Greg Dorner wrote: >Our auditors are insisting that we install a product that protects against >malicious software (viruses, worms, trojans, etc.).
Groan...., you can replace/fire those auditors as mentioned earlier in this thread, but ... ;-D You have several choices. 1. Ask them to give reasons, examples and recommended vendors of such software. 2. Ask them to define malicious software, despite your description above. Seriously. 3. For native z/OS, they will have a hard way to get any vendors at all which can supply such software. Tell me if you can catch these vendors. 4. Despite point 3, there are 'scanners' which can search z/OS on various areas to look for 'holes'. They cost $$$ and is vendor specific. 5. Get 'penetration teams' or 'white hat hackers'. You have lots of $$$, do you? :-) 6. z/OS has very good security measures provided you have your controls in place. APF, parmlib settings, RACF, SMF, etc. are examples. See other's replies on this fact. 7. Speaking of RACF, there are third party RACF [or other ESM] administration and audit tools which could ease your work. 8. Weakest links are usually 'insiders'. They are the greatest threats unless I'm mistaken. They are usually after your 'live and sensitive production' data. 9. For z/Linux, USS, etc, there MAY be commercial or open-source antivirus software available, AFAIK. (USS - Unix System Service(s) - for those TLA haters... :-D ) 10. Give them IBM's Statement of Integrity. APAR reasons for security are hidden and you are usually asked to apply them because of some 'vulnurability' which IBM usually declines to divulge. 11. Ask those auditors if they have any tools to do the checks for such tools against malicous software THEMSELVES! This will silence them properly! >z/OS, with proper security controls (and believe me - we have LOTS!) should >not have to worry about such things, at least that's what I've always heard. Of course, but see above. >Any input on this topic would be GREATLY appreciated!! As Ted MacNeil insists, the auditors only RECOMMENDS, it is your management who can APPLY those recommendations. HTH! Groete / Greetings Elardus Engelbrecht ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN