CorreLog Introduces Syslog Agent for IBM Mainframes

Share Article

CorreLog Agent for z/OS now available for monitoring enterprise IT security

News Image
For many customers, an IBM mainframe is their most strategic box. However, until now, they had no way of viewing it as part of their enterprise security picture.

CorreLog, Inc., a provider of enterprise-class log management and proactive security correlation solutions, today announces the delivery of the CorreLog Agent for z/OS. Organizations currently using one or more IBM System z mainframes can now monitor their enterprise IT security, including mainframes, from a central viewpoint. In conjunction with the CorreLog Security Correlation Server, the z/OS Agent enables organizations to correlate mainframe security events with security events from Windows, Linux, UNIX, routers, firewalls, and more, and instantly notify the appropriate personnel in the event of a security threat or breach. The CorreLog z/OS agent monitors failed and successful logons to TSO, attempts to breach dataset security, and audits DB2 access for PCI DSS compliance. Furthermore, if there is an attempted hack into TSO, the agent shows the originating IP address and the source of the threat.

The Agent installs in a few hours, and does not require IPLs, installed supervisor calls or system patches. The only requirements are two cylinders of DASD and TCP/IP connectivity from the mainframe to the CorreLog or other Syslog console. A typical configuration consumes only one or two CPU seconds per day. In addition, there is no need for ongoing maintenance or administration.

“For many customers, an IBM mainframe is their most strategic box. However, until now, they had no way of viewing it as part of their enterprise security picture,” said George Faucher, president of CorreLog.

The z/OS Agent ensures organizations remain compliant. It detects, in real time, who is accessing the system and when, and who accessed what data and when - requirements for FISMA, PCI, DSS, HIPAA, NERC and Sarbanes-Oxley compliance. The Agent has the capacity of hundreds of thousands of Syslog messages per day, has no impact on existing operations, and requires no special training. Customers report no down time and a quick return on investment.

According to a national retailer, “Our auditors informed us we needed to monitor the logs on our z/OS mainframes in order to be fully PCI compliant. CorreLog’s z/OS mainframe agent provided us with this complete PCI compliance of monitoring the RACF and DB/2 log in addition to monitoring all of the standard distributed system logs.”

For more information on the CorreLog Agent for z/OS, visit http://www.correlog.com.

About CorreLog, Inc.
CorreLog, Inc. delivers security information and event management (SIEM) combined with deep correlation functions. CorreLog’s flagship product, the CorreLog Security Correlation Server, combines log management, auto-learning functions, neural network technology, proprietary semantic correlation techniques and highly interoperable ticketing and reporting functions into a unique security solution. CorreLog automatically identifies and responds to network attacks, suspicious behavior and policy violations by collecting, indexing and correlating user activity and event data to pinpoint security threats, allowing organizations to respond quickly to compliance violations, policy breaches, cyber attacks and insider threats. Visit http://www.correlog.com for more information.

All trademarks and registered trademarks used herein are the properties of their respective owners.

# # #

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Christina Nylese
CorreLog, Inc.
239-514-3331 406
Email >
Visit website