CA Top Secret for z/OS ® At a Glance

Transcription

CA Top Secret for z/OS ® At a Glance
DATA SHEET
CA Top Secret® for z/OS
At a Glance
CA Top Secret® for z/OS (CA Top Secret) provides innovative, comprehensive security for your business transaction
environments, including z/OS®, UNIX and Linux® on System z—helping your business realize the reliability, scalability
and cost-effectiveness of the mainframe. Administrative tools, extensive reporting options, online monitoring and
automatic logging capabilities accompany CA Top Secret to secure your environment while enabling comprehensive
auditing and controlled sharing of data and resources.
Key Benefits/Results
• Improves efficiency by providing
streamlined administrative functions
• Simplifies the tasks associated with
maintaining compliance
• Reduces the cost of securing your systems
• Strengthens security and reduces risks
across your enterprise
Key Features
• Comprehensive, easy-to-use, rolebased security. CA Top Secret provides
comprehensive security for z/OS resources
across operating systems, subsystems, OEM
software and databases.
• Data and resource management. CA Top
Secret is designed to protect data sets and
selected resource classes by default or once
ownership has been established.
• Auditing and monitoring. CA Top Secret
includes a variety of audit functions that
provide information and capabilities to
help you monitor access and access rights.
• Separation of administrative functions.
CA Top Secret provides separation of security
administration functions and duties as well
as an additional management control that
safeguards your systems.
Business Challenges
Today, organizations view technology as a strategic resource and seek to gain competitive
advantage by providing easier, faster and more reliable access to products and services.
However, there is increased concern about the security issues that arise when valuable
mainframe data is accessible to the outside world. Thus, a secure, reliable and costeffective security infrastructure is essential for the execution of today’s business strategies.
Many organizations are also required to comply with government regulations, and existing
corporate policies and industry agreements. In addition, with the continuous introduction of
new technologies for the mainframe, new security and compliance, problems will continue
to evolve. To stay abreast of today’s challenges, organizations must strengthen security,
streamline administration and provide enhanced auditing and compliance capabilities.
Solution Overview
CA Top Secret is designed to protect your mainframe computer systems and data by
controlling access to resources. It closely maps security to how you manage your
organization by using a flexible configuration mechanism unique to CA that automatically
associates users to one or more roles. CA Top Secret delivers out-of-the-box access control
software for z/OS operating systems, which includes interfaces for CICS®, z/OS Unix
(formerly known as OMVS) and IMS™ (and an optional add-on for DB2®). Its mechanisms
provide flexibility and control to help you monitor and adjust your security policies and
accommodate virtually all organizational structures.
CA TOP SECRET FOR z/OS
Critical Differentiators
Release 12.0 Key Features:
Because individual accountability is
the key to effective information security,
CA Top Secret lets you decide what policies
are relevant and implement those
structures. It provides easy-to-use, rolebased administration functions that adapt
to your organization’s structure and
procedures to support compliance with
regulations and laws.
New Utility and Documentation for Enhanced Role-based Security. Easier administration.
CA Top Secret delivers several ways for
you to separate security administration
functions, providing different levels of
administrative authority (privileges) over
your users and resources. It can scope
or limit privileges to discrete security
functions, areas or resources. Users are
protected by a password, and consistent
password policies are enforced throughout
your organization, increasing information
security.
CA Top Secret works with other solutions to
provide comprehensive information security
across your network, and it generates audit
records for virtually any security-related
event. It provides a comprehensive set of
reports that enable you to view and analyze
your security event information. It also
enables you to limit the output of a
particular report according to the privileges
and restrictions of the specific user.
1. A RENEW command to simplify the administration of renewing certificates that are
defined on the Top Secret database
2. Expanded size limits of the IDN/SDN extensions
3. Certificate Utility now displays all Certificate extensions
Restricted Administrative Privileges. The ability to create “limited” security officers. For
example, ‘helpdesk’ personnel can be created who only administer password resets and
password-related fields, or users who are only authorized to issue digital certificate related
commands.
Administrative Archive. The ability to automatically generate archival commands during a
security administrator’s list or removal of a user. The user security record with all associated
user profile data as well as all profiles the user is associated with are captured and
commands are generated that can be used to restore the user to an original status if
needed.
User Modeling. The ability to automatically model one user to create another, including
user profile information, permissions and profiles. This can be extremely useful when users
switch roles or new users are created.
Virtual Storage Constraint Relief. Improved storage utilization and increased performance
through exploitation of above-the-bar 64-bit storage.
Serviceability. Additional diagnostic capabilities help CA Support identify product release
and maintenance status.
Related Products/Solutions
•CA Chorus™ for Security and Compliance Management. Reduce the time and effort required
to more securely manage the mainframe environment and enable faster issue resolution.
•CA Cleanup for z/OS. Easily automate continuous and unattended security file cleanup.
•CA Auditor for z/OS. Help identify and control z/OS security exposures.
•CA ACF2 Option for DB2 for z/OS. Provides protection against unauthorized destruction,
disclosure, or modification of DB2 data and protects DB2 resources by default using
standard ACF2 syntax.
For more information, please visit ca.com/mainframe-security
CA Technologies (NASDAQ: CA) creates software that fuels transformation for companies and enables them to seize the opportunities
of the application economy. Software is at the heart of every business, in every industry. From planning to development to
management and security, CA is working with companies worldwide to change the way we live, transact and communicate – across
mobile, private and public cloud, distributed and mainframe environments. Learn more at ca.com.
Copyright © 2014 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. z/OS is a trademark of International Business Machines Corporation in
the United States, other countries, or both. This document is for your informational purposes only. CA assumes no responsibility for the accuracy or completeness of the information. To the extent permitted by applicable
law, CA provides this document ‘‘as is’’ without warranty of any kind, including, without limitation, any implied warranties of merchantability, fitness for a particular purpose, or non-infringement. In no event will CA be liable
for any loss or damage, direct or indirect, from the use of this document, including, without limitation, lost profits, business interruption, goodwill or lost data, even if CA is expressly advised in advance of the possibility of
such damages.
CS200-94743_1014