SPARTA News

February 2018

SPARTA President’s Corner

contributed by Randy Springs

As we enter the new year of 2018, we are usually making new plans and revising old ones. Whether it is losing weight, reducing personal debt, retiring even sooner, or just maintaining the status quo, we can all benefit from more interactions with our friends, family, co-workers, and colleagues at SPARTA. As we share personal insights and professional experiences, we all grow and keep our minds active and engaged. I am encouraged by the number of retirees who remain active in our group. Let’s try to encourage some new attendees this year to keep SPARTA growing.

Our speaker this month will be Ron Hilton, Co-founder and CEO of Proximal Systems Corporation. He was in CPU hardware design and system performance architecture at Amdahl Corporation before starting Platform Solutions Inc. (PSI) in 1999. IBM acquired PSI in 2008, and Ron founded PSC in 2009. His talk will include a live demo of their products.

Please plan to join your colleagues for fried chicken, networking, and education on Tuesday, February 6 at 6:15 p.m. at our usual LabCorp location.

Randy Springs
BB&T

Future Speakers

(subject to change)

Feb. 6, 2018 - Proxy Coupling Technology Offloads Z CPU by Ron Hilton of Proximal Systems Corporation

Mar. 6, 2018 - TBD

Apr. 3, 2018 - (tentative) SHARE Conference Report by Ed Webb of SAS

We need ideas and volunteers for future speakers. Presentations don’t have to be fancy, just informative and interesting. Even a 5 or 10 minute talk can start an interesting interaction. Contact Ron Pimblett by phone as noted below.

2017-2018 SPARTA

Board of Directors

Randy Springs - President

BB&T                  (919) 745-5241

3200 Beechleaf Court, Suite 300

Raleigh, NC 27604

Ron Pimblett - Vice President

MDI Data Systems

Land line 613 599 6970

Mobile 613 981 6919

190 Guelph Private

Kanata, ON K2T 0J7

Chris Blackshire - Secretary

Retired (Dell, Perot Systems, Nortel)  (919) nnn-nnnn

street

Durham, NC 27713

Pam Tant - Treasurer

???      919-nnn-mmmm

???

???

Raleigh, NC 27609

Ed Webb -  Communications Director

SAS Institute Inc.  919-531-4162

SAS Campus Drive

Cary, NC 27513

Mike Lockey -  Web Master

Guilford Co. Information Services  336-641-6235

201 N. Eugene St.

Greensboro, NC 27401

Meetings

Meetings are scheduled for the first Tuesday evening of each month (except no meeting in January), with optional dinner at 6:15 p.m. and the meeting beginning at 7:00 p.m.

These monthly meetings usually are held at LabCorp’s Center for Molecular Biology and Pathology (CMBP) near the Research Triangle Park (see last page). Take I-40 to Miami Boulevard and go north. Turn right onto T.W. Alexander Drive. Go about a mile or so. Then turn right into LabCorp complex and turn Left to the CMBP Building (1912 T.W. Alexander Drive). In the lobby, sign in as a visitor to see Bill Johnson. Bill will escort you to the conference room.

Call for Articles

If you have any ideas for speakers, presentations, newsletter articles, or are interested in taking part in a presentation, PLEASE contact one of the Board of Directors with your suggestions.

Newsletter e-Mailings

The SPARTA policy is to e-mail a monthly notice to our SPARTA-RTP Group. The newsletter is posted to the website about five (5) days before each meeting so you can prepare. The SPARTA-RTP Group is maintained by Chris Blackshire; if you have corrections or problems receiving your meeting notice, contact Chris at chrisbl@nc.rr.com.

January 2018 “CBT Tape” Shareware Online

The directory and files from the latest CBT tape V495 (dated January 15, 2018) are available from www.cbttape.org.

If you need help obtaining one or more files, contact Ed Webb at SAS (see Board of Director’s list for contact info).

Minutes of the December 5, 2017 Meeting

• The meeting was called to order at 7:00 PM by Chris Blackshire standing in for Randy Springs, the SPARTA President.

• The meeting was held at a LabCorp conference room in RTP, N.C.

• Ten (10) people were present of which Seven (7) are 2016/2017 paid members.

• Everyone introduced themselves, told where they worked, and briefly described their job functions or their job hunting challenges.

• The presentation was given first to meet the presenter's schedule - see the presentation below (7:05-8:20 PM).

OLD BUSINESS

• The minutes of the October 3, 2017 and Nov. 7, 2017 meetings as published in the October and November Newsletters were approved.

