USE CASE: How ACC Monarch Can Help As You Migrate Away From Obsolete Programs

Allocation Control Center (now ACC Monarch) was one of DTS Software’s very first products, and it’s difficult to describe exactly what it does because the potential use cases are so varied. In essence, ACC Monarch enforces a set of user-defined rules, or policies, somewhat analogous to ACS Routines. The Policy Rules Engine, which acts as the enforcer, runs under the Dynamic Install Facility (DIF) Started Task. Any time a job starts, or a dataset is CREATEd, OPENed, or DELETEd, the user can examine each dataset down to the attribute level and change attributes to ensure they meet broad, systemwide standards.

Over the years, it’s been interesting to hear about the many different ways users have taken advantage of ACC Monarch. In one recent example, a customer found ACC Monarch invaluable during a migration away from two obsolete programs: LISTUTIL and IEHPROGM.

First, the customer created a rule for the two programs that would identify which jobs and users were using them. By defining a new SMF record, PGM_STANDARD, the system would record info about the job, user, step, program, and more each time LISTUTIL or IEHPROGM were utilized. In addition to writing SMF records, ACC Monarch enabled the customer to write messages to the user warning that the two programs were obsolete, and which to use instead in the future. Because IEHPROGM would still need to be used for some jobs, the customer used ACC Monarch to allow for some exceptions where the messages wouldn’t be sent.

In this case, all the variables within the customer’s SMF record were filled in at EXECUTE, offering a wealth of information about the jobs, users, and programs attempting to use the obsolete programs. Instead of sending a questionably effective company-wide email or requiring someone to pore over large quantities of JCL, ACC Monarch allowed the customer to send automated messages and pinpoint exactly where to focus its migration efforts moving forward.

ACC Whitepaper

Download Storage Allocation Whitepaper

At its core, ACC Monarch is primarily used to prevent the incorrect use of resources. It ensures that production resources such as datasets, logstreams, and volumes get used on the production system while test resources get used on the test system, and it can restrict the data and time in which resources can be used. Perhaps most importantly, when allocations or usages are incorrect, ACC Monarch can intervene and correct them, saving customers the time and expense associated with manual efforts. For more information about the many ways DTS Software customers are using ACC Monarch, view our webinar on-demand or download our whitepaper today.

DTS Software Announces TechChannel Hosted Webinar: ‘Aggregation without Aggravation: When Putting More Log Data In Your SIEM is a Good Thing’

Mainframe storage management provider DTS Software is slated to sponsor a TechChannel webinar on Wednesday, July 14, 2021, featuring guest speaker Reg Harbeck and industry expert Steve Pryor. The event will focus on storage event awareness and why the metadata from it is a must-have for better security and compliance visibility.

DTS Software, a leading global mainframe storage management software vendor, today announced sponsorship for a TechChannel (https://techchannel.com) webinar titled, “Aggregation without Aggravation: When Putting More Log Data in Your SIEM is a Good Thing” on Wednesday, July 14, 2021 at 1:00 p.m. EDT/10:00 a.m. PDT.

More data is not always better where InfoSec is concerned. We’ll explain why storage-event awareness and the data from it is a great addition to your SIEM events for better security and compliance visibility.

High-profile cyber breaches continue to make headlines in spite of the log data available to security analysts. The indicators are there, but how do you make sense of the vast amount of data to see the cyberthreat on the horizon and take a proactive stand on protecting the data?

This webinar will focus on mainframe storage management events that can be added to the mix of SIEM event data currently collected and correlated to unearth the full cyberthreat picture across your enterprise. The general indicators of cyberthreat in storage are mostly file integrity management or FIM related, but FIM is difficult on the mainframe. IBM® z/OS® ESMs (External Security Managers – RACF, CA ACF2, and CA Top Secret) are the standard for SYSLOG data on the mainframe for security and a great start, but some events are not tracked by these facilities. Experts Reg Harbeck (Founder of Mainframe Analytics, Ltd. http://www.mainframeanalytics.com) and Steve Pryor (DTS CTO) will shed some light on leveraging dfSMS events alongside other SIEM event data to give a fuller picture of threat vectors zeroing in on your most precious IT asset, your mainframe.

Key points to be addressed:

  • The background of SIEMs and of mainframe storage event awareness
  • Which storage management event logs can be leveraged to reduce regulatory and compliance risk for data security
  • Which storage events are critical for cyber forensics, a critical component of many data governance regulations
  • How to pass along valuable storage management knowledge to the new wave of mainframe storage managers who are growing up in regulated data protection environments (GDPR, CCPA, HIPAA, FISMA, PCI DSS, SOX, other)

Guest speaker Harbeck is a mainframe industry expert and IBM Champion for Z mainframes who has worked in IT and mainframes for more than three decades. During this time, he has consulted, presented, written and taught courses on mainframe-related matters worldwide, and is heavily involved in the mainframe ecosystem.

“It’s easy to forget that storage is part of pretty much everything that is subject to security and regulations in IT,” said Chief Strategist at Mainframe Analytics Ltd, Reg Harbeck. “If you don’t have dynamic and historical insights into relevant storage behaviors, you don’t have a complete security or compliance picture.”

