Vanguard Configuration Manager Continuously Monitors System z Security Configuration Controls

Automates Lengthy Processes Required by NIST, DHS National Checklist Program, DISA STIG for z/OS

Mar 03, 2011, 08:02 ET from Vanguard Integrity Professionals

LAS VEGAS, March 3, 2011 /PRNewswire/ -- Vanguard Integrity Professionals, the largest independent provider of enterprise security software for System z, today announced a new version of its automated software scanner that enables continuous monitoring of security configuration settings on z/OS systems. Vanguard Configuration Manager supports implementing and utilizing the z/OS RACF checklist provided by the National Checklist Program of the National Institute of Standards and Technology and the Department of Homeland Security.

Continuous monitoring is one of six steps in the Risk Management Framework described in NIST Special Publication 800-37, Revision 1. In the report, NIST states "A critical aspect of managing risk to information from the operation and use of information systems involves the continuous monitoring of the security controls employed within or inherited by the system. Conducting a thorough point-in-time assessment of the deployed security controls is a necessary but not sufficient condition to demonstrate security due diligence."

Vanguard Configuration Manager significantly reduces the cost and time required for government agencies and contractors to test and assess their accordance with NCP guidelines for IBM z/OS and RACF. Organizations that have deployed Vanguard Configuration Manager are saving thousands of hours each year when performing quarterly assessments of their accordance with NCP requirements. Those that implement continuous monitoring will save tens or hundreds of thousands of hours each year by deploying Vanguard Configuration Manager.

"Without Vanguard Configuration Manager, it is extremely difficult for government agencies and contractors to report quarterly on their accordance with the z/OS guidelines of the National Checklist Program," said Keegan O'Neill, director of research and development at Vanguard. "Continuous monitoring of National Checklist controls for the zSeries is virtually impossible without a tool like Vanguard Configuration Manager."

The National Checklist Program currently recognizes the Defense Information Systems Agency Security Technical Implementation Guidelines as the required configuration controls for z/OS and RACF systems. The new release of Vanguard Configuration Manager supports version 6.4 and 6.5 of the DISA z/OS RACF STIG Checklist and is the only fully automated baseline configuration scanner for z/OS DISA STIGs.

"Vanguard Configuration Manager provides the fastest, most cost effective and accurate method of testing and responding to z/OS NCP and DISA STIG requirements," O'Neill continued. "We've automated the difficult and time-consuming DISA STIG processes. Within a couple of hours, using Vanguard Configuration Manager, organizations can test their mainframe security configuration controls and produce everything they need to report on DISA STIG compliance."

Vanguard Configuration Manager leverages the expertise of some of the most experienced z/OS mainframe system and RACF security experts in the world. The United States-based Vanguard team worked together to extensively analyze all of the mainframe DISA STIG checks and then built that knowledge into each check to create an intelligent and automated configuration control scanner.

For more information on Vanguard Configuration Manager, or to read case studies about how customers are already benefiting from its use, visit

About Vanguard Integrity Professionals

Vanguard Integrity Professionals, an IBM Business Partner, provides enterprise security software and services that solve complex security and regulatory compliance challenges and deliver a rapid return on investment. With automated solutions for Audit and Compliance, Operational Security and Intrusion Management, Vanguard enables government agencies and corporations around the world to ensure continuous monitoring of z/OS systems, safeguard cloud computing secure domains, and protect critical data and applications from cybersecurity threats.

IBM and RACF are trademarks of International Business Machines Corporation in the United States and other countries. Vanguard Configuration Manager is a trademark of Vanguard Integrity Professionals in the United States and/or other countries.

SOURCE Vanguard Integrity Professionals