Value-4IT Logo

Maximizing  The  Business Value-4IT

Resources Within Your Organization
 
Vanguard Security Solutions

Vanguard Analyzer™: A Comprehensive System Integrity Verification & Auditing Solution
 System Integrity and Security Analysis - Auditing your computer installation is easier than ever, thanks to Vanguard Analyzer.  This comprehensive system integrity verification and auditing solution provides security assessment, risk identification, threat analysis, and specific instructions on how to fix identified problems.

Now you don't have to be a Systems Programmer to perform a high-level technical systems audit.  Analyzer performs in-depth analyses of your current system integrity status and security measures, identifies exposures in simple business risk language, and prioritizes them for immediate action.

 How it Works
Vanguard Analyzer gives an administrator and/or auditor the choice of performing an entire z/OS system audit with a single selection, or performing specific individual audit functions.  The audit results may be displayed online or printed in a batch report.  If your organization utilizes IBM's Security Server, it can be included in the analysis.  To facilitate your use of the Automated System Audit, Vanguard Analyzer ranks messages by importance so they can be addressed quickly and appropriately.  If there is more than one audit finding, the display is automatically sorted so the areas with the most critical messages are displayed at the top of the list for immediate attention.

The Vanguard Analyzer Automated System Audit simplifies the audit process.  A panel detailing an audit's result, or Audit Finding, is displayed after an audit is run and highlights areas where a potential security exposure may exist.  The user can then specify the areas where a detailed audit is required.

 Return On Investment
Analyzer can be used to quickly take a system snapshot, or as an automated tool to perform a full audit. Analyzer is modular and can be used online, or batch reviews can be created.  Using Analyzer can save time and audit resources because the number of manual tasks that need to be done is greatly reduced.

 Why You Must Audit and Analyze
Auditing your system's integrity and analyzing the results on a regular basis is an absolute business necessity in today's environment.  You must know the current status of your operating system in order to have confidence that your enterprise's systems and critical data are safe from compromise, sabotage, disclosure or outright theft.  Even a small breakdown in security can potentially cost millions.

Before Vanguard Analyzer, the audit process had been viewed as difficult and expensive, if not impossible to perform.  That's because many companies also face a shortage of qualified technical personnel experienced with Mainframe security and programming techniques.  Also, a high level of expertise was required to determine if an audit finding was significant, to define what it really meant for IT security integrity, and to explain how it could be fixed.

Only Analyzer provides continuously updated audit and analysis tools that make such a critical task easier to perform and more cost-effective than other software methods.

Audit Messages That Speak Your Language
After creating an audit finding, the security administrator or auditor must fully understand its implications, define the severity of its impact on the overall integrity of the system, and prepare the appropriate actions.

Only Vanguard Analyzer offers expert-level policy implementation guidelines in language that both security staff and management can understand.  After Analyzer completely examines and assesses the status of critical system controls, it uses Vanguard's innovative Enabler technology called SmartAssist to explain its findings in terms of business risks and include detailed recommendations for corrective action based on practices implemented by major auditing firms.  Messages are written in simple business language further reducing the level of knowledge required to understand and act.

Risk assessments are ranked by severity, ranging from information-only messages to an actual security or integrity breach that requires immediate action.  SmartAssist's Audit Findings may be viewed in dynamic pop-up panels that include an explanation of the finding, the risk it entails, and the recommended course of action.

 Automating The Systems Audit
Vanguard Analyzer gives the administrator or auditor the choice of performing an entire system audit with a single selection, or performing specific individual audit functions.  The audit results may be displayed online or printed in a report.  If your organization utilizes IBM's Security Server (RACF), it can also be included in the analysis.

Analyzer makes periodic audits more useful and effective by permitting users to mark an audit finding as "reviewed and accepted".  When Analyzer is run again, it will note that this finding has already been reviewed and accepted, and will assign a lower priority to it.  This makes regular use of Analyzer faster and focused on new issues.  It also avoids unnecessary re-evaluation by audit staff of findings from previous Analyzer audit runs.

To facilitate your use of the Automated System Audit, Analyzer ranks messages by importance so they can be addressed quickly and appropriately.  If there is more than one audit finding, the display is automatically sorted so the areas with the most critical messages are displayed at the top of the list for immediate attention.

The Automated System Audit simplifies the audit process. A panel detailing an audit's result, or Audit Finding, is displayed after an audit is run and highlights areas where a potential security exposure may exist. You can then specify the areas where a detailed audit is required.

Implement Audit Procedures Painlessly
For administrators or auditors needing to implement precise "best practice" auditing, use Vanguard's unique Audit Workprogram developed in conjunction with a top auditing firm.  The Workprogram guides a user through all the steps required to conduct an in-depth system audit with Vanguard Analyzer at its core.  The Workprogram includes all the necessary work forms for each audit analysis.  The guide includes:
 

A clearly stated definition of the component being analyzed.

A list of the risks that an auditor should be aware of within the analysis area.

The actual audit procedure for that analysis.  The Workprogram identifies each specific test that should be completed and includes space for user sign-off and observations of record.

How to use Analyzer to carry out the steps documented in the Audit Workprogram, you can carry out processes similar to a top audit on any Mainframe system.

Put These Powerful Tools to Work

Comprehensive SMF Analysis
The System Management Facility (SMF) is critical to every installation.  Vanguard's SMF Analysis tool creates a summary of all audit findings, then formats basic SMF control and status information, including the level of operator intervention allowed, for easy review.  Vanguard Analyzer also reports on the SMF data sets including the data set name, location and current status. Analyzer offers complete information reports about each SMF subsystem: name, description, which records are being written and all active SMF exits.

