As experts in the management of z/OS networks WDS understands the importance of
increasing the effectiveness of standard z/OS components, such as SyslogD, FTP and
Enterprise Extender (EE). SyslogD is used to record critical system events, yet
facilities for managing it are limited. FTP and Enterprise Extender (EE) protocols
are freely available with z/OS and provide excellent value as alternatives to proprietary
data transfer solutions, in the case of ftp, or potentially having to re-write complex,
legacy SNA applications to take advantage of IP networking as is the case with EE.
Yet there is room for significant improvement with all three of these vital z/OS
While there are many ways to encrypt ftp traffic, access control is a serious issue
for organizations wishing to give their users access to ftp. FTP implementation
can leave business data exposed. Personnel files, patient information, payroll details
and confidential corporate records can be transferred from your company, without
your knowledge, and sent anywhere, shared with anyone. Files can be redistributed
or modified and reinstated, with no record of it ever happening. This forces many
enterprises to withhold ftp services from the user community and look to expensive
ZEN FTP CONTROL (ZFC) restores ftp's credibility as a business tool and is the missing
link for businesses looking for an inexpensive way of sharing data. ZFC plugs the
holes associated with securing ftp access and turns ftp into viable alternative
to the costly proprietary solutions.
IBM's Enterprise Extender (EE) protocol is part of Communications Server, which
is freely available with the z/OS operating system. It was written to enable businesses
to transition away from proprietary SNA networking to the open standards of IP.
The attraction of EE is that it allow enterprises who have invested huge amounts
of money in SNA applications, to play in the internet age. This it does by 'encapsulating'
SNA applications data in IP packets. It's a great solution and negates the need
for expensive re-writes of legacy applications.
The disadvantage of EE centres around its use of UDP protocol. For many experts
UDP is seen as potential security hazard due to its 'connectionless' nature. Furthermore,
industry standard encryption and authentication methods such as SSL or TLS cannot
be applied to UDP.
ZEN EE SECURITY (ZES) overcomes these disadvantages by uniquely converting EE traffic
to TCP, With ZES, preserving SNA application investment and taking advantage of
IP networking no longer need to be mutually exclusive.
Syslog Daemon (SyslogD) support in ZEN extends its system and network log services
to include messages originating from the SyslogD. SyslogD is a critical part of
z/OS's Intrusion Detection and Prevention services (IDS) because detailed event
messages, such as security violations, are sent to SyslogD, as well as messages
from many other important communications services including FTP and AT-TLS. ZEN's
ability to provide real-time monitoring of SyslogD is vital for z/OS system security.
ZEN Rexx procedures driven by automation on receipt of a SyslogD message can extract
the message attributes (facility, priority and origin IP address) as well as the
message text. All ZEN automation capabilities are available for SyslogD messages
including forwarding the message to console, email, SNMP traps etc. You can see
and potentially automate any SyslogD-enabled device by routing its messages to the
ZEN System Log.
Download the PDF opposite or contact WDS for further information about ZEN's SyslogD
Don't leave things to chance. Contact WDS and learn how
ZEN SyslogD Management, ZEN FTP CONTROL and ZEN EE SECURITY can provide the control
you need to secure your network effectively.