• The November 30, 2017 Treasurer's report was approved as published in the Dec. newsletter. The balance was $360.89. (See details later in this newsletter).

• Call For Articles: Articles are needed for this newsletter. If you would like to write an article for this newsletter, please contact Ed Webb. Keep in mind that you don't really need to write the article, it can be an article that you read that you would like to share with the membership.

• The SPARTA Web page is available. To access the SPARTA Web page, point your Web browser to this site: http://www.spartanc.org. Please send any comments or suggestions about the Web page to Mike Lockey. Be sure to check the Web page every once in a while to see any new or changed information.

• Chris reminded everyone to leave the LabCorp conference room clean.

• Future Speakers and Topics (subject to change based on internal politics, budget, the weather):

If you have suggestions about speakers and topics, contact Ron Pimblett.

• The next SPARTA monthly meeting will be on Tuesday, February 6, 2018 at LabCorp in RTP.

• Food for the February 6 meeting will be Fried Chicken.

• The 2018 dues are due ($30) starting in February 2018. Please pay Pam Tant.

• Thanks to LabCorp and Bill Johnson for hosting the meeting.

• There are currently 74 people on the SPARTA-RTP e-mail list.

• Send any e-mail address changes to Chris Blackshire so he can update the SPARTA-RTP Listserv. You will be added by the moderator (Chris = SPARTA-RTP-owner@yahoogroups.com) sending you an invitation to Join the list.

• Possible Vendor Fair - Mitch Hoffman and Chris Blackshire have exchanged a few emails, but don't have a plan. Mitch could not be at the meeting tonight to discuss options.

• Possible collaboration with the Carolinas zEnterprise Council - Garry Grandlienard is checking with IBM management to see if SPARTA can be officially involved.

• No update from Randy Springs on the SPARTA website connection to LinkedIn.

• Chris is in the process of putting a package together for Brad Carson, Tommy Thomas, and John Bryan's SPARTA contributions and death information on the web page under a new Emeritus section.

NEW BUSINESS

• Software Diversified Services wants to become a SPARTA corporate sponsor. Chris will coordinate the payment and adding of SDS to the newsletter and web page with Deb Hodson, Pam Tant, Ed Webb, and Mike Lockey.

• The Business portion of the meeting ended about 8:55 P.M.

• Presentation: Securing Mainframe Data Using FTP, SIEM, and PGP Data Encryption
By Deb Hodson, Dave Ellis, and Tim Full of Software Diversified Services (SDS)

Agenda

• About Software Diversified Services
• Options for Securing Mainframe Data
• Secure FTP Using SSH
• E-Business Server (PGP) Encryption
• SIEM z/OS and DB2 Collector Agents

• About Software Diversified Services
- Software Diversified Services
- Proudly Serving Enterprise Customers for Over 35 Years
- Financially Rock Solid
- Several Hundred Satisfied Licensed Customers Worldwide
- Over 20 z/OS, z/VSE and z/VM Mainframe Systems and Distributed Products
- World Class Support 24x7
- Full Time Development / Support Staff / USA
- VitalSigns Network & Security Solutions
- Partner Solution SSH Tectia for z/OS (Secure FTP)
- Partner Solution Virtel for Thin Client 3270TE and Secure TN3270

• Introductions
- Dave Ellis, Software Developer, Raleigh
- Deb Hodson, Sales Manager, Raleigh
- Tim Full, Technical Services Manager, Minneapolis

• • Options for Securing Mainframe Data

• Securing Data at Rest and In Flight

• Securing Data in Motion and at Rest
- Diagram not copied

QUESTION
How Many Of You Use FTP?
How Many Of You Use SFTP?

• FTP
- Pros
- - Ubiquitous
- - Common knowledge
- - Included in base OS
- Cons
- - Very little security
- - Not firewall friendly
- - No native compression (Mode Z in some implementations)

• Secure FTP (SFTP)
- Pros
- - Point to point encryption
- - Compression and Integrity built- in
- - Already ready to go on Unix/Linux servers
- Cons
- - Not part of base on z/OS or windows
- - Command Syntax different - Unfamiliar to some users