PARMLIB Analysis
Whether you're using one PARMLIB or several, this analysis provides an in-depth review of the current PARMLIB environment. Analyzer searches system control blocks to identify IPL members actually in use, provide last change details, display actual members, and show details of other IPL groupings. If Security Server is used, a Security Server Protection analysis is also performed for each PARMLIB data set.

File Base Line Capture & Compare
Do you know if any sensitive data sets have changed? File Base Line Capture identifies and reports changes to APF, LINKLIST, LPA and any other user-specified, mission-critical data sets.  Detail is provided down to the data set and module level with extremely flexible report options.

Program Properties Table Reporting
Want to know if an entry permits bypassing password protection or if an IBM default entry has been changed?  Analyzer captures the current Program Properties directly from the operating system and reports key information from each entry.  Analyzer reviews entries with either of these conditions to verify that they have been correctly modified. Analyzer reports program attributes as well as the common name for the program.  It also provides a concise report of exactly what programs are considered special in the system.

Sensitive & Critical Data Sets
Who isn't confused and concerned by the sheer number of data sets that are critical to the operating system?  The Sensitive and Critical Data Sets Analysis helps ensure that specified data sets are well protected.  There can be a huge security impact if unauthorized updating or unauthorized access to sensitive data sets occurs.  Analyzer reviews Sensitive and Critical Data sets (APF, LINKLIST, LPA, standard lists and user defined lists) and provides relevant information for each data set on one screen.

Duplicate Module Analysis
Obsolete or unauthorized duplicate programs may well pose security risks.  Analyzer shows all duplicates within APF, LINKLIST, LPA and client-defined libraries.

JES2 Analysis
How are JES2 security controls working?  Analyzer reviews and displays general JES2 control parameters, and important JES2 data sets.

LPA Analysis
The Link Pack Area (LPA) is a critical system resource.  Analyzer reports on inconsistencies in the LPA and highlights modules that are in test status (via MLPA).

SVC Table Analysis
Analyzer examines all components that identify the Supervisor Calls (SVC) to the operating system.  These include the SVC Table and SVC Update Recording Table. IBM SVCs, user SVCs, and ESR SVCs are also reviewed.  The audit finding and its accompanying explanation alert the auditor if anomalies exist.

System Exits
System Exit analysis is considered by auditors to be strategic for system security.  Analyzer searches for and provides additional information on all system exits.

Sort & Locate
The auditor may need to scan multiple screens when looking for a finding, or scroll through a long list of items when searching for an entry.  With a single request, the Locate facility instantly locates entities, reducing search time dramatically.  Use the Sort function to rearrange data in the most useful order for you.

Entry Point Information
IBM and System Programmers frequently use the front part of a program to place "Eye-Catcher" module information.  Analyzer automatically sorts through the first 20-30 bytes of all SVC entry points, SMF Exits, and subsystem routines to help reveal module name, compilation date and time, and other information.  This lets an auditor quickly determine if a module has been modified.

Expanded Support for IBM's Security Server
Vanguard Analyzer goes well beyond standard Mainframe auditing by providing features and capabilities that support and extend IBM's Security Server functionality.  Analyzer fully supports options within the Security Server, including analysis of Class Descriptor Tables, Router Table, Data Bases, Started Procedures, Authorized Caller Table, and Install Exits.  Analyzer adds enhanced Security Server Anomaly Checking that reviews additional aspects of Sensitive and Critical Data Sets (APF, LINKLIST, LPA, standard lists and user defined lists).  The detailed Anomaly analysis automatically verifies that an appropriate level of Security Server protection is in effect for critical data sets.

SETROPTS Analysis
Only Vanguard Analyzer provides analysis, risk assessment, and correction guidelines based on an audit of the Set RACF Options (SETROPTS) settings for your Security Server environment.  Analyzer reviews whether SETROPTS settings are configured according to approved policies as well as conform to industry best practices essential to an effective system audit.  Auditor displays current settings and issues audit finding messages to alert users of any potential risk associated with the existing SETROPTS settings.  A SmartAssist message describing the business risk and suggested corrections accompanies each audit finding.

 Change Security Server Options On-the-Fly
Now you can change SETROPTS option settings on the fly during a system audit using SmartLink and Vanguard Administrator.  SmartLink calls up Administrator from within Analyzer and passes information directly to the SETROPTS database, letting you view and alter online information contained in the Security Server.

Information is presented on pop-up data panels that permit replacing displayed field information.  Newly entered values are automatically formatted into the appropriate Security Server commands for immediate execution or scheduled batch processing.
back to top

A Comprehensive System Integrity Verification & Auditing Solution.

Product Resources
PDF

Vanguard Analyzer Data Sheet (130 KB)
PDF

Vanguard Analyzer Fact Sheet (433 KB)

Product Quick Links
Identity & Access Management Solutions
Web

Administrator™
Web

Advisor™
Web

SecurityCenter™
Web

Authenticator™
Web

ez/SignOn™
Web

ez/Token™
Web

Tokenless Authentication™
Web

ez/Integrator™
Web

PasswordReset™
Audit & Compliance Solutions
Web

Analyzer™
Web

Configuration Manager™
Web inCompliance™
Web

Policy Manager™
Intrusion Management Solutions
Web

Enforcer™

ISV Web Site

Web

 Vanguard Integrity Professionals
 © Copyright 2012 Value-4IT - All rights reserved. Site Map Contact Careers Privacy

Legal