For mainframe products: Does this run in an LPAR?

Cleanup runs on the z/OS platform and is dependent on the presence of a security management system like RACF, CA ACF2, or CA Top Secret. It operates within an LPAR and requires access to the security databases managed by these systems.

How is this product typically deployed?

Cleanup is typically deployed on-premise, within the z/OS environment where the security databases reside. It requires technical expertise in z/OS, security administration, and the specific security system in use (RACF, CA ACF2, or CA Top Secret).

Is this a standalone product or does it extend/enhance another product?

Cleanup enhances existing security systems by providing automated cleanup and monitoring capabilities. It does not replace the core security functionality provided by RACF, CA ACF2, or CA Top Secret but rather complements them.

What other products or components must be present for this to work?

Cleanup requires access to the security databases managed by RACF, CA ACF2, or CA Top Secret. It also needs appropriate authorization to query and modify security rules within these systems.

What business problem does it solve?

Using Cleanup helps organizations reduce the complexity of their security administration, improve compliance, and minimize potential security risks associated with obsolete or redundant rules. It streamlines security management and enhances overall security posture.

What would happen if an organization did NOT use this product?

If an organization does not use Cleanup, it may face challenges related to inefficient security administration, increased risk of security breaches due to outdated rules, and difficulties in maintaining compliance with security policies.

When is this product a good fit?

Cleanup is a good fit for organizations that need to maintain a clean and efficient security environment on their z/OS mainframes. It is particularly beneficial for those with large and complex security rule sets.

How does this product integrate with enterprise ecosystems?

Cleanup integrates with existing security systems such as RACF, CA ACF2, and CA Top Secret. It leverages the security features of these systems to identify and manage security rules. It may also integrate with reporting and auditing tools to provide insights into security rule usage.

What specific authentication methods are supported?

Cleanup supports authentication methods provided by the underlying security systems (RACF, CA ACF2, CA Top Secret). It uses the access control models of these systems to ensure that only authorized personnel can manage security rules.

What access control model is used?

Cleanup uses the access control model inherent in the security system it is managing (RACF, CA ACF2, or CA Top Secret). This ensures that only authorized users can modify or delete security rules.

What ongoing operational requirements exist?

Ongoing operational requirements for Cleanup include monitoring its performance, ensuring its compatibility with the security systems, and maintaining its configuration. Regular reviews of its logs and reports are also essential.

What are common implementation challenges?

Common implementation challenges include ensuring proper authorization for Cleanup to access and modify security rules, configuring it to accurately identify obsolete rules, and integrating it with existing security workflows.

What administrative interfaces are available?

Administrative interfaces for Cleanup may include a command-line interface (CLI) or a web-based console, depending on the specific implementation. These interfaces allow administrators to configure, monitor, and manage the cleanup process.

What monitoring/logging capabilities exist?

Cleanup provides monitoring and logging capabilities to track its activities and identify potential issues. These logs can be used for auditing and troubleshooting purposes.

Share Your Product Experience

Help the community by sharing your experience with mainframe products. Your insights help others make informed decisions.

Share Your Experience

Cleanup

Broadcom Active z/OS

Administration Automation Security

Vendor

Broadcom

Product Overview

Cleanup is a z/OS utility designed to automate the process of identifying and removing obsolete, unused, or redundant security rules from RACF, CA ACF2, and CA Top Secret security databases. It provides a mechanism for continuously monitoring security rule usage, allowing administrators to identify rules that are no longer active and can be safely removed. This helps organizations maintain a cleaner, more efficient security environment, reducing the risk of vulnerabilities associated with outdated or unnecessary rules.

From an architectural perspective, Cleanup operates within the z/OS environment and interacts directly with the security databases managed by RACF, CA ACF2, or CA Top Secret. It leverages the APIs and interfaces provided by these systems to query and modify security rules. The main system components include the cleanup engine, which performs the analysis and removal of obsolete rules, the monitoring component, which tracks security rule usage, and the reporting component, which provides insights into the cleanup process.

These components communicate through internal APIs and data structures. The architecture is designed to be modular and extensible, allowing for the addition of new cleanup criteria and reporting capabilities. Cleanup typically uses configuration files to define the criteria for identifying obsolete rules and the actions to be taken.

It integrates with existing security systems, complementing the functionality of RACF, CA ACF2, and CA Top Secret.

Frequently Asked Questions

What does Cleanup do?

Cleanup is a utility designed to identify and remove obsolete, unused, redundant, or excessive security rules from mainframe security databases such as RACF, CA ACF2, and CA Top Secret. It helps organizations maintain a clean and efficient security environment by continuously monitoring security rule usage.

Is this a system, application, or tool?

Cleanup is a toolset focused on administration and automation of security rule management. It provides functionalities for identifying and removing unnecessary security rules, thereby streamlining security administration processes.

What types of organizations use this?

Organizations that manage security using RACF, CA ACF2, or CA Top Secret on z/OS mainframes can benefit from Cleanup. This includes enterprises in industries such as banking, finance, insurance, and government, where stringent security policies and compliance requirements are essential.

When should we consider Cleanup?

A company should consider using Cleanup when its security databases become cluttered with obsolete or redundant rules, leading to inefficiencies and potential security vulnerabilities. Regular use of Cleanup can help maintain a streamlined and effective security posture.

What are the alternatives to Cleanup?

Alternatives to Cleanup include manual security rule reviews, custom scripting, or other security administration tools. Some competitors include zSecure Admin and Vanguard Enforcer. Cleanup distinguishes itself through its continuous monitoring and automated cleanup capabilities.

Help Improve This Directory

Notice outdated information? Have insights about this product? Help the mainframe community stay informed with accurate, current data.

Report Issue Suggest Product Share Event

Are You a Vendor? Claim Your Listing

Take control of your product listings. Add verified information, showcase updates, and unlock a Claimed Vendor badge across the directory.

Claim Your Listing Now

Share Your Product Experience

Cleanup

Product Overview

Frequently Asked Questions

What does Cleanup do?

Is this a system, application, or tool?

What types of organizations use this?

When should we consider Cleanup?

What are the alternatives to Cleanup?

For mainframe products: Does this run in an LPAR?

How is this product typically deployed?

Is this a standalone product or does it extend/enhance another product?

What other products or components must be present for this to work?

What business problem does it solve?

What would happen if an organization did NOT use this product?

When is this product a good fit?

How does this product integrate with enterprise ecosystems?

What specific authentication methods are supported?

What access control model is used?

What ongoing operational requirements exist?

What are common implementation challenges?

What administrative interfaces are available?

What monitoring/logging capabilities exist?

Related Products

More from Broadcom

AcceleREXX

ACF2

Allocate DASD Space and Placement

Auditor for z/OS

Automation Point

Bind Analyzer for Db2

Similar Products

_beta access admin

_beta access audit

_beta access easy

_beta access monitor

$avers

ABARS/Assist

Help Improve This Directory

Are You a Vendor? Claim Your Listing