• • Secure FTP Using SSH

• Secure FTP - VitalSigns for FTP - SSH Tectia z/OS

• VitalSigns for FTP - Monitoring, Automation, Auditing, Security
- Monitoring
- - Complete visibility on all FTP transfers
- - - Failed Sessions, Secure, Unsecure, User ID, IP address, Customized queries
- Automation
- - FCL scripting Language - IF, Then, DO, ELSE
- - Restart Failed transfers
- - Create and enforce rules
- Auditing
- -Retain all FTP transfers for user defined period
- - See context of FTP transfer and technical details
- - Extract information from Database into EXCEL or SAS for graphical charting
- - Sample Batch reports (SMF)
- Security
- - Use VFTP Client Rules to route FTP batch job(s) to the SSH Socks Proxy (NO JCL CHANGES REQUIRED)
- - Control access to FTP commands like
- - SITE, CD, Prevent users from submitting jobs through JES internal reader
- - Restart Failed transfers
- - Create and enforce rules

• What is SSH ?
- SSH (Secure Shell Protocol)
- - SSH Communications Security was founded in 1995 by Tatu Ylonen, original developer of the Secure Shell Protocol (SSH)
- - SSH is the de-facto standard used by millions of worldwide for secure remote login, command execution, file transfer and application tunneling
- - SSH z/OS is the server application for SSH communications to and from z/OS
- - Client <---> Secure <---> Server

• SSH / Tectia Server for z/OS is ....
- Tectia Server for IBM z/OS is
- - Enterprise class security solution for IBM z/OS mainframes providing
- - - Secure File Transfers
- - - Secure Application Connectivity
- - - Secure System Administration
- - Transparent FTP-SFTP Conversion and FTP Tunneling
- - Native z/OS dataset support
- - Hardware acceleration of cryptographic operations
- - Configurable ASCII/EBCDIC conversion
- - Integrated authentication for RACF, CA-ACF2 and CA-TSS
- - SMF and syslog file transfer auditing

• SSH / Tectia and VFTP - The Complete Solution - FTP to SFTP Conversion
With NO JCL CHANGES NEEDED
- VFTP can direct the FTP Client to transfer data through a SOCKS Proxy
- VFTP can direct z/OS clients to alternate configuration files
- VFTP Client configuration allows users to define selection criteria for batch jobs

• • E-Business Server (PGP) Encryption

QUESTION
How Many of You Use Encryption (PGP) for Securing Data at Rest?

• PGP (Data at Rest)
- Pros
- - Full control of sensitive data
- - Transport is not important
- - Compression and Integrity
- - Not just for transfers
- Cons
- - Requires staging of data
- Common uses
- - Sensitive data that needs protection at destination as well as in transit

• PGP Encryption - SDS E-Business Server

• PGP Encryption At Rest

• SDS E-Business Server Overview
- Based on the Open Standard
- Use of Public Key Cryptography
- Provides Strong Encryption
- Generates keys, encrypts, decrypts, digitally signs and authenticates
- Creates Certificates (x.509)
- Provides Key Management
- Ensures File integrity
- Non repudiation of sender
- Additional Decryption Keys (ADK)
- Self Decrypting Archives (SDA)
- Conserves Bandwidth and improves transfer speed with built-in compression
- Secures files over 4 GB
- Automatic ASCII to EBCDIC character conversion
- Seamlessly integrates into existing E-Business process (or enables new ones)
- Provides API's for easy integration with Application and Processes

• E-Business Server Supported Platforms
- z/OS
- Windows
- Linux
- HP-UX
- AIX
- Solaris

• E-Business Server - User Interfaces
- Command - line : EBS
- APIs : C ,COM, Java (JNI), REXX
- GUI : Java administration console for key management and configuration

• • SIEM z/OS and DB2 Collector Agents

QUESTION
How Many Of You Have Been Asked (Required?) to Collect Mainframe Data for SIEM?

• What is SIEM ? - Security Information & Event Management
- Security Management provides a holistic view of an organization's information technology security
- SIEM combines SIM (Security Information Management) and SEM (Security Event Management) functions into ONE Security Management System
- SIEM
- - Asset Discovery
- - Vulnerability Assessment
- - Threat Detection
- - Event Collection
- - Correlation
- - Event Management
- - Log Storage

• Security Information & Event Management System
- Security Event Management (SEM) - - - - Security Information Management (SIM)
- - Provides - - - - - - - - - - - - - - - - - - - - - - -Provides
- - - Event Management - - - - - - - - - - - - - -Centralized log collections
- - - Real Time Threat Analysis - - - - - - - - - Long term log collection
- - - Incident Detection & Response - - - - - Log search and reporting
- - - Basic ticketing capabilities
- - - Security operations

• Why SIEM?
- Security Requirement
- - SIEM is the core defense for an in-depth strategy
- - Attackers leave behind a trace - Logs
- - Security Events provide insight into
- - - When the event occurred
- - - Why it happened
- - - What happened

• Why integrate z/OS into SIEM ?
- Compliance Requirement
- - PCI, SOX, HIPAA, GLBA, etc
- Mainframe contains sensitive data
- - Large corporations have 70% of data on Mainframes
- z/OS is not invulnerable
- Most companies have a SIEM; why not include your mainframe?

