IBM z/OS Mainframe Security and Audit Management Using the IBM Security zSecure Suite

IBM z/OS Mainframe Security and Audit Management Using the IBM Security zSecure Suite PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738435880
Category : Computers
Languages : en
Pages : 494

Get Book Here

Book Description
Every organization has a core set of mission-critical data that must be protected. Security lapses and failures are not simply disruptions—they can be catastrophic events, and the consequences can be felt across the entire organization. As a result, security administrators face serious challenges in protecting the company's sensitive data. IT staff are challenged to provide detailed audit and controls documentation at a time when they are already facing increasing demands on their time, due to events such as mergers, reorganizations, and other changes. Many organizations do not have enough experienced mainframe security administrators to meet these objectives, and expanding employee skillsets with low-level mainframe security technologies can be time-consuming. The IBM® Security zSecure suite consists of multiple components designed to help you administer your mainframe security server, monitor for threats, audit usage and configurations, and enforce policy compliance. Administration, provisioning, and management components can significantly reduce administration, contributing to improved productivity, faster response time, and reduced training time needed for new administrators. This IBM Redbooks® publication is a valuable resource for security officers, administrators, and architects who wish to better understand their mainframe security solutions.

IBM z/OS Mainframe Security and Audit Management Using the IBM Security zSecure Suite

IBM z/OS Mainframe Security and Audit Management Using the IBM Security zSecure Suite PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738435880
Category : Computers
Languages : en
Pages : 494

Get Book Here

Book Description
Every organization has a core set of mission-critical data that must be protected. Security lapses and failures are not simply disruptions—they can be catastrophic events, and the consequences can be felt across the entire organization. As a result, security administrators face serious challenges in protecting the company's sensitive data. IT staff are challenged to provide detailed audit and controls documentation at a time when they are already facing increasing demands on their time, due to events such as mergers, reorganizations, and other changes. Many organizations do not have enough experienced mainframe security administrators to meet these objectives, and expanding employee skillsets with low-level mainframe security technologies can be time-consuming. The IBM® Security zSecure suite consists of multiple components designed to help you administer your mainframe security server, monitor for threats, audit usage and configurations, and enforce policy compliance. Administration, provisioning, and management components can significantly reduce administration, contributing to improved productivity, faster response time, and reduced training time needed for new administrators. This IBM Redbooks® publication is a valuable resource for security officers, administrators, and architects who wish to better understand their mainframe security solutions.

Getting Started with z/OS Data Set Encryption

Getting Started with z/OS Data Set Encryption PDF Author: Bill White
Publisher: IBM Redbooks
ISBN: 0738460222
Category : Computers
Languages : en
Pages : 274

Get Book Here

Book Description
This IBM® Redpaper Redbooks® publication provides a broad explanation of data protection through encryption and IBM Z® pervasive encryption with a focus on IBM z/OS® data set encryption. It describes how the various hardware and software components interact in a z/OS data set encryption environment. In addition, this book concentrates on the planning and preparing of the environment and offers implementation, configuration, and operational examples that can be used in z/OS data set encryption environments. This publication is intended for IT architects, system programmer, and security administrators who plan for, deploy, and manage security on the Z platform. The reader is expected to have a basic understanding of IBM Z security concepts.

Empowering Security and Compliance Management for the z/OS RACF Environment using IBM Tivoli Security Management for z/OS

Empowering Security and Compliance Management for the z/OS RACF Environment using IBM Tivoli Security Management for z/OS PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738450200
Category : Computers
Languages : en
Pages : 52

Get Book Here

Book Description
Every organization has a core set of mission-critical data that requires protection. Security lapses and failures are not simply disruptions, they can be catastrophic events with consequences felt across the enterprise. The inadvertent mistakes of privileged users alone can result in millions of dollars in damages through unintentional configuration errors and careless security commands. Malicious users with authorized access can cause even greater damage. As a result, security management faces a serious challenge to adequately protect a company's sensitive data. Likewise, IT staff is challenged to provide detailed audit and controls documentation in the face of increasing demands on their time. Automation and simplification of security and compliance processes can help you meet these challenges and establish effective, sustainable user administration and audit solutions. This includes security database cleanup, repeatable audit of configurations and settings, and active monitoring of changes and events. IBM Tivoli Security Management for z/OS V1.11 provides these solutions to help enhance the security of mainframe systems through automated audit and administration. In this IBM® RedpaperTM document we discuss how Tivoli® Security Management for z/OS® allows you to submit mainframe security information from z/OS, RACF®, and DB2® into an enterprise audit and compliance solution and how to combine mainframe data from z/OS, RACF, and DB2 with that from other operating systems, applications, and databases in order to provide the ability to capture comprehensive log data, interpret that data through sophisticated log analysis, and communicate results in an efficient, streamlined manner for full enterprise-wide audit and compliance reporting.

