MAINFRAME > Administrator > Security

Clearer Vision

Tivoli zSecure helps adjust RACF permissions for greater security

Tivoli zSecure helps adjust RACF permissions for greater security

With the last few releases of the Tivoli zSecure suite, IBM has literally introduced game-changing characteristics to mainframe security.

RACF Offline

zSecure release 1.9.1, back in 2008, added a capability known as Resource Access Control Facility (RACF) Offline. The primary benefit is testing the syntax of RACF commands to ensure they run properly when issued on a production environment. Testing RACF commands prior to issuing them has traditionally been an almost impossible task in z/OS environments. The only truly successful method has been to completely replicate the production security system in a non-production environment, something that most customers shy away from for simple cost and management overhead reasons.

This capability to test large numbers of RACF commands intended to be issued in batch is vital during large RACF change programs or database merges. This process is an essential part of any complete z/OS security management solution, however not something most customers need to do every day.

We’ll see, though, how RACF Offline is going to provide an essential piece of the z/OS RACF security puzzle in solving even more pernicious z/OS security management issues.

Michael Cairns works for IBM as a technical specialist in the Tivoli zSecure range of software. Michael can be reached at

comments powered by Disqus



2019 Solutions Edition

A Comprehensive Online Buyer's Guide to Solutions, Services and Education.


Implementing Cryptographic Keys

Protect your Linux server from root password-guessing attacks.

Network Security

The zEnterprise System changes firewall requirements.

Data Lockdown

Use DB2 and z/OS to prevent security breaches.

IBM Systems Magazine Subscribe Box Read Now Link Subscribe Now Link iPad App Google Play Store
Mainframe News Sign Up Today! Past News Letters