The difference between the audit capabilities of zSecure and Guardium for z/OS is what they audit. zSecure will audit z/OS RACF and the subsystems. Guardium monitors the mainframe data side - whether it is Db2, IMS or the underlining datasets. With that being said, they really work together to give you visibility into the health and security of your whole mainframe environment. As far as STIGs go, zSecure has the STIG compliance framework built into zSecure Audit and can tell you if you are STIG compliant and specifically where there may be deficiencies in compliance. Guardium does not have a formal STIG framework but does receive best practices from the Db2 development lab and has built-in tests that emulate the Db2 LUW STIGs. Once the STIGs for Db2 on Z are released they will be incorporated into the Guardium audits.
Please let me know if you have anymore questions.
Michael Rich
Cybersecurity Technical Specialist
IBM z Security, North America
929-388-9315 Mobile
Mike.Rich@ibm.com
------------------------------
Mike Rich
------------------------------
Original Message:
Sent: Tue November 19, 2019 11:25 AM
From: Sandra Campbell
Subject: Guardium vs zSecure Audit
What is the difference between the audit capability in Guardium vs zSecure Audit? Are they both able to run STIG analysis?
Thanks,
Sandra Campbell
Sirius Computer Solutions
Sr. Mainframe Engineer
E: Sandy.Gilson@siriuscom.com
P: 630-200-9523
------------------------------
Sandra Campbell
Sirius Computer Solutions
Sr. Mainframe Engineer
E: Sandy.Gilson@siriuscom.com
P: 630-200-9523
------------------------------