VSA Home
VitalSigns SIEM Agent for z/OS: Product Home Page
Effortlessly Add z/OS Events to any SIEM
Although mainframes produce plenty of information about what’s happening (event log, audit log, syslog, etc.), you need a way to quickly and easily separate critical security incidents from business-as-usual events – and send them in the right format to your enterprise SIEM.
How can SDS help?
- VitalSigns SIEM Agent for z/OS (VSA, formerly SMA_RT) collects mainframe security logs and messages (from RACF, ACF2, Top Secret, DB2, CICS, FTP, etc.).
- VSA then filters the 1000s of event records based on your settings.
- Lastly, VSA sends the filtered records, in the proper format, to your SIEM solution (e.g., Splunk®, AlienVault, LogRhythm NextGen SIEM, IBM® QRadar®, ArcSight).
All these steps happen in real-time, which is essential to stay ahead of would-be malicious actors.
Customers’ favorite benefits
- Quick install – customers are often up-and-running within an hour!
- Extensive filtering capabilities = more customizable and less false alarms
- Takes care of all SIEM-related compliance and auditing requirements for mainframe team
- zIIP enablement allows impressive cost savings
VSA brings your z/OS mainframe into the center of your enterprise security infrastructure without hassle and in real time.
Splunk Dashboards for VSA
Compliance
VSA is an invaluable tool to help your business comply with FISMA, GDPR, GLBA, HIPAA, PCI, SOX, and other standards. Administrators can define specific parameters to monitor with more detail and at greater depth, and automatically send data to any enterprise SIEM.
Security
With VSA monitoring the mainframes, your security team has a central, enterprise-wide view of all the events they need to capture and all the security threats they need to recognize.
Transparency
Mainframe security no longer needs to depend on batch jobs running long after any incident. Events are tracked and uncovered in real time, from all corners of the business.
This z/OS SIEM solution is flexible enough to integrate with any distributed SIEM product and is certified for CEF and LEEF formats. VSA is a Ready for IBM Security Intelligence product. If you need to provide mainframe data to your SIEM solution (e.g., Splunk, AlienVault, LogRhythm NextGen SIEM, ArcSight, QRadar, McAfee® Enterprise Security Manager), VSA is worth your consideration.
Features
- Delivers mainframe data to all conventional SIEM products
- Certified for CEF and LEEF formats
- Connects with standard z/OS security products
- Workload is zIIP eligible; See VSA 4.3 Benchmark Tests
- Monitors z/OS and UNIX System Services (USS)
- Gathers intelligence from z/OS SMF and the system operator interface
- Uses both signature- and anomaly-based attack detection
- Provides real-time alerts that can be managed, filtered, routed, and searched via SIEM software
- APIs allow for defining and filtering TSO, CICS, and batch events
- Easy installation does not require z/OS IPLs
- A small footprint in each LPAR, with little CPU overhead
Learn More
Attacks continue to increase in complexity and sheer volume. Every company stands the chance of being hacked.
VSA gives you the central, end-to-end systems visibility you need to help stay in control of your organization’s data security. Because the truth is, your business is about to be compromised… or it already has been.
DBTA Trend-Setting Products List
VSA was chosen as one of the top 100 Trend-Setting Products by DBTA. We’re thrilled to be included in this prestigious list.
Read the VSA Product Spotlight that was included in this DBTA edition.
VSA Datasheet
VSA: Integrate Mainframe Security Events into Your SIEM
VSA White Paper
VSA 4.3 Benchmark Tests - zIIP Eligibility and zIIP Offload
VSA Infosheet
VSA: SIEM Results from 2018 ESM Survey
VSA Infosheet
VSA: Key Features & Benefits
VSA Webinars
Watch our latest VitalSigns SIEM Agent for z/OS webinars.
VSA Latest Videos
Videos Focused on Adding z/OS Security Events to any SIEM
VSA White Paper
Thinking Outside the Box - Monitoring Db2 Security on z/OS
VSA Case Study
VSA: Major Hospital Case Study
VSA FAQs
Frequently Asked Questions relating to VitalSigns SIEM Agent for z/OS
VSA News
VSA is part of DBTA's 2020 Trend-Setting Products List
VSA News
VSA 4.1 Adds Powerful SMF Filters for z/OS SIEM: Released at SHARE Pittsburgh 2019
More VSA Resources
Additional VitalSigns SIEM Agent for z/OS Resources
Product Webinar
Understanding Potential Savings with zIIP Offload and VSA 4.3
This 30-minute webinar is available for you to watch right now. We’d love to hear from you with any questions you may have!
More Solutions
z/OS Security & Compliance Software
Check out the latest SDS mainframe security software solutions. These popular products also offer relevant and significant compliance assistance on z/OS.
Free Demo/Trial
We offer individualized product demonstrations by request. Your organization can also try SDS Software on your system for 30 days, free of charge.
Contact SDS
Phone: (800) 443-6183
Phone: (763) 571-9000
200 Village Center Drive, Suite 250
North Oaks, MN 55127
USA