CA this week added automation and business intelligence features to five mainframe security software products designed to control access, manage entitlements, and audit and report on compliance across IBM z/OS systems. 

The software maker says the enhanced releases have one thing in common: improved controls for corporate policy, security and compliance requirements. For instance, CA ACF2 and CA Top Secret r12 for z/OS -- two products bundled to work together -- provide access controls for z/OS operating systems and now feature a data repository and compliance analysis tools to help IT managers better define user privileges and access controls for changing business needs, CA says.

"The products can now do more than report on who has access to what and when," says Kirk Willis, senior vice president of development at CA. "They can now mine data in security solutions that wasn't previously exposed and required manual effort to obtain."

For example, ACF2 and Top Secret can now automatically retrieve this data from the systems and learn which administrators have access to what data and other systems resources. This type of detailed information is becoming more critical in compliance reporting, CA says, but can also help IT staff more efficiently manage access to corporate resources, which better secures the environment.

In the same vein, CA Auditor r12 for z/OS can now perform baseline audits in z/OS environments using FIPS-200-compliant analysis functions. FIPS-200 refers to the Federal Information Processing Standards, the minimum set of requirements dictated in the Federal Information Security Management Act around securing systems. Auditor also now supports analysis for IBM's z/OS Unix System Services, which enables integration between z/OS and other distributed systems.

"This release helps IT managers monitor their environments and learn of any changes to preset parameters," Willis explains. "It is able to take many functions around auditing and tie them into one logical unit of work across the environment."

CA also updated Cleanup r12 and Tape Encryption r12.5. Cleanup searches and scrubs systems of old and outdated access rights and now is able to report on specific compliance and security activities. And Tape Encryption, which automates the management of cryptography processes that safeguard data in z/OS managed tapes, now supports tape selection based on external security manager criteria.