IBM Security Z Security

Administration and maintenance enhancements for zSecure Alert

By Rob van Hoboken posted 23 days ago

Some recent PTFs improve the ease of administration for zSecure Alert.  New functions are provided in (JCL) batch jobs to maintain alert configurations on one maintenance LPAR, test alert configurations using archived SMF records, and push out selected changes to other LPARs.

The service stream enhancement (SSE) to zSecure 2.4 from December 2020 adds (JCL) batch procedures to work with the zSecure Alert customization data set (C2PCUST).  The preferred maintenance vehicle for C2PCUST is the SE.A.A ISPF interface, allowing for configuration of the zSecure Alert (C2POLICE) started task parameters, selection of alerts, customization of alert (selection) parameters and finally verifying and refreshing the alert configuration.  With the SSE, the following functions are available through JCL:

  1. Rebuild the C2PCUST members for an existing configuration after a PTF or other maintenance has changed skeleton members.
  2. Promote the result of a JCL rebuild or an SE.A.A verify to production status in C2PCUST.
  3. Test an existing alert set (verified or production status) using dumped or archived SMF records, a CKFREEZE and an UNLOAD of the security database.  This could replace the procedure of refreshing a C2POLICE instance and executing dozens of test scenarios on an LPAR, only to verify if a tweak of an alert skeleton yields the desired effect.
  4. Selecting or unselecting one or more alerts (by number) in an alert configuration, before rebuilding it.
  5. Exporting one or more alert configurations, or selected alert definitions from a C2PCUST into a flat file for transport.
  6. Importing selected entries from a transport data set into a new or existing C2PCUST.  The import option provides controls to (only) ADD or REPLACE entries.  A configuration in the C2PCUST, thus updated, can be rebuilt, tested and (conditionally) promoted in batch.
  7. Running an export and using import in another C2PCUST can be used to compare the entries in alert configurations.

These functions are further described in the last Chapter of the zSecure Alert User Reference Manual.  These PTFs are required:

  • PTFs UJ04501 and UJ04557 for APARs OA60419 and OA60420 (this updates code shared among most zSecure components)
  • PTF UJ04502 for APAR OA60459 (this updates code specific to the ACF2 features)

When installing UJ04501, be sure to adjust the installation job provided in the PTF cover letter and the ++HOLD ACTION and run it, otherwise the SMP/E installation will fail.

The implementation of the export function in December left some issues unaddressed.  These and several older problems are described in APAR OA60687.  The corresponding PTF UJ04987 for zSecure 2.4 adds several more usability enhancements:

  • The C line command for an alert configuration did not copy the customization of individual alerts in the configuration.
  • The C line command for an alert entry did not copy the destinations of the alert (if any).
  • Looking at alert destination would mark the alert set as changed, needing refresh.
  • Resetting alert destinations of an individual alert was not intuitive.
  • Navigating through alert configurations, the cursor would often be placed in the command line, and not left in the last used entry.
This PTF should be applied before using the EXPORT and IMPORT functions described above.