• 
  Home
  • Vanguard Integrity Professionals
• 
  Software Solutions
  • Audit & Compliance
    • Vanguard Analyzer™
    • Vanguard Configuration Manager™
    • Vanguard Enforcer™
    • Vanguard inCompliance™
    • Vanguard Policy Manager™
  • Cloud Security
    • Google Email
  • Continuous Monitoring
    • Configuration Manager
  • Identity & Access Management
    • Vanguard Administrator™
    • Vanguard Advisor™
    • Vanguard Authenticator™
    • Vanguard ez/Integrator™
    • Vanguard ez/SignOn™
    • Vanguard ez/Token™
    • Vanguard PasswordReset™
    • Vanguard SecurityCenter™
    • Vanguard Tokenless Authentication™
  • Intrusion Management
    • Vanguard Enforcer™
• 
  Services
  • Vanguard Services
    • RACF Services
    • Network Services
  • Meet The Team
• 
  Training
  • Vanguard zSecurity University™
  • Course List & Schedule
  • Meet our Instructors
  • Training Justification (ROI)
  • Student Testimonials
  • Request a Class
  • Training FAQs
  • Online Class Requirements
  • Vanguard Security & Compliance 2012
  • RACF User Groups
  • Contact Us
• 
  International
  • International Distributors
  • Become a Distributor
  • Media Coverage
  • Distributor Zone
• 
  About Vanguard
  • About Vanguard
  • Contact Form
  • Employment Opportunities
  • Innovators
  • Office Locations
  • Ronn Bailey Bio
  • Vanguard History
  • Media & Resources
  • Webinars
• 
  Customer Zone

---

Watch the Continuous Monitoring video from RSA 2011 here

Cyber threats have become more prevalent and are increasing risks to federal information systems. As a result, there is a need for better, more actionable intelligence about the security status of systems. Continuous monitoring of information systems security provides organizations with near real-time information about security breaches and changes in security controls to enable them to reduce risk exposure and vulnerabilities.

The National Institute of Standards and Testing (NIST) stated, in SP 800-37 in February 2010, that “Continuous monitoring is a proven technique to address the security impacts on an information system resulting from changes to the hardware, software, firmware, or operational environment.” Monitoring was also identified as one of the six critical steps in NIST’s Risk Management Framework.

In April 2010, the Office of Management and Budget issued memorandum M-10-15 to the heads of all executive departments and agencies that included the following: “Agencies need to be able to continuously monitor security-related information from across the enterprise in a manageable and actionable way.” NIST published the Initial Public Draft of SP 800-137 in December 2010 that affirmed that “Continuous monitoring helps ensure ongoing situational awareness and control of the security of systems across the organization and ongoing knowledge of associated threats and vulnerabilities...”

These new requirements for continuous monitoring of federal information systems will deliver a higher level of cybersecurity protection and address the growing threatscape facing federal government agencies. At the same time, the need for continuous monitoring will require organizations to implement new processes and automated tools to assist them. NIST regards automation tools as important for the success of continuous monitoring and states that they can make the process “more cost effective, consistent and efficient,” while providing organizations with “a much more dynamic view of the security state of those controls.”

Implementing Continuous Monitoring for Mainframe Systems: Like all other information systems, mainframe systems will need to implement continuous monitoring processes and will benefit from automated continuous monitoring tools.

Vanguard Integrity Professionals, the leading independent provider of enterprise security software and services for mainframe systems. Founded in 1986, Vanguard has helped hundreds of government agencies and corporations solve their complex security and compliance challenges.

In addition to its automated operational security and audit and compliance solutions, Vanguard provides the following continuous monitoring solutions that protect mainframe systems and ensure that mainframe security controls are configured according to federal requirements.

Vanguard Configuration Manager enables organizations to continuously monitor the mainframe security configuration controls endorsed by NIST and the Department of Homeland Security. By automatically scanning mainframe systems to assess their compliance with the Security Technical Implementation Guides mandated by the National Checklist Program, Vanguard Configuration Manager saves organizations thousands of hours each year while increasing the accuracy of their configuration control reviews. Vanguard Configuration Manager checks and reports on hundreds of thousands of control points automatically to provide a level of security review that is virtually impossible using manual methods. Read the customer case studies about Configuration Manager here.

Vanguard Policy Manager enables security officers to more precisely enforce security policies, prevent “privilege creep” and ensure that mainframe administrators, even those with highly privileged access, cannot issue unauthorized commands. With Vanguard Policy Manager, the system is continuously monitored and users are prevented from executing commands that do not comply with corporate-defined policies. Vanguard Policy Manager either modifies non-compliant commands automatically to comply with policy or prevents them from executing, resulting in a significant reduction in an organization’s security risks. Read the white paper about Policy Manager here.

Vanguard Enforcer is the only intrusion management solution for the IBM mainframe, is Common Criteria certified (EAL 3+), and was GSN’s 2009 and 2010 winner for Best Intrusion Detection/Protection System. By continuously monitoring and analyzing security-relevant events and activities, Vanguard Enforcer ensures that an organization's defined security policies and settings are in place and stay that way. If Vanguard Enforcer detects an intruder or a violation of an organization’s security settings, key security personnel can be alerted in real-time and problems can be remediated automatically. Read the case study with NASA here. Watch the video about Enforcer here.  Read the White Paper about Enforcer here.

Vanguard inCompliance performs continuous mainframe audits to identify high-risk security situations and potential compliance violations. The software enables continuous compliance by automatically conducting millions of specific checks on the entire RACF environment, or checks on data that must be covered to meet specific internal or external requirements. When Vanguard inCompliance detects high exposure changes or exceptions to policies or rules, the software drills down quickly to a detailed view of any check and recommends corrective actions where appropriate. Read the case study here. Read the White Paper here.

Vanguard Advisor is an integrated security information and event management (SIEM) solution for the mainframe that enablescomprehensive, real-time event detection, alerting and reporting. By continuously monitoring security on the mainframe, Vanguard Advisor can automatically identify potential security vulnerabilities, issue automated alerts, and take corrective action. In addition, Vanguard Advisor provides powerful analysis, in-depth query, predefined and customized reporting, and flexible report distribution capabilities. Read the case study here. Read the White paper here.

Vanguard Analyzer delivers expert-level vulnerability assessments and audit results for System z® in minutes, using Vanguard's extensive knowledge base of security best practices. The software provides comprehensive system integrity, verification and auditing capabilities, including assessment, risk identification, threat analysis, and specific instructions on how to fix identified problems. By providing an in-depth overview of current system status, identifying exposures in simple business risk language, and prioritizing findings for immediate action, Vanguard Analyzer simplifies the audit process. Read the White paper here.

New cybersecurity threats increase organizational risks. Given that Gartner estimates that organizations with mainframe systems typically run 90 percent of their critical applications on the mainframe, continuous monitoring of mainframe systems should be a welcome and necessary requirement to assure that critical systems and data are secure.

Vanguard Continuous Monitoring solutions enable organizations to know exactly what is happening on their mainframe systems in real-time, so threats can be immediately eradicated and problems rapidly remediated. In addition, Vanguard solutions enable organizations to easily produce the reports they need to demonstrate that their mainframe systems meet current security requirements.