Incorporating Threat Protection For Your Mainframes

By Deb Gannaway on November 16, 2019 7:15 am
Deb Gannaway

Most organizations have been vigilant about implementing security applications and procedures for their cloud-based endpoints and other components of their distributed networks. But what about the trusted, traditional mainframes that may make up much of your IT infrastructure?

In many cases, mainframes were self-contained within the organization and the traditional tight security surrounding them insulated them from outside threats to a large degree. But as businesses have begun integrating their mainframes into the connected cloud environment, they have become susceptible to the same threats as other elements of the network. Ensuring the same level of threat detection and protection for mainframes has therefore become a key concern for IT leaders.

You likely have event management technology in place to help you address and mitigate incidents as they occur from your distributed servers, network devices, or other endpoints. DG Technology has developed a solution that now incorporates your mainframe under the same security umbrella.

The Mainframe Event Acquisition System (MEAS) from DG Technology enables real-time collection of information involving security, database-related, and transaction events that could be threatening your mainframe. MEAS integrates with Security Information and Event Management (SIEM) technologies from Splunk, IBM, CA, Symantec, ArcSight, Dell, RSA, McAfee, and LogRhythm to enable you to collect, store, report, and initiate corrective action against threats to your mainframe data.

MEAS allows you to respond to mainframe events and leverage SIEM technologies to email or text the appropriate users to ensure security policies surrounding your mainframes are being followed.

MEAS listens for events on your mainframe within each LPAR, selecting only those required by the client. When a targeted event is detected, MEAS captures the event and details and converts the data to expose the event to your SIEM application. MEAS then documents a history of events in an SQL database which you can use to execute queries, perform event correlation, and send additional events to your SIEM software for action.

With real-time access to your mainframe events, you are better able to react to situations as they occur. There is no longer a need to run time-consuming batch jobs to search through your SMF data and wait a day to discover an event has occurred. MEAS immediately notifies you when a potential negative event is happening allowing you to act fast to prevent a negative impact on your security and compliance requirements.

As your mainframes begin to play a more prominent role in your connected network, you need to increase your visibility and security protection. MEAS can provide that layer of protection.

Contact DG Technology to see how the MEAS solution fits into your overall security plan.