CorreLog Introduces Enterprise View Logging System

CorreLog, Inc., a provider of log management and security solutions, says it has begun shipping a z/OS agent that helps organizations correlate mainframe security events with security events from Windows, Linux, UNIX, routers, firewalls, and and instantly notify the appropriate personnel in the event of a security threat or breach.

The new product, CorreLog Agent for z/OS, works with the CorreLog Security Correlation Server, to enable organizations to monitor enterprise IT security, including mainframes, from a central viewpoint, says George Faucher, president of CorreLog. "For many customers, an IBM mainframe is their most strategic box. However, until now, they had no way of viewing it as part of their enterprise security picture."

The CorreLog z/OS agent monitors failed and successful logons to TSO, attempts to breach data set security, and audits DB2 access for PCI DSS compliance. Furthermore, if there is an attempted hack into TSO, the agent shows the originating IP address and the source of the threat.

CorreLog says the agent installs in a few hours, and does not require IPLs, installed supervisor calls or system patches. The only requirements are two cylinders of DASD and TCP/IP connectivity from the mainframe to the CorreLog or other Syslog console. A typical configuration consumes only one or two CPU seconds per day. In addition, there is no need for ongoing maintenance or administration.

The z/OS agent ensures organizations remain compliant. It detects, in real time, who is accessing the system and when, and who accessed what data and when - requirements for FISMA, PCI, DSS, HIPAA, NERC and Sarbanes-Oxley compliance. The agent has the capacity of hundreds of thousands of Syslog messages per day, CorreLog says.

For more information, go here.