DATA SHEET CA Top Secret® for z/OS At a Glance CA Top Secret® for z/OS (CA Top Secret) provides innovative, comprehensive security for your business transaction environments, including z/OS®, UNIX and Linux® on System z—helping your business realize the reliability, scalability and cost-effectiveness of the mainframe. Administrative tools, extensive reporting options, online monitoring and automatic logging capabilities accompany CA Top Secret to secure your environment while enabling comprehensive auditing and controlled sharing of data and resources. Key Benefits/Results • Improves efficiency by providing streamlined administrative functions • Simplifies the tasks associated with maintaining compliance • Reduces the cost of securing your systems • Strengthens security and reduces risks across your enterprise Key Features • Comprehensive, easy-to-use, rolebased security. CA Top Secret provides comprehensive security for z/OS resources across operating systems, subsystems, OEM software and databases. • Data and resource management. CA Top Secret is designed to protect data sets and selected resource classes by default or once ownership has been established. • Auditing and monitoring. CA Top Secret includes a variety of audit functions that provide information and capabilities to help you monitor access and access rights. • Separation of administrative functions. CA Top Secret provides separation of security administration functions and duties as well as an additional management control that safeguards your systems. Business Challenges Today, organizations view technology as a strategic resource and seek to gain competitive advantage by providing easier, faster and more reliable access to products and services. However, there is increased concern about the security issues that arise when valuable mainframe data is accessible to the outside world. Thus, a secure, reliable and costeffective security infrastructure is essential for the execution of today’s business strategies. Many organizations are also required to comply with government regulations, and existing corporate policies and industry agreements. In addition, with the continuous introduction of new technologies for the mainframe, new security and compliance, problems will continue to evolve. To stay abreast of today’s challenges, organizations must strengthen security, streamline administration and provide enhanced auditing and compliance capabilities. Solution Overview CA Top Secret is designed to protect your mainframe computer systems and data by controlling access to resources. It closely maps security to how you manage your organization by using a flexible configuration mechanism unique to CA that automatically associates users to one or more roles. CA Top Secret delivers out-of-the-box access control software for z/OS operating systems, which includes interfaces for CICS®, z/OS Unix (formerly known as OMVS) and IMS™ (and an optional add-on for DB2®). Its mechanisms provide flexibility and control to help you monitor and adjust your security policies and accommodate virtually all organizational structures. CA TOP SECRET FOR z/OS Critical Differentiators Release 12.0 Key Features: Because individual accountability is the key to effective information security, CA Top Secret lets you decide what policies are relevant and implement those structures. It provides easy-to-use, rolebased administration functions that adapt to your organization’s structure and procedures to support compliance with regulations and laws. New Utility and Documentation for Enhanced Role-based Security. Easier administration. CA Top Secret delivers several ways for you to separate security administration functions, providing different levels of administrative authority (privileges) over your users and resources. It can scope or limit privileges to discrete security functions, areas or resources. Users are protected by a password, and consistent password policies are enforced throughout your organization, increasing information security. CA Top Secret works with other solutions to provide comprehensive information security across your network, and it generates audit records for virtually any security-related event. It provides a comprehensive set of reports that enable you to view and analyze your security event information. It also enables you to limit the output of a particular report according to the privileges and restrictions of the specific user. 1. A RENEW command to simplify the administration of renewing certificates that are defined on the Top Secret database 2. Expanded size limits of the IDN/SDN extensions 3. Certificate Utility now displays all Certificate extensions Restricted Administrative Privileges. The ability to create “limited” security officers. For example, ‘helpdesk’ personnel can be created who only administer password resets and password-related fields, or users who are only authorized to issue digital certificate related commands. Administrative Archive. The ability to automatically generate archival commands during a security administrator’s list or removal of a user. The user security record with all associated user profile data as well as all profiles the user is associated with are captured and commands are generated that can be used to restore the user to an original status if needed. User Modeling. The ability to automatically model one user to create another, including user profile information, permissions and profiles. This can be extremely useful when users switch roles or new users are created. Virtual Storage Constraint Relief. Improved storage utilization and increased performance through exploitation of above-the-bar 64-bit storage. Serviceability. Additional diagnostic capabilities help CA Support identify product release and maintenance status. Related Products/Solutions •CA Chorus™ for Security and Compliance Management. Reduce the time and effort required to more securely manage the mainframe environment and enable faster issue resolution. •CA Cleanup for z/OS. Easily automate continuous and unattended security file cleanup. •CA Auditor for z/OS. Help identify and control z/OS security exposures. •CA ACF2 Option for DB2 for z/OS. Provides protection against unauthorized destruction, disclosure, or modification of DB2 data and protects DB2 resources by default using standard ACF2 syntax. For more information, please visit ca.com/mainframe-security CA Technologies (NASDAQ: CA) creates software that fuels transformation for companies and enables them to seize the opportunities of the application economy. Software is at the heart of every business, in every industry. From planning to development to management and security, CA is working with companies worldwide to change the way we live, transact and communicate – across mobile, private and public cloud, distributed and mainframe environments. Learn more at ca.com. Copyright © 2014 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. z/OS is a trademark of International Business Machines Corporation in the United States, other countries, or both. This document is for your informational purposes only. CA assumes no responsibility for the accuracy or completeness of the information. To the extent permitted by applicable law, CA provides this document ‘‘as is’’ without warranty of any kind, including, without limitation, any implied warranties of merchantability, fitness for a particular purpose, or non-infringement. In no event will CA be liable for any loss or damage, direct or indirect, from the use of this document, including, without limitation, lost profits, business interruption, goodwill or lost data, even if CA is expressly advised in advance of the possibility of such damages. CS200-94743_1014