Security Monitor/Alert Real-Time | SMA_RT | Mainframe SIEM Overview


Integrate mainframe security events into your SIEM.


The SMA_RT Security Monitor brings your z/OS mainframes into the center of your enterprise security infrastructure.

SMA_RT agents acquire messages from the z/OS system console and z/OS SMF (system management facility), and pass critical security information to your central enterprise SIEM tools.

SIEM (security information and event management) tools concentrate security logs from throughout an enterprise, and are in wide use for monitoring a wide range of IT channels and platforms.

With SMA_RT, mainframe security no longer depends on batch jobs running hours after the events they report. You no longer need multiple security teams to guard your enterprise's multiple platforms.

SMA_RT software agents convert mainframe logs to syslog format for delivery to SIEM technologies, or to any other software that uses SYSLOG protocol.

IBM
z/OS
mainframe
z/OS SMF records   SMA_RT Enterprise
SIEM
security
z/OS system operator console
z/OS SAF security
z/OS TSO
z/OS CICS
z/OS USS

Security means watch ALL the doors

SMA_RT agents allow SIEM to consolidate intelligence from on any and all the z/OS systems and LPARs in your network. And to consolidate all that mainframe data with security intelligence from all the other systems in your enterprise: Unix, Windows, Cisco...

For years, mainframe security and auditing stayed isolated inside the mainframes, available via batch jobs running hours after the events they reported. But isolated silos of data simply won't stand up to today's security threats and auditing requirements.

With SMA_RT on your mainframes, your security people get a central, enterprise-wide view of all the events they need to capture, and all the security threats they need to recognize.

Enterprise-wide monitoring of security events is critical, not only for tracking malicious activity, but also to meet compliance requirements.

SMA_RT can be an invaluable tool for SOX, PCI, and HIPAA compliance. SMA_RT administrators can define specific items of interest for deeper-than-normal monitoring: files that hold credit information, for example, or health care details.