CorreLog Mainframe SIEM Solutions
Real-time mainframe security
Deliver mainframe security alert to your enterprise SIEM in Real Time
For many large organization, one or more IBM z/OS mainframes constitutes a strategic capital investment for the most mission-critical applications, processes and data. The sophistication of malicious hackers today requires that organizations monitor real-time user event data from every corner of the enterprise, including mainframe. With Security Information and Event Management (SIEM) software platforms existing predominantly in distributed environments, those organizations need to include mainframe event log data for a unified, multi-platform view of enterprise security event data in a single console.
The CorreLog Mainframe SIEM Solutions
CorreLog Mainframe solutions are designed to deliver real-time notifications from RACF, ACF2, Top Secret, DB2 and IMS directly to any Windows- or UNIX-based Security Information & Event Management (SIEM) system. CorreLog Mainframe solution allows users to view mainframe events in real-time, alongside security events from Windows, Unix, Linux, routers, firewalls, and other IT assets in an enterprise SIEM system.
- Compatible with all existing SIEM software
- Complements your existing mainframe security software
- Support standards compliance such as PCI DSS, GDPR, LPM, NIS…
- Know and alert who accessed what data and when
- Know and alert what’s not working in real time in your z/OS production system
- Collects events from any mainframe subsystem including RACF, ACF2, Top Secret, DB2, IMS, CICS…
- Certified integrations with IBM QRadar SIEM, HP ArcSight SIEM, RSA Security Analytics, McAfee ESM, Solutionary, Micro Focus NetIQ
- Creates RFC 3164-compliant Syslog messages
- Capacity for millions of Syslog messages per day
- Uses only a few seconds of CPU per day
A global view of enterprise security event data in a single console
CorreLog Mainframe solution allows users to view mainframe RACF, ACF2, Top Secret, DB2, IMS, CICS… events in real-time alongside security events from Windows, Unix, Linux, routers, firewalls, and other IT assets in an enterprise SIEM system. This not only provides companies with the best possible security in real-time, but also helps ensure regulatory compliance.
Additionally, SIEM Agent converts a myriad of additional mainframe security events including TSO Logons, Production Job ABENDs, TCP/IP and FTP Connections.
Certified integrations with leading SIEM solutions
For ease of deployment, CorreLog Mainframe solution has certiﬁed integrations with IBM® Security QRadar®, HP ArcSight, RSA Security Analytics and a strategic partnership with McAfee. CorreLog Mainframe solution has ﬁeld integrations with many other leading SIEM solutions including Splunk and LogRhythm. The ability to view cross-platform security event log data in real- time is a ground-breaking feature of the CorreLog Mainframe solution.
Key for compliance standards
The CorreLog Mainframe solution provides IT security personnel with a more inclusive view of system-wide threat data for a higher level of monitoring user and system accesses related to network intrusion. The CorreLog Mainframe solution facilitates compliance requirements set forth by PCI DSS, GDPR, LPM, NIS and many other standards.
CorreLog Mainframe is a CorreLog Inc. solution, distributed by Infotel SA.