Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Niidae Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Z/OS
(section)
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===z/OS Encryption Readiness Technology (zERT)=== z/OS Encryption Readiness Technology (zERT) monitors, records, and reports details of z/OS cryptographic network protection. It is a feature of z/OS V2R3 (and later releases) Communications Server component.<ref>{{cite web|title=Things you should know about z/OS Encryption Readiness Technology (zERT) |date=31 December 2019|url=https://community.ibm.com/community/user/ibmz-and-linuxone/blogs/flora-gui1/2019/12/31/things-about-zert}}</ref> ====zERT discovery==== With zERT, the TCP/IP stack acts as a focal point in collecting and reporting the cryptographic security attributes of IPv4 and IPv6 application traffic that is protected using the TLS/SSL, SSH and IPSec cryptographic network security protocols. The collected connection level data is written to SMF in new SMF 119 subtype 11 records for analysis.<ref>{{cite web|title=z/OS Encryption Readiness Technology (zERT)|website=[[IBM]] |url=https://www.ibm.com/docs/en/zos/2.5.0?topic=zert-zos-encryption-readiness-technology}}</ref> ====zERT aggregation==== In certain environments, the volume of SMF 119 subtype 11 records can be large. The zERT aggregation function provides an alternative SMF view of the collected security session data. This alternate view is written in the form of new SMF 119 subtype 12 records that summarize the use of security sessions by many application connections over time and which are written at the end of each SMF interval. This alternate view condenses the volume of SMF record data while still providing all the critical security information. ====IBM zERT Network Analyzer==== z/OS Management Facility (z/OSMF) is enhanced to provide a plug-in named IBM zERT Network Analyzer. IBM zERT Network Analyzer is a web-based graphical user interface that z/OS network security administrators can use to analyze and report on data reported in zERT Summary records. With the zERT Network Analyzer, a z/OS network security administrator (typically a systems programmer with responsibility over z/OS Communications Server) can import SMF zERT summary records into a Db2 for z/OS database and then build and run custom queries against that data.
Summary:
Please note that all contributions to Niidae Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Encyclopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Search
Search
Editing
Z/OS
(section)
Add topic
