In long-ago days (decades) real-time monitors for IBM® mainframes were chosen by technicians based on what they liked. Over time, technicians became comfortable with their chosen monitor and resisted any arguments for changing monitors. But as mainframes became prime targets for IT cost-cutting, management developed a held belief that “a monitor is a monitor” and essentially a commodity item, so they could select the one with the lowest price.
A strange thing has happened to this approach to mainframe monitoring: mainframe sites are learning that there are differentiations between monitors, and that the choice of the right systems management solution can have quantifiable financial and business benefits. In this series of blogs I’ll share five tests you could use to determine whether your monitor is a business value provider, or…is just a monitor. This blog shares test 5.
Security. While cost is a top priority for mainframe sites, security is number two and increasing in importance, according to the BMC Software 2018 Mainframe Survey. A commodity monitor can leave you exposed in this critical area. Differentiated monitors will help protect from both inside and outside unauthorized access. For protection from inside access, the monitors should include capabilities for encrypting communications between monitors, encrypting access to trace data which may contain sensitive data, role-based limitations on viewing in-memory data, and advanced access management including MFA (multi-factor authentication).
A differentiated network monitor will watch and raise alerts to IP port scans and FTP floods. Integration with automation will allow the start of a packet trace for a scanned port, providing the SecOps team with crucial information at the time of attack.
Where do you stand? So, to reiterate: is a monitor a monitor? Is mainframe monitoring a commodity? How do your monitoring tools stack up to test 5 and to the other tests? Is it possible you might improve availability and performance, reduce costs and make the mainframe more secure by evaluating a differentiated monitor as an alternative?