Articles

Health Check for mainframes using RACF or ACF/2.mov

June 23, 2019



your mainframe runs the critical applications in your enterprise and we all know that mainframes are inherently very secure but even for Knox needs to be set and run properly to be really secure so is it safe to assume that your mainframe is configured securely yes because it has been running for years and nothing bad ever happened well not necessarily right how do you make sure that your mainframe is being run according to industry best practices what do I mean by that well how do you know that in your mainframe you are not running them with insufficient controls for example there are many accounts but for user and for system that have the privilege called system special well this is like having Super User in the UNIX world you can do basically everything so there might be one or two or I don't know it depends on the situation some of them but how do you know that you don't have way too many there's also a system operation type of account that basically everything that runs under this type of with this type of privileges does not get logged doesn't get SMS records so there's room for that definitely but how many do I have who had those access right the system auditor used to name few who has that authority or maybe they are account that have a combination of those accesses thinks even more basically that how about passwords on the mainframe they being changed frequently enough can you verify that that's the case are you sure that you are not running with some weak passwords here and there there are a lot of a password that have expired or basically unused in the mainframe they are profiles that the term means privileges and and access in this one in particular that is called a surrogate profile which allows something to be run on behalf of some other accoun or system account do I have those damn I'm using it correctly they're being used and I don't even know about them do I have unused profiles profiles are somebody defining their with a cryptic name and I don't know whether somebody's using her or not but people particularly when they are not very very experienced they tend not to delete things on the mainframe because last time I delete something I screw big-time and his was very hard to recover from that era so many things are left in there and there are exposures how do you know that you are not drawing any kind of dangerous program with some access rights that is not supposed to have how do I make sure that my communication server which controls with the term is you know my tcp/ip settings has you know set correctly and like this year just they're much more many more things that you can check for and that in order to make sure that you are really running according to best practices so there is a mechanism to easily ensure that that is the case is by running a mainframe health check well it seems like a lot of things to check how long do some does a mainframe health checks takes three days on day one we install in POC as a trial attempt a software called C secure on day number two we basically run C secure and really doesn't take it full day to install the security some simple install is an impedance all but you know we we share with the administrator what are the scope and the things that we are going to be actually doing on the second day we run it basically on the third day we present our findings and we give you a report a written report of those findings well it seems like a very good value proposition but how much will that cost the good news about it is that it is absolutely free you may be wondering why would I be em give me all these value for free well we do it because we have seen that when people get to know all the powerful thing that C secure can do for them they really want to keep it and they want to buy it and make make sure that in a very easy way they maintain their mainframe operation healthy

You Might Also Like

No Comments

Leave a Reply