• SIEM - One view of your entire Enterprise
- A Enterprise SIEM collects / aggregates logs from heterogeneous sources
- - Databases
- - Routers
- - Switches
- - Other SYSLOG devices
- All in ONE central location
- Makes searching easy
- - Exact Time
- - Corresponding Security Event
- - Who
- - When
- - Location
- Configure Rules
- Kick off scripts
- - Based on thresholds
- - Conditions
- - Violations
- - Anomalies

• z/OS Filtering
- To process the vast amount of data coming from SMF and WTOs, but NOT filter out irrelevant events....
- Would be like trying to drink from a fire hose!

• SIEM for z/OS & DB2 - VitalSigns for SIEM Agent

• VitalSigns SIEM Agent
- Delivers Real-Time of alerts to be managed, filtered, routed, and searched via Enterprise SIEM software
- Gathers intelligence from z/OS SMF and the system operator interface
- Provides certified integration with HPE ArcSight and IBM QRadar
- Integrates with Splunk, LogRhythm, EMC RSA Security Analytics, McAfee Enterprise Security Manager, Dell SecureWorks, etc.
- Easy installation
- Small footprint with little CPU overhead
- Collects standard SMF record types related to
- - Security
- - DB2 activity
- - Operational activity
- - Networking
- SDS provides a list and spreadsheet of recommended / suggested SMF record types to collect

• • Summary - Recap

• VitalSigns for FTP
- VFTP helps customers identify all of their FTP traffic both inbound and outbound on z/OS
- VFTP can assist customers in their migration of unsecure FTP to Secure FTP
- It can help protect 'unauthorized' FTP commands like SITE, CD etc.
- It can assist customers to automate FTP transfers using FTP Control Language (FCL)
- It can retain logs for specified time periods for audit requirements

• SSH Tectia
- Secures data in transit
- No Staging of Data - Direct MVS dataset access
- Solid, Secure Shell Protocol
- Used in conjunction with VFTP, customers can migrate their batch JCL to SFTP WITHOUT making any JCL changes

• E-Business Server (PGP)
- E-Business Server
- - Securing Data at Rest
- - Cross Platform
- - Easy to generate and manage keys using Console Key Manager
- - Automatic conversion of ASCII / EBCDIC data
- - Low on CPU resources

• VitalSigns SIEM Agent
- VitalSigns for SIEM Agent
- Agnostic with all Enterprise SIEMs
- Easy Collection of SIEM events/logs/WTORs
- z/OS and DB2
- Low on CPU resources

• The presentation ended about 8:20 PM

• Presentation Access - See SPARTA webpage for the complete presentation

• Contact Info:
SDS HQ in Minneapolis, MN
1322 81st Ave. NE
Spring Lake Park, MN 55432 -2116 USA
(800) 443-6183 or (763) 571-9000
www.sdsusa.com
info@sdsusa.com

Deb Hodson, Sales Manager, Raleigh, NC
Email: dhodson@sdsusa.com
Office: 763-450-9124 or 800-443-6183 x 124
Mobile: 919-636-8838

Dave Ellis, Software Developer, Raleigh, NC
Tim Full, Technical Services Manager, Minneapolis, MN

• The December 2017 monthly meeting ended about 8:55 PM.

Treasurer’s Report for January 2018

contributed by Pam Tant

The balance in the account is $560.89 as of January 31, 2018.

SPARTA Financial Report
3/01/2017 through 01/31/2018

Items of Interest

SPARTA Schedule and Menu for 2018

contributed by Chris Blackshire

February 6, 2018 - Fried chicken
March 6, 2018 - Subs
April 3, 2018 - BarBQ
May 1, 2018 - Pizza
June 5, 2018 - Fried chicken
July 10, 2018 (changed because of the July 4 holiday in previous week) - Subs
August 7, 2018 - BarBQ
September 11, 2018 (changed because of the Labor Day holiday in previous week) - Pizza
October 2, 2018 - Fried chicken
November 6, 2018 - Subs
December 4, 2018 - BarBQ

Register Now for SHARE in March 2018

Contributed By Ed Webb

"SHARE Sacramento is the only industry event that provides a user-focused approach to enterprise IT education with over 500 technical sessions on topics such as IBM Z® and z/OS, innovative workloads, pervasive encryption and Blockchain.

