Command Line for IBM Mainframes: Easily Implemented. Absolutely
PGP Command Line
9 for z/OS protects business-critical data easily, with little impact on
PGP Command Line
is easily integrated into z/OS batch processes and JCL, as well
processes working on z/OS USS. Once deployed, PGP Command Line
automatically encrypts and decrypts data on-the-fly.
Complete z/OS Encryption Tool!
- Batch JCL and USS scripting
- 50% to 90% compression
- VSAM file support
- EBCDIC - ASCII conversions
- Key management
- Integration across all
PGP for z/OS
works with PGP for...
Encryption and compression. PGP
Command Line dramatically reduces file sizes--with a corresponding
decrease in consumption of bandwidth, processing time, and disk
space. Binary files typically compress to half their original
size. Flat files compress as much as 90%.
PGP Command Line
performs file-based encryption and decryption to ensure confidentiality
of sensitive data, and it creates and verifies digital signatures
to ensure message integrity and provide proof of the origin
PGP Command Line provides key-management, allowing users to
create and store keys, and find keys at directories and keyservers.
PGP Command Line
is a command-line application that can easily be integrated
with existing processes and scripts.
- Cost-effective batch
encryption, signing, and key management
- Protects confidential
information in motion and at rest
- Rapid automation of
- Based on proven PGP
- Secure file transfer
to any recipient
- Insures data authenticity,
integrity, and privacy.
- Easily scriptable encryption/signing
- Self-decrypting archives
- Secure file deletion
prevents reconstruction of sensitive, unencrypted data
strong cryptography employed by PGP Online is the best available.
is tried and trusted. PGP
encryption has undergone more than a decade of intense review by the
world's best cryptographers. PGP Command Line relies on an open
standard, OpenPGP (see IETF
and PGP Corporation has released source code for peer review and
Encryption, in Transit and at Rest: Encrypted data is safe,
whether moving cross-country or resting in the datacenter. PGP
Command Line installs on an existing server where information is
batch-processed. Data-transfer scripts--using REXX, JCL, or other
languages--call on PGP Command Line for encryption before
transmitting messges. Backup scripts call on PGP Command Line before
writing to archives.
Security and Compression: PGP
encryption starts with compression to decrease the size of files.
Compressed files are not only easier to encrypt, transport, and
store, they are harder to decrypt without the right tools and keys.
Binary files typically compress to half their original size. Flat
files compress as much as 90%.
Integrity, Non-repudiation: PGP Command Line encryption
includes hash and signature mechanisms to ensure that data came from
the expected source and that data is complete and untampered with. In
addition, the source cannot deny having sent the data.
Archives, and Recovery: PGP Additional Decryption Key
technology (ADK) ensures that encrypted archives can be made
available when the time comes--a requirement of many regulations,
organizations, and business partners--as a safeguard against lost
Encrypted Data to Any Business Partner: If your partners
don't have encryption software or public keys, send them a PGP
Self-Decrypting Archive (SDA), and send the decryption key by some
other, secure route. The SDA is executable on any of the same Linux,
Unix, Windows, Mac OSX, and z/OS platforms where PGP Command Line can
Files, not Just File Addresses: PGP Command Line provides
Secure File Deletion that permanently overwrites data files, making
them impossible to retrieve by any means.
Splitting, the Ultimate Protection: Make decryption
impossible to perform in secret. PGP Command Line can split private
keys into multiple pieces, held by multiple people. Decryption
requires that all the people agree and all the pieces come together.
Management: PGP Command Line...
public-private key pairs.
keys in PDSs protected by SAF security: RACF, ACF2, or TopSecret
out keys and certificates at servers, both OpenPGP and X.509.
Service: PGP Command Line readily collaborates with a PGP
Universal Server to provide...
certificates to authenticate public keys.
backup of private keys behind user-specified security questions.
of revoked keys and certificates.
Key Directories: Find user's public keys when you need them.
The PGP Universal Server provides a PGP Global Directory for OpenPGP
keys. And it provides LDAP v3 directories for X.509 certificates.
Reconstruction: Normally, users keep their private keys on
their private machines, protected by pass-phrases. For backup, they
can also store keys on a PGP Universal Server, protected by
fragmentation, encryption, and a sets of security questions written
by the users. In a pinch, then, users can retrieve their keys from
the server by correctly answering the questions.
Authenticate Public Keys: Signed certificates verify to your
data sources that your public key is indeed yours. That prevents an
imposter from substituting a counterfit key, fooling your sources
into supplying private data to the wrong people--the so-called
is NOT Optional ! Data security
is mandated by law:
Integration: PGP Command Line for z/OS Mainframes provides
full support for all native functions of PGP including LDAP
integration, Additional Decryption Key (ADK), PGP Key Server, and XML
on z/OS: PGP Command Line supports native z/OS batch
operations with JCL and ISPF, as well as providing a USS
implementation for use with shell scripts.
solutions are built on the widely trusted OpenPGP standard (RFC
Corporation has released PGP source code for peer review and
validation. The code has undergone more than a decade of intense
review by the world's best cryptographers.
PGP Software Development Kit has been validated to the Federal
Information Processing Standard (FIPS) of the U.S. National Institute
of Standards and Technology (NIST): FIPS
encryption is one of two e-mail encryption standards recommended by
the NIST "Guidelines on Electronic Mail Security": NIST
& Batch Interfaces
- z/OS JCL, ISPF, &
- z/OS USS shell scripts
- DSA (Digital Signature
- RSA (up to 4096-bit keys)
AES (up to 256-bit keys) (Advanced Encryption
- TripleDES (FIPS
SHA-1, SHA-256, SHA-384, SHA-512 (Secure Hash
Support for Blowfish is limited to decrypting existing messages
encrypted with Blowfish or encrypting to existing keys that specify
Blowfish as the preferred cipher.
the data sheet