Vanguard Configuration Manager Protects System z by Continuously Monitoring Security Controls

Utilizes Checklists Approved by NIST, DHS National Checklist Program

News provided by

Vanguard Integrity Professionals

21 Jul, 2011, 08:02 ET

ORANGE, Calif., July 21, 2011 /PRNewswire/ -- Vanguard Integrity Professionals, the experts on information security for System z, today announced a new version of Vanguard Configuration Manager, the first and only fully automated software scanner for System z. Vanguard Configuration Manager enables compliance with Federal Information Security Management Act requirements by automatically testing for compliance with the System z security technical implementation guidelines (STIGs) in the NIST Security Configuration Checklists Program for Information Technology Products published by the National Institute of Standards and Technology and the Department of Homeland Security.

Vanguard Configuration Manager significantly reduces the cost and time required for government agencies and contractors to test and assess their compliance with the NIST SCCP STIGs for System z and RACF, the minimum configuration controls required for these systems. The new release automatically scans for compliance with versions 6.4, 6.5 and 6.6 of the NIST SCCP z/OS STIG checklists, which are based on the DISA STIGs for z/OS and RACF. Vanguard Configuration Manager also enables the Department of Defense and its outsourcers to comply with section 931 of the National Defense Authorization Act of 2011, which requires, "Continuous monitoring of Department of Defense information systems for cybersecurity."

"With Vanguard Configuration Manager, we've automated the difficult and time-consuming checklist and security readiness review processes. Within a couple of hours, organizations can test security configuration controls on System z and produce everything they need to report on compliance with the NIST SCCP configuration controls," said Steven Ringelberg, chief operating officer of Vanguard. "Vanguard Configuration Manager provides the fastest, and most cost effective and accurate method of testing and responding to System z NIST and DISA STIG requirements."

Organizations that have deployed Vanguard Configuration Manager are saving thousands of hours each year when performing quarterly assessments of System z in accordance with NIST SCCP requirements. Those that implement continuous monitoring will save tens or hundreds of thousands of hours each year by deploying Vanguard Configuration Manager.

Continuous monitoring is one of six steps in the Risk Management Framework described in NIST Special Publication 800-37, Revision 1. In the report, NIST states, "A critical aspect of managing risk to information from the operation and use of information systems involves the continuous monitoring of the security controls employed within or inherited by the system."

"Without Vanguard Configuration Manager, it is extremely difficult for government agencies and contractors to assess and report quarterly on their compliance with configuration control requirements," Ringelberg continued. "And, without an automated tool like Vanguard Configuration Manager, it is impossible for them to move to continuous monitoring of System z security configuration controls, which is the most effective way for organizations to identify security vulnerabilities."

Vanguard Configuration Manager leverages the expertise of some of the most experienced System z and RACF security experts in the world. The United States-based Vanguard team worked together to extensively analyze all of the DISA STIG checks and built that knowledge into an intelligent, automated configuration control scanner.

For more information on Vanguard Configuration Manager, or to read case studies about how customers are already benefiting from its use, visit www.go2vanguard.com/configuration.php.

About Vanguard Integrity Professionals

Vanguard Integrity Professionals, an IBM Business Partner, provides enterprise security software and services that solve complex security and regulatory compliance challenges and deliver a rapid return on investment. With automated solutions for Audit and Compliance, Operational Security and Intrusion Management, Vanguard enables government agencies and corporations around the world to ensure continuous monitoring of System z, safeguard cloud computing secure domains, and protect critical data and applications from cybersecurity threats.

IBM. RACF, System z and z/OS are trademarks of International Business Machines Corporation in the United States and/or other countries. Vanguard Configuration Manager is a trademark of Vanguard Integrity Professionals in the United States and other countries.

SOURCE Vanguard Integrity Professionals

PRN Top Stories Newsletters

Sign up to get PRN’s top stories and curated news delivered to your inbox weekly!

Thank you for subscribing!

By signing up you agree to receive content from us.
Our newsletters contain tracking pixels to help us deliver unique content based on each subscriber's engagement and interests. For more information on how we will use your data to ensure we send you relevant content please visit our PRN Consumer Newsletter Privacy Notice. You can withdraw your consent at any time in the footer of every email you'll receive. Mit Ihrer Anmeldung erklären Sie sich damit einverstanden, Inhalte von uns zu erhalten.
Unsere Newsletter enthalten Zählpixel, die die Lieferung einzigartiger Inhalte in Bezug auf das Abonnement und die Interessen der einzelnen Abonnenten ermöglichen. Weitere Informationen über die Verwendung Ihrer Daten im Hinblick auf die Zusendung von relevanten Inhalten, finden Sie in unserer PRN Consumer Newsletter Privacy Notice. Ihre Zustimmung können Sie jederzeit in der Fußzeile jeder erhaltenen E-Mail widerrufen. En vous inscrivant à la newsletter, vous consentez à la réception de contenus de notre part.
Notre newsletter contient des pixels espions nous permettant la fourniture à chaque abonné, d’un contenu unique en lien avec ses souscriptions et intérêts. Pour de plus amples informations sur l’utilisation faite de vos données en vue de l’envoi des contenus concernés, nous vous invitons à consulter la politique de confidentialité disponible à partir du lien suivant PRN Consumer Newsletter Privacy Notice. Vous pouvez à tout moment revenir sur votre consentement par le biais des informations situées au bas de chaque e-mail reçu. Регистрирайки се, Вие се съгласявате да получавате информационно съдържание от нас. Нашите бюлетини съдържат проследяващи пиксели, които ни помагат да предоставяме уникално съдържание въз основа на ангажираността и интересите на всеки абонат. За повече информация относно начина, по който ще използваме Вашите данни, за да гарантираме, че Ви изпращаме подходящо съдържание, моля, направете справка с нашето Уведомление за поверителност на потребителския бюлетин на PRN. Можете да оттеглите съгласието си по всяко време в долния колонтитул на всеки от имейлите, които ще получите.