It's all about making connections: take advantage of the valuable networking opportunities you'll enjoy with seasoned enterprise IT professionals and the chance to meet with leading IT partners showcasing the hottest products in the industry.

Don't forget about the savings: there are discounted registration options for members, non-members, government employees and students."

Hotel reservations and discounted SHARE registration are available at SHARE Sacramento 2018.

"The deadline to reserve a hotel room with the SHARE discounted rate is Friday, February 9."

IBM Hot Topic: Crypto Statistics Monitor Watches Resource Usage

Contributed By Ed Webb

"Security is a principle concern in today’s world, and the secure handling of data is an essential component of security. Cryptographic Support for z/OS V2.1 to z/OS V2.3, also known as ICSF FMID HCR77C1 or web deliverable number 17, provides a means for the secure and reliable handling of data with Crypto Statistics Monitor. It helps security administrators and capacity planners monitor the use of cryptographic resources and shows which resources are being used, how much these resources are being used, and who is using these resources."

Use this how-to article from the IBM Hot Topics series to implement the new Crypto Monitor in your shop.

Beyond Bitcoin (Why Blockchain Might Be Good, or Nothing)

Contributed By Ed Webb

"Yes, it’s driven by greed — but the mania for cryptocurrency could wind up building something much more important than wealth."

Here’s a long and, to me, interesting article about blockchain and how it might be useful. Some good reading for a snowed-in day. Read Steven Johnson's recent article for the New York Times Magazine Beyond the Bitcoin Bubble.

"Everyone says the blockchain, the technology underpinning cryptocurrencies such as bitcoin, is going to change EVERYTHING. And yet, after years of tireless effort and billions of dollars invested, nobody has actually come up with a use for the blockchain—besides currency speculation and illegal transactions."

Or you can take an opposing view such as this one from Kai Stinchcombe of Hackernoon. Check out Kai's thinking here.

Humor

Computer History Videos

Contributed by Chris Blackshire

Some interesting and amusing mainframe related videos that I have stumbled upon.

IBM vintage computer promotional film 1970

https://www.youtube.com/watch?v=wIjgZhAjQS4

Interesting that the army was making training films about things like how magnetic cores work.

https://www.youtube.com/watch?v=X0WnddW5gZI

https://www.youtube.com/watch?v=An-GIhx0z4c

Computers in the 60`s

https://www.youtube.com/watch?v=8bzTgbHn83Q

Computers of NASA (1960s)

https://www.youtube.com/watch?v=BRZz0SVLdso

How did the Apollo flight computers get men to the moon and back?

https://www.youtube.com/watch?v=ULGi3UkgW30

What if Apollo had crashed on the Moon?

https://www.youtube.com/watch?v=Sg0BWGuGsSY

Apollo, the Lunar Dust and NASA's Dirty Problem

https://www.youtube.com/watch?v=EFqpgmZAZgo

Why Russia Did Not Put a Man on the Moon - The Secret Soviet Moon Rocket

https://www.youtube.com/watch?v=Vi6fjs_8Yx8

Why can't we fly a plane into space?

https://www.youtube.com/watch?v=ne82ld4LaZE

The TV cameras Apollo left on the Moon

https://www.youtube.com/watch?v=hPOjkSYv3lA

Top 10 Fastest Computers in the World 2016 - How much faster is a supercomuter than a PC or iPad Pro

https://www.youtube.com/watch?v=HBpkSIJ9KwU

Membership Information

Don’t Forget the Next SPARTA Meeting

Tuesday, February 6, 2018

7 p.m.

Location: LabCorp in RTP

Take I-40 to Miami Boulevard and go north. Turn right onto 1912 T.W. Alexander Drive. Go about a mile or so. Then turn right into LabCorp complex and turn left to the CMBP Building. In the lobby, sign in as a visitor to see Bill Johnson. Bill will escort you to the conference room. Use 1912 TW Alexander Drive, Durham, NC 27703 in your map app.

Free Food before meeting: Fried Chicken, Sodas and Tea, Dessert

Program:

How Proxy Coupling Technology Offloads Z CPU to Reduce TCO

Speaker: Ron Hilton of Proximal Systems Corporation

SPARTA News

P.O. Box 13194

Research Triangle Park, NC  27709-3194

First Class Postage

SPARTA Corporate Sponsors: