MAINFRAME > Administrator > Security

Clearer Vision

Tivoli zSecure helps adjust RACF permissions for greater security

Tivoli zSecure helps adjust RACF permissions for greater security

With the last few releases of the Tivoli zSecure suite, IBM has literally introduced game-changing characteristics to mainframe security.

RACF Offline

zSecure release 1.9.1, back in 2008, added a capability known as Resource Access Control Facility (RACF) Offline. The primary benefit is testing the syntax of RACF commands to ensure they run properly when issued on a production environment. Testing RACF commands prior to issuing them has traditionally been an almost impossible task in z/OS environments. The only truly successful method has been to completely replicate the production security system in a non-production environment, something that most customers shy away from for simple cost and management overhead reasons.

This capability to test large numbers of RACF commands intended to be issued in batch is vital during large RACF change programs or database merges. This process is an essential part of any complete z/OS security management solution, however not something most customers need to do every day.

We’ll see, though, how RACF Offline is going to provide an essential piece of the z/OS RACF security puzzle in solving even more pernicious z/OS security management issues.

Michael Cairns works for IBM as a technical specialist in the Tivoli zSecure range of software. Michael can be reached at

comments powered by Disqus



2017 Solutions Edition

A Comprehensive Online Buyer's Guide to Solutions, Services and Education.

A Perfect Union

New encryption facility for z/OS strengthens mainframe bond.

Avoiding Security by Obscurity

Data security is not just an IT department issue.

IBM Systems Magazine Subscribe Box Read Now Link Subscribe Now Link iPad App Google Play Store
Mainframe News Sign Up Today! Past News Letters