The webinar will also feature DTS Software’s CTO, Steve Pryor, who will provide a few practical use cases for a storage-management security approach and discuss how this method can advance mainframe business enablement and avoid violating a multitude of regulations.

“Policy rules are obviously good to help keep you out of regulatory and compliance hot water, but also in a less publicized fashion, they can help save money,” said Pryor. “We’re helping to elevate policy rules above a simple email and incorporate them into the client’s technology stack.”

As large enterprises continue to negotiate the mainframe skills gap, next-generation mainframe professionals have much to learn about the storage management tools they use in addition to a myriad of other non-traditional applications and infrastructure computing concepts dating back to the 1960s. But for both new and experienced mainframers, their work is often more focused on technology than strategic business enablement. This webinar will demonstrate how to use storage policy to advance security, compliance, and automated management to improve business services delivery today and into the future. To learn more about this upcoming webinar or to register, visit https://hubs.la/H0NGgbh0.

TechChannel and DTS Software July 2021 Webinar Details:

  • Title: ‘Aggregation without Aggravation: When Putting More Log Data in Your SIEM is a Good Thing’
  • When: Wednesday, July 14, 2021 | 12:00 p.m. CDT / 1:00 p.m. EDT
  • Speakers: Reg Harbeck, Mainframe Analytics chief strategist / Steve Pryor, DTS Software chief technology officer
  • Register: https://hubs.la/H0NGgbh0

About TechChannel
TechChannel is published by MSPC, a full-service content marketing agency that works with several top brands nationwide. TechChannel produces weekly TechBeat newsletters that provide thought leadership and technical content for our Enterprise and SMB audiences. In addition, bimonthly themed e-books provide in-depth content on a single topic for the Enterprise and SMB audiences we serve.

Visitors to techchannel.com will find thought leadership content, technical articles, podcasts and more. Advertising from business partners, along with webinars, whitepaper postings, etc., also add value to the site.

About DTS Software
DTS Software, LLC is recognized worldwide as a leader in enterprise storage management technology. Specializing in products for the OS/390, MVS, Hitachi VOS3 and Fujitsu MSP operating systems, DTS Software products provide superior function and features that allow managers and users to more effectively utilize their investment in storage systems. The company was founded in 1991 and currently has over 1,000 customers in the US, Canada, Europe, and the Far East. For more information, visit http://www.dtssoftware.com.

 

Article courtesy of prweb.com

Shoring Up Security with SIEM

In 2005, Gartner’s Mark Nicolett and Amrit Williams described a new breed of security tool combining Security Information Management (SIM) with Security Event Management (SEM). Today, the Security Information and Event Management (SIEM) market exceeds $4 billion — a figure that’s expected to grow to $5.5 billion by 2025 — and these capable tools are helping organizations shore up security, meet their regulatory compliance goals, and preserve and generate business value.

SIEM is about gleaning insights from all kinds of machine data, which is generated by networks, databases, servers, mainframes, and applications. Once this data is aggregated, correlation techniques can be applied to produce meaningful information about everything from attempted cyberattacks on your systems to detailed reports about the number of devices or users operating on the network.

Since the idea’s inception, SIEM products have worked their way up the security tool hierarchy, and they’re now one of the more integral parts of a complete enterprise security posture. Here are the three main benefits a SIEM solution can bring to your organization.

  1. Security
    It’s in the name, so security is obviously the top priority of any SIEM tool. By correlating logs and event data from your networks, devices, other security systems, and more, a SIEM enables you to spot threats before they land and respond to incidents promptly and effectively. As Simson Garfinkel and Gene Spafford, Ph.D. explain in Practical Unix and Internet Security, a computer system is secure when you can rely on it to behave in the manner expected — and SIEM is all about preventing surprises.
  2. Regulatory Compliance
    SIEM adoption was originally spurred by regulations such as the Payment Card Industry Data Security Standard (PCI DSS) implemented in 2004. Today, the regulatory landscape has never been more crowded, and businesses hoping to achieve compliance with GDPR, CCPA, HIPAA, FISMA, and more will need to rely on all the tools at their disposal. While most regulations have no specific mention of SIEM tools, the capabilities offered by these solutions are essential to gather intelligence, perform log management, conduct analysis, and generate reports and visualizations.
  3. Business Value
    SIEM systems might have security as their top priority, but they can also help your team identify suboptimal network configurations, troubleshoot workflows, and so much more. Splunk, for example, can collect information from almost any source and use machine learning to identify patterns and conduct insightful analysis, turning any type of data into a source of value. With so much information generated in the modern enterprise, SIEM tools are increasingly becoming a means to sift through it all. In the coming years, they’ll be capable of improving all aspects of a business instead of just security.

SIEM tools are a fundamental part of security in today’s enterprises, but they don’t always include all the necessary information. To help get a better picture of your organization’s cyberthreat readiness, it’s a good idea to collect data on mainframe storage management events, including those not necessarily tracked by RACF, CA ACF2, CA Top Secret, and other External Security Managers on z/OS.

For more information, we encourage you to watch our July 14 webinar on demand. It was hosted by TechChannel and featured CTO Steve Pryor and veteran mainframe analyst Reg Harbeck. The pair offered insights into how you can leverage dfSMS events in conjunction with your existing SIEM data to get a more accurate picture of the threats facing your most valuable IT asset.