• 
  Home
  • Vanguard Integrity Professionals
• 
  Software Solutions
  • Audit & Compliance
    • Vanguard Analyzer™
    • Vanguard Configuration Manager™
    • Vanguard Enforcer™
    • Vanguard inCompliance™
    • Vanguard Policy Manager™
  • Cloud Security
    • Google Email
  • Continuous Monitoring
    • Configuration Manager
  • Identity & Access Management
    • Vanguard Administrator™
    • Vanguard Advisor™
    • Vanguard Authenticator™
    • Vanguard ez/Integrator™
    • Vanguard ez/SignOn™
    • Vanguard ez/Token™
    • Vanguard PasswordReset™
    • Vanguard SecurityCenter™
    • Vanguard Tokenless Authentication™
  • Intrusion Management
    • Vanguard Enforcer™
• 
  Services
  • Vanguard Services
    • RACF Services
    • Network Services
  • Meet The Team
• 
  Training
  • Vanguard zSecurity University™
  • Course List & Schedule
  • Meet our Instructors
  • Training Justification (ROI)
  • Student Testimonials
  • Request a Class
  • Training FAQs
  • Online Class Requirements
  • Vanguard Security & Compliance 2012
  • RACF User Groups
  • Contact Us
• 
  International
  • International Distributors
  • Become a Distributor
  • Media Coverage
  • Distributor Zone
• 
  About Vanguard
  • About Vanguard
  • Contact Form
  • Employment Opportunities
  • Innovators
  • Office Locations
  • Ronn Bailey Bio
  • Vanguard History
  • Media & Resources
  • Webinars
• 
  Customer Zone

Read the RACF Case Studies!

• Vanguard Services Team Selected for migration from TSS to RACF
• Large U.S. County Replaces Tivoli zSecure with Vanguard Security Software.

PCI-DSS Readiness Review

A PCI-DSS Readiness Review is an in-depth assessment showing how well your z/OS RACF controls have been, or have not been, configured to comply with the PCI Data Security Standards. Our team of RACF PCI experts will work with and educate your security administrators on what is expected from them to be PCI compliant. Vanguard will deliver a “customizable” document that will be maintained by you and can be used to demonstrate your compliance with the annual Report on Compliance (ROC) that is prepared by your Qualified Security Assessor (QSA).

This review is the most intensive z/OS RACF assessment for PCI compliance that is available in the marketplace today. The review of each PCI requirement includes supporting documentation, policy statements, reference materials, comments and recommendations that will demonstrate PCI compliance to your auditors and assessors. PCI remediation and retainer services are also available.

z/OS and RACF Security Assessment

Security Snapshot™ for IBM z/OS® and RACF® allows you to quickly and efficiently assess the current state of the implementation of security, at a high level, by reviewing your system for the most common high risk security configuration errors. Leveraging Vanguard's expert security consultants and its extensive database of System z® security assessments, we investigate 25 to 30 control points at no charge. The snapshot gives you a clear sense of the current state of your z/OS and RACF security implementation.

The Security Snapshot requires only a two-hour time investment and produces significant returns including:  

• Insight into the existing state of your z/OS and RACF environment in relation to others
  
  
• An assessment report that includes an explanation of each exposure identified, along with its severity and the level of effort to remediate the issue
  
  
• Knowledge that translates into actionable security intelligence

Click here to schedule a no charge Security Snapshot for System z and RACF or request more information.

RACF Migration Assessment

These assessments are typically 3-day assignments per database. The objective is to learn as much about the ACF2/TSS and z/OS environments as possible through personal interviews with staff members and by gathering data from the ACF2/TSS database. We also identify elements in the ACF2/TSS environment that will complicate the conversion process for the ACF2/TSS environment. The deliverable is a statement of work for migrating the client from ACF2/TSS to RACF.

RACF Migration Services

Vanguard offers the most comprehensive program in the world for migration from ACF2/TSS to RACF. Our specialists help clients properly implement RACF protocols according to "best practices" methodologies and processes. Vanguard is one of the world's few vendors certified to use IBM's ACF2 and Top Secret Migration Utilities. We use these utilities in addition to our own unique security assurance software tools to deliver a complete migration that is unobtrusive and efficient as possible. A RACF Migration Assessment typically PRECEDES this offering.

Using RACF to protect SDSF Resources

This is a very complex implementation requiring five RACF General Resource Classes. At Vanguard we have developed an automated methodology to provide a quick and accurate implementation of RACF profiles to replace the SDSF ISFPARMS security parameters and put security enforcement where it belongs for SDSF; namely in the hands of the RACF Security team. Vanguard professional services consultants will work shoulder to shoulder with your RACF Security team to accomplish this transition.

DB2 to RACF Security Migration

Vanguard offers a comprehensive program for migration from DB2 internal Grant/Revoke security to RACF security. Our specialists help clients properly implement RACF protocols according to "best practices" methodologies and processes. Vanguard's specialists have extensive experience using the IBM DB2 to RACF Conversion Utility in addition to our own unique security assurance software tools to deliver a complete migration that is unobtrusive and efficient as possible. A full day class on DB2 security for DBAs and RACF administrators is part of the migration services.

RACF Database Merges

Merging RACF Databases is a high risk, complex process.  Vanguard has developed an effective and efficient methodology to minimize the risk involved in this type of project and has used this methodology in a large number of RACF Database merge projects for clients.  Complexities include avoiding access undercuts as a result of the merge, ensuring the “survivor” fields in the merged profiles are accurate, and dealing with the need to ensure proper levels of access for all resources being protected as a result of the merge process.  Many clients prefer to have the Vanguard level of expertise to assist them with this type of project.

z/OS Infrastructure RACF Security Implementations

When Vanguard performs a RACF Security Assessment we identify the z/OS infrastructure resources currently being protected by RACF and those not currently being protected. This include resources such as CICS and IMS transactions, Tape Management System controls, Job Scheduler controls, Automation controls, and many other z/OS Resource Manager controls. Vanguard can assist clients with the implementation of RACF protection for any of these types of Resource Managers. Using our Vanguard tools during such implementations is included in the project and provides for efficiencies to reduce the amount of time required for the implementation as well as reducing risks involved in these types of projects.