Every z/os system today has integrity vulnerabilities on it that if
exploited would allow users with access to that system to crash that
system or bypass installation controls and access any protected resource
on that system regardless of the installed ESM. They would be able to do
so with little to no audit trail.
What part of this is not a mainframe problem?
Ray Overby
Key Resources, Inc.
Ensuring System Integrity for z/Series^(TM)
www.zassure.com
(312)574-0007
On 3/27/2012 13:25 PM, R.S. wrote:
W dniu 2012-03-27 17:06, Greg Dorner pisze:
Dear IBM-MAINers,
Our auditors are insisting that we install a product that protects
against malicious software (viruses, worms, trojans, etc.).
Does anyone know of a product that does this? I heard that McAfee is
coming out with a z/OS product "later this year", but I called them
and they had no idea what I was talking about.
z/OS, with proper security controls (and believe me - we have LOTS!)
should not have to worry about such things, at least that's what I've
always heard.
Any input on this topic would be GREATLY appreciated!!
This is NOT mainframe problem.
Indeed, you have problem with uneducated auditors. Maybe stupid ones.
Your problem is how to prove that requirement is both stupid and
impossible to fulfill.
We can provide you some arguments, like
- there are no such products
- there are no viruses, trojans or other malware for z/OS and it have
never been last 47 years. (I said 'z/OS', so the only VM worm does not
count)
- no mainframe installation use such product
- you have RACF *SECURITY SERVER* (or TS or ACF2)
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
