I must disagree with your second argument. If your mainframe does not provide data to anyone outside of your control, then okay. But if you deliver data to outsider, the public in particular, I feel you have a duty to make sure that the data you provide does not include a virus that might affect their system even if it cannot affect your mainframe. A mainframe webserver delivering windows viruses (virusi?) to the public does not help our reputations.
Even though we have an anti-virus program running on every workstation in our agency, I still do not trust all of the files these people upload to my mainframe (or linux/x86) server for distribution to outsiders. I want to scan all of these files ONE MORE TIME before making them available. I would prefer to do this on an x86 server than spend mainframe cycles. Similar precautions should be applied to files received from the outside world. No one should get to them before they get scanned. All failures in the scan need to be further quarantined until a security (anti-virus) expert looks at the files. /Thomas Kern /on contract to /U.S. Dept of Energy /301-903-2211 (Office) /301-905-6427 (Mobile) On 3/27/2012 14:25, R.S. wrote: > W dniu 2012-03-27 17:06, Greg Dorner pisze: >> Dear IBM-MAINers, >> >> Our auditors are insisting that we install a product that protects against >> malicious >> software (viruses, worms, trojans, etc.). >> >> Does anyone know of a product that does this? I heard that McAfee is coming >> out with a >> z/OS product "later this year", but I called them and they had no idea what >> I was >> talking about. >> >> z/OS, with proper security controls (and believe me - we have LOTS!) should >> not have to >> worry about such things, at least that's what I've always heard. >> >> Any input on this topic would be GREATLY appreciated!! > > This is NOT mainframe problem. > > Indeed, you have problem with uneducated auditors. Maybe stupid ones. > Your problem is how to prove that requirement is both stupid and impossible > to fulfill. > > > We can provide you some arguments, like > - there are no such products > - there are no viruses, trojans or other malware for z/OS and it have never > been last 47 > years. (I said 'z/OS', so the only VM worm does not count) > - no mainframe installation use such product > - you have RACF *SECURITY SERVER* (or TS or ACF2) > > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
