SecureZIP® for z/OS®
Works across all major enterprise computing platformsInteroperability with IBM® System i ®, UNIX®/Linux® and Windows® servers, and Windows desktops ensures files can be shared across diverse environments
FIPS 140-validated encryptionUses FIPS 140-2 validated encryption, conforming to Federal requirements and industry best practices
Enhanced tape processingIncludes enhanced tape processing that significantly reduces the time needed to write files to, and extract files from, tape media
Self-extracting ZIP archivesCreate self-extracting ZIP archives that others can open on Windows desktops without installing software
System IntegrationDirectly write to, and read from, UNIX/Linux and Windows file systems
ICSF IntegrationTake advantage of IBM hardware/software encryption while maintaining file compatibility across all platforms
Reduce file size up to 98%ZIP compression allows you to reduce file size up to 98%, saving time and valuable system resources
Includes all features of SecureZIP for z/OS Standard Edition
Certificate-based encryptionEncrypt data using X.509 digital certificates; leverage digital signature support.
Application integrationStream sensitive data directly to and from applications without ever staging unprotected data to disk
Maintain control of dataContingency key provides administrative access to any data processed within the mainframe environment
Click here to see an image of how application integration works »
Mainframe Encryption Software
Reduce processing times, increase operational efficiencies, and leverage existing investments within your mainframe environment.Standard Edition
Works across all major enterprise computing platformsInteroperability with IBM® System i ®, UNIX®/Linux® and Windows® servers, and Windows desktops ensures files can be shared across diverse environments FIPS 140-validated encryptionUses FIPS 140-2 validated encryption, conforming to Federal requirements and industry best practices Enhanced tape processingIncludes enhanced tape processing that significantly reduces the time needed to write files to, and extract files from, tape media Self-extracting ZIP archivesCreate self-extracting ZIP archives that others can open on Windows desktops without installing software System IntegrationDirectly write to, and read from, UNIX/Linux and Windows file systems ICSF IntegrationTake advantage of IBM hardware/software encryption while maintaining file compatibility across all platforms Reduce file size up to 98%ZIP compression allows you to reduce file size up to 98%, saving time and valuable system resourcesEnterprise Edition
Includes all features of SecureZIP for z/OS Standard EditionCertificate-based encryptionEncrypt data using X.509 digital certificates; leverage digital signature support.Application integrationStream sensitive data directly to and from applications without ever staging unprotected data to disk
Maintain control of dataContingency key provides administrative access to any data processed within the mainframe environment SAF Enhanced Key Stores
- Protection of private keys used for signing & decryption, located in Security Server Key Rings
- Support for managing and using private keys in IBM’s SAF-controlled ICSF CKDS (Cryptographic Key Data Set)
- Improved key management – shared keys across multiple enterprise applications from an industry standard key store
SAF-Secured Passphrase Management
- Improved operational security with the elimination of exposed cryptographic passphrases
- SecureKey operations for algorithms supported by installed cryptographic coprocessors
- Passphrase management isolated from job execution
Hardened Policy Lockdown
- Establish security controls strictly enforced using SAF
- Separate resource control from product installation and job execution
- SAF enforcement of Contingency Key processing for encrypted data recovery and oversight
- Security audit trail with SMF (System Management Facility) records
How it Works: Application Integration
Application Integration SecureZIP for z/OS with Application Integration decrypts data and streams it directly to the application without staging decrypted data to disk. After the application completes processing, it streams the data to SecureZIP for encryption - once again, unprotected data is never staged to disk.
Most other job processes, unlike SecureZIP Application Integration, require data to be decrypted and staged, unprotected, in order for the application to access it when needed. Once data processing is complete, the application again stages the data to disk, leaving it unprotected.
