[Back to Top]

Description

RACF Security Assessment

This offering is typically a 3 to 10 day assignment. The objective is to identify security vulnerabilities through interviews with RACF security personnel and analysis of existing RACF environment. The deliverable is a document identifying potential security exposures and vulnerabilities. At the conclusion, our consultant reviews the assessment findings with the client and provides recommendations for enhancing their RACF security environment.

[Back to Top]

RACF Migration Assessment

These assessments are typically 3-day assignments. The objective is to learn as much about the ACF2/TSS and OS/390 environments as possible through personal interviews with staff members and by gathering data from the ACF2/TSS database. We also identify elements in the ACF2/TSS environment that will complicate the conversion process for the ACF2/TSS environment. The deliverable is a statement of work for migrating the client from ACF2/TSS to RACF.

[Back to Top]

RACF Migration Services

Vanguard offers the most comprehensive program in the world for migration from ACF2/TSS to RACF. Our specialists help clients properly implement RACF protocols according to "best practices" methodologies and processes. Vanguard is one of the world's few vendors certified to use IBM's ACF2 and Top Secret Migration Utilities. We use these utilities in addition to our own unique security assurance software tools to deliver a complete migration that is unobtrusive and efficient as possible. A RACF Migration Assessment typically PRECEDES this offering.

[Back to Top]

Training Course

Description

Developing Effective RACF Administration Skills

This course is designed for individuals that administer RACF, or those that are interested in sharpening their RACF administration skills. The course not only provides theory, it also provides a realistic set of lab exercises so that students can apply knowledge learned during the discussion sessions. Lab exercises make up approximately one-third of the class experience.
Course material specifically discusses the major RACF functions --- user authentication, resource authorization, surveillance, and administration.
Upon completion of this course, the student will be ready to apply their new skills and function as an effective RACF security administrator in a z/OS or OS/390 environment.

[Back to Top]

RACF Advanced Facilities

This course is intended for individuals with previous RACF experience that are interested in learning more about the advanced facilities within RACF.

UNIX System Services Section:

• How to use RACF to administer security for user login and file access
• How to use file permissions and ACLs (available beginning with z/OS 1.3) for file security
• The purpose of the various general resource profiles utilized to control the UNIX system services environment, namely the DATASET, STARTED, FACILITY, UNIXPRIV, SURROGAT, PROGRAM classes
  
  HTTP Server and WebSphere Section:
• How to implement the various directives in the HTTP Server's configuration file that pertain to security
• An introduction to the cryptographic operations used in SSL, an explanation of how RACF supports digital certificates, and how to specify SSL in the HTTP Server's configuration file
• For WebSphere Application Server, how to implement authentication and authorization including role-based authorization, the RACF general resource class profiles that are used, and programmatic security
  
  CICS Section:
• How to implement and administer RACF to secure CICS regions, control user sign on, and protect transactions and application resources
• How these security controls are extended to cover multiple CICS interconnected regions
• Security mechanisms used when CICS is accessed from web browsers using the CICS Transaction Gateway and CICS Web Support
  
  DB2 Section:
• How to implement RACF security for DB2
• Introduction to DB2 by learning about the various DB2 objects, access privileges, and administrative authorities
• With the introduction of Version 5, DB2 provided the option of using RACF security for DB2 objects and authorities as an alternative to administering DB2 security with the GRANT and REVOKE statements
• How to use RACF general resource profiles for DB2 security, and how to customize the DB2 Authorization Module to implement RACF security
• Ways to convert from traditional DB2 security to RACF security
  
  RACF Remote Sharing Facility (RRSF) Section:
• How to synchronize users' passwords for multiple userids on a single system or across multiple separate RACF databases
• How to administer RACF on remote systems by directing RACF commands to those systems
• How to use RRSF to keep separate RACF databases synchronized
• Learn about the features of RRSF so that you can evaluate which ones could be useful to implement at your installation

[Back to Top]

TCP/IP Application Development Services

[Back to Top]

Services

Description

Application Development

Develop applications which enable the IBM OS390 mainframe to communicate with other machines, either as a Server or as a client, via TCP/IP.

We specialize in building client-side components (Windows or UNIX) which enable existing Legacy applications and data to be used by newer GUI-based front-end systems. This translates to shorter development and testing times, while leveraging investments on existing Legacy systems.

[Back to Top]

Consulting

Assess user requirement and analyze existing environment for possible host integration using components

[Back to Top]

Training

Train application development staff on how to build and maintain components

[Back to Top]