Monitor IBM z/OS Encryption Readiness Technology with IntelliMagic Vision

    Secure your mainframe performance and encryption with advanced insights and AI-based analysis of z/OS IP traffic encryption.

    Proactively find security risks and failures before they impact users.

            
        

            
        

    Identify and Remediate Unencrypted Traffic

    IBM’s TCP/IP zERT (z/OS Encryption Readiness Technology) positions TCP/IP as the focal point for monitoring reporting on network traffic, including identifying traffic that is not cryptographically protected.

    For traffic utilizing recognized protocols (such as TLS, SSH, and IPSec), visibility is provided into protocol specific data, such as which encryption algorithms are used, the length of the cryptographic keys, and other important attributes of the cryptographic protection. This information is valuable for ensuring adherence to corporate security policies as well as substantiating that adherence through required reporting to auditors and compliance officers.

    IntelliMagic Vision allows network security administrators to leverage an intuitive, GUI-based web reporter that provides great visibility into data from zERT SMF 119 summary records.  It also provides capabilities to categorize network activity into “traffic classes” based on IP address ranges, reflecting the reality that some classes of traffic (e.g., external) are likely to have more stringent encryption requirements than others (e.g., between mainframes within the data center).

    IntelliMagic Vision also enhances analysis by translating all of the more than 600 raw codes from zERT records into readable text for cipher suite, encryption algorithms, and message authentication types.

    Easily Identify Unprotected (Cryptographically) Traffic

    Top-level views (by sysplex as here or by traffic class) provide immediate visibility into the amount of network traffic utilizing each protocol, and perhaps most importantly, identify traffic that is not cryptographically protected.

    From here you can drill down by many criteria, including by user ID or server or client IP address, to quickly focus your analysis and identify the details required to determine the source or target of the traffic.

            
        

    zERT_Connections for all TCO zERT Summary Data by Sysplex ID-01

            
        

    TLS Specific Protocol Information

            
        

    Categorize “traffic classes” based on IP address ranges

    Navigate easily to the subset of network traffic where you want to focus (e.g., by traffic class, IP address, etc.), and have immediate visibility into data specific to the selected protocol.

    In this TLS example, that includes encryption algorithms being used, length of the cryptographic keys, and other important attributes of the cryptographic protection.

            
        

    Average CP Core Usage for Crypto Functions

    Since the CPU required for encryption can be significant and can vary widely between various encryption types, visibility into CPU is vital.

    Before and after analysis of implementation changes enables correlation between the encryption and the business cost (in terms of CPU).

            
        

    Average CP Core Usage for Crypto Functions zERT

            
        

    Intuitive Visibility into SMF Data

            
        

    Intuitive Visibility into SMF Data

    In contrast to approaches today that require coding programs or mastering tooling siloed by technology to access various types of SMF data, a common, intuitive user interface eliminates effort spent mining data and instead frees up staff to focus entirely on high-value analysis.

    This single interface used across the entire z/OS platform greatly expedites learning, promotes collaboration, and enhances analytical effectiveness.

            
        

    Context Sensitive Drill Downs

    Context sensitive drill downs enable an analyst to identify alternative analytical paths based on the data currently being displayed and quickly investigate each hypothesis with just a few clicks, greatly reducing lost time when exploring what ends up being a “dead-end” path.

    When dealing with massive SMF data volumes, this capability to focus analysis on the desired subset of data becomes especially valuable.

            
        

    Context Sensitive Drill Downs -

            
        

    Rated Compression Rate Report zEDC

            
        

    Accelerated Root Cause Analysis

    Highly flexible drill-down capabilities of IntelliMagic Vision enable data to be viewed at the processor, system, card, or address space level and specific migration activity. Built-in conditional filters can further be a customized for a set of reports on a focused dashboard.

    Quickly investigate each hypothesis with just a few clicks and greatly reducing lost time when exploring “dead-end” paths.

            
        

    TCP/IP Encryption Compliance Services

    This IntelliMagic service, which combines IntelliMagic’s software technology with the vast experience of the IntelliMagic experts, is the best way to accomplish the difficult task of encryption security policy compliance. IntelliMagic’s experience includes working with the largest and most complex mainframe shops on many aspects of z/OS infrastructure analysis.

    Secure and Flexible Deployment and Monitoring

    In the Cloud

    Cloud based deployment can be accessed from everywhere in the world and is easy to share with colleagues

    Services & Support

    Take advantage of IntelliMagic's experienced performance experts for standalone custom services or daily monitoring

    On Premise

    Install the software on premise and use it offline for total control of your installation

    Areas Supported by IntelliMagic Vision for z/OS

    Systems, Processors & MLC

    Systems, Processors & MLC

    Continual visibility into how the z/OS systems infrastructure is handling your workloads helps you improve performance and protect availability.
    Learn More
    Db2, CICS, WebSphere, TCP/IP & MQ

    Db2, CICS, WebSphere, TCP/IP & MQ

    Unprecedented visibility into the extensive metrics provided by critical z/OS subsystems to enhance availability and analyze performance.
    Learn More
    Disk, Tape & Virtual Tape

    Disk, Tape & Virtual Tape

    Industry-leading visibility and expertise to analyze and proactively identify potential I/O issues in your disk and virtual tape and replication architectures.
    Learn More

    Start a Free Trial, Schedule a Demo, or Request Pricing or Product Info