"Practical Ways to Do Things Better, and Comprehensive Reviews to Show You Where You Stand"

More FREE Information Resources


The following links connect you to more free, practical infromation sources:


Glossary of Mainframe Terms


How to Get z/OS Basic Skills


IBM z/OS Manuals in pdf Format


CA Technologies Integrity Statement for All of Their Software Products


IBM's Integrity Statement for z/OS


z/OS Configuration Info (and more): Documents, Audit Guides, Presentations and Free (But Supported) Software from NewEra


Back Issues of z/Journal Magazine


Back Issues of Mainframe Executive Magazine


IBM Presentation Handouts on Security and RACF from SHARE and GSE


Free Articles on Mainframe Security and Auditing





Here are other information sources you may find useful. Select by clicking on the selections below:

IT Audit Sites


Jim Kaplan's AuditNet: THE audit source on the net
www.auditnet..org information resource for auditors



Information Systems Audit & Control Association - ISACA






General Computer Security Sites


CERT (Computer Emergency Response Team, division of the Software Engineering Institute at Carnegie Mellon Institute

NaSPA Home Page

IBM Secureway web site





IBM Mainframe Sites (not including RACF, which follows)


CBT Free mainframe software and great info source

GUIDE

SHARE






Interesting Products


Permanently Interesting Products Column (formerly maintained in the RACF User News)

We have not evaluated these, but think every mainframe shop should know about them.

Key Resources provides software products and consulting services for MVS penetration testing, vulnerablitily solutions, security migration, and compliance and audit. For more info contact Robert Fragola at robert.fragola@kr-inc.com or phone (914) 393-7000 or see the website at:
http://www.kr-inc.com

NewEra Software’s Image FOCUS is an Image Control Environment (ICE) application that detects, evaluates, documents and reports on changes to z/OS, its subsystems and z/OS External Security Managers. For more info contact Jerry Seefeldt at jms@newera.com or phone (800) 421-5035 or see the website at:
http://www.newera.com

EKC offers software tools for RACF (and ACF2) administration, Firecall userids, and SOX compliance. For more info contact them at phone (847) 296-8010 or see the website at:
http://www.ekcinc.com

SEA's RAC/PACK is a family of products designed to help manage RACF more efficiently; thereby enabling security professionals to work more productively. RAC/PACK is composed of three separate products: RA/2, RA/7, and RA/8. For more info contact Curt Mark at cmark@www.seasoft.com or phone (516) 328-7000 or see the website at:
http://www.seasoft.com

Sage DNA for RACF (maps privileges, helps simplify and cleanup your database and convert to role-based administration). For more info contact Ron Rymon at sage@eurekify.com or see the website at:
http://www.eurekify.com

NetQ's APPN-EE Firewall. For more info contact Peter Hager at p.hager@net-q.com or see the website at:
http://www.net-q.com

The ZEN product line from Williams Data Systems includes software for monitoring, security, and control of APPN and TCP/IP networks, including ZEN FTP Control, ZEN EE Monitor, and ZEN EE Security. Call Ian Green at (703) 674-2200 or go to
http://www.willdata.com

The Security Bridge from Security Integration provides a patented method for linking RACF to legacy application security. For more info, call (800) 888-5031, or see www.securityintegration.com

PassGO (Formerly CKS) Call Amy Ricker (978) 635-1588 or www.passgo.com

ASPG's Megacryption and ERQ (Easy RACF Query), ReAct & Cryptomon. Call Lisa Hamilton at (800) 662-6090 or Lisa.Hamilton@aspg.com  for more info. Website: www.aspg.com

Allen System Group has acquired Entact Information Security and offers tools for: RACF Administration, RACF/SMF Auditing, and Enterprise Identity Management. For info call Brent Phillips at 1-817-652-6335 or see http://www.asg.com/products/identmgmt.asp 

RACF Password Cracker Program, no longer free, but with more features than the free version. Email Peter Goldis at
pgoldis@world.std.com or look at www.goldisconsulting.com 

ICU MVS Penetration Analysis Tool and consulting from Janus Associates. Call (203) 251-0221 or www.janusassociates.com

RtoR from Open Software Technologies. Call Everett Bowyer at (800) 226-3670 or http://www.open-softech.com/rtor.htm  for info.

Beta System's software for RACF administration. Call (800) 777-9864 for more info. OR http://www.betasystems.com 

Vanguard's Administrator and annual security conference. Call (714) 939-0377 for more info. OR http://www.go2vanguard.com 

SecurePass from Proginet to link RACF with Windows NT security. Call (516) 248-3366 for more info. OR http://www.proginet.com 





RACF (IBM's Mainframe Security Software) Sites


http://www.geocities.com/steveneeland/Sort_Reports.html  Steve Neeland's RACF page

Thierry Falissard's RACF page http://www.os390-mvs.freesurf.fr/nbsp;

Nigel Pentland's security page http://www.nigelpentland.co.uk 

IBM RACF home page:

IBM z/OS, including RACF: http://www-1.ibm.com/servers/eserver/zseries/zos/ 

IBM's RACF

IBM RACF Goodies Site

RACF-L Discussion Group

RACF Password Cracker Program


To join the RACF list server, send E-mail to the administrator for the server with the words
subscribe racf-l
followed by your first name and last name.
(Don't send it to the server itself or your request will be routed to every subscriber.)
For example, if your name is John Smith and you want to subscribe, then send this E-mail:

subscribe racf-l john smith

The address to send this to is

LISTSERV@uga.cc.uga.edu

or

LISTSERV@UGA.BITNET

The reply will include directions on how to get info such as a list of all subscribers, an index to previous comments, and a command summary. Expect lots of E-mail every week.





Seminar and Training Sites

Vendor and Product Specific Security Sites


Proginet (RACF to Windows NT Password Synchronization)

RtoR (REXX to RACF) software

Beta Systems Enterprise Security Manager for RACF

MegaSolve (RACF Administration Software)

JANUS Associates offers consulting in information security and business recovery planning. They also offer penetration/vulnerability assessment software for OS/390 - MVS operating systems using RACF.


Return to Top of Page         Return to Home Page