Defending System z - A TCE (The Control Editor) Update
Project and Program: Enterprise Data Center
, Security and Compliance
, SHARE in Seattle 2015
The Image Control Environment (ICE) is a System z Software Utility that reinforces and extends the continuum of security and control provided by IBM’s RACF, CA-ACF2 and CA-Top Secret over z/OS and z/UNIX resources - datasets, members, files - and MVS/RACF operator commands.
In this presentation, the following recent enhancements to ICE will be described: • Break-Glass – Easily implements secondary password access controls over critical System z configuration datasets, files and commands, “raising the access bar” to vital production resources.
• TCE/OPER – An alternative to the conventional MVS Consoles, enforcing command access rights, fully documenting command usage and aiding productivity via Command Specific Wizards.
• CMDLog – A repository of defined MVS and/or RACF operator command events that is used to create an auditable “Real-Time History” of dynamic System z updates/changes.
• RACF/SETR - “The one Check to Rule them All” operates totally under the control of the IBM
• Health Checker for z/OS reporting deviations in SETROPTS settings from conformed rules.
-Paul Robichaux-NewEra Software, Inc.
Back to Proceedings File Library