testing new commands on an 'offline copy' of the RACF database running within the production environment.
  • Saves time by preventing unexpected errors and lockouts, and streamlining troubleshooting and issue resolution.
  • Performs what-if analyses on the 'offline copy' of RACF if problems are detected when new commands are tested.
  • Determines how users gained access to specific resources and verifies that changes made to user access privileges are complete.
  • Enables forensic analysis about who accessed or attempted to access what resources on System z
  •   

How Vanguard Offline Works

Security administrators execute commands against a copy of their RACF database, as if they were executing them live. They can then test and analyze the potential impact of the new commands on the system by running the same reports they already run against their production database and new reports Vanguard Offline creates including:

  • All access that was previously allowed and is now denied.
  • All access that was previously denied and is now allowed.
  • All access that was changed.
  • All access that was changed and unchanged.
  • All access that was granted for extraordinary privileges such as GAC, UACC, ID(*), OPERATIONS, TRUSTED and PRIVILEGED

If there are problems with the new commands, a what-if analysis can be easily performed on the RACF database to quickly create more specific profiles, determine the impact of new profiles or evaluate how profile additions or deletions should be modified to eliminate future problems. When more accurate predictions about how proposed changes will affect the system are needed, Vanguard Offline can conduct an impact analysis using historical data about access activity and which profiles were used to gain access to resources.

Vanguard Offline improves security controls and audit processes by making it easy to retrieve specific information about how users gain access to resources, remove any previously undetected unauthorized access, and report complete and accurate user access information to auditors.