Keeping Up With Security and Compliance on IBM Z

Keeping Up With Security and Compliance on IBM Z PDF Author: Bill White
Publisher: IBM Redbooks
ISBN: 0738461172
Category : Computers
Languages : en
Pages : 136

Get Book Here

Book Description
Non-compliance can lead to increasing costs. Regulatory violations involving data protection and privacy can have severe and unintended consequences. In addition, companies must keep pace with changes that arise from numerous legislative and regulatory bodies. Global organizations have the added liability of dealing with national and international-specific regulations. Proving that you are compliant entails compiling and organizing data from multiple sources to satisfy auditor's requests. Preparing for compliance audits can be a major time drain, and maintaining, updating, and adding new processes for compliance can be a costly effort. How do you keep constant changes to regulations and your security posture in check? It starts with establishing a baseline: knowing and understanding your current security posture, comparing it with IBM Z® security capabilities, and knowing the latest standards and regulations that are relevant to your organization. IBM Z Security and Compliance Center can help take the complexity out of your compliance workflow and the ambiguity out of audits while optimizing your audit process to reduce time and effort. This IBM Redbooks® publication helps you make the best use of IBM Z Security and Compliance Center and aid in mapping all the necessary IBM Z security capabilities to meet compliance and improve your security posture. It also shows how to regularly collect and validate compliance data, and identify which data is essential for auditors. After reading this document, you will understand how your organization can use IBM Z Security and Compliance Center to enhance and simplify your security and compliance processes and postures for IBM z/OS® systems. This publication is for IT managers and architects, system and security administrators

Reduce Risk and Improve Security on IBM Mainframes: Volume 1 Architecture and Platform Security

Reduce Risk and Improve Security on IBM Mainframes: Volume 1 Architecture and Platform Security PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738440108
Category : Computers
Languages : en
Pages : 332

Get Book Here

Book Description
This IBM® Redbooks® publication documents the strength and value of the IBM security strategy with IBM System z® hardware and software. In an age of increasing security consciousness, IBM System z provides the capabilities to address the needs of today's business security challenges. This publication explores how System z hardware is designed to provide integrity, process isolation, and cryptographic capability to help address security requirements. This book highlights the features of IBM z/OS® and other operating systems, which offer various customizable security elements under the Security Server and Communication Server components. This book describes z/OS and other operating systems and additional software that leverage the building blocks of System z hardware to provide solutions to business security needs. This publication's intended audience is technical architects, planners, and managers who are interested in exploring how the security design and features of System z, the z/OS operating system, and associated software address current issues, such as data encryption, authentication, authorization, network security, auditing, ease of security administration, and monitoring.

z/OS Identity Propagation

z/OS Identity Propagation PDF Author: Karan Singh
Publisher: IBM Redbooks
ISBN: 0738436062
Category : Computers
Languages : en
Pages : 182

Get Book Here

Book Description
This IBM® Redbooks® publication explores various implementations of z/OS® Identity Propagation where the distributed identity of an end user is passed to z/OS and used to map to a RACF® user ID, and any related events in the audit trail from RACF show both RACF and distributed identities. This book describes the concept of identity propagation and how it can address the end-to end accountability issue of many customers. It describes, at a high level, what identity propagation is, and why it is important to us. It shows a conceptual view of the key elements necessary to accomplish this. This book provides details on the RACMAP function, filter management and how to use the SMF records to provide an audit trail. In depth coverage is provided about the internal implementation of identity propagation, such as providing information about available callable services. This book examines the current exploiters of z/OS Identity Propagation and provide several detailed examples covering CICS® with CICS Transaction Gateway, DB2®, and CICS Web services with Datapower.

Security on z/VM

Security on z/VM PDF Author: Paola Bari
Publisher: IBM Redbooks
ISBN: 0738488542
Category : Computers
Languages : en
Pages : 348

Get Book Here

Book Description
Discussions about server sprawl, rising software costs, going green, or moving data centers to reduce the cost of business are held in many meetings or conference calls in many organizations throughout the world. And many organizations are starting to turn toward System zTM and z/VM® after such discussions. The virtual machine operating system has over 40 years of experience as a hosting platform for servers, from the days of VM/SP, VM/XA, VM/ESA® and especially now with z/VM. With the consolidation of servers and conservative estimates that approximately seventy percent of all critical corporate data reside on System z, we find ourselves needing a highly secure environment for the support of this infrastructure. This document was written to assist z/VM support and security personnel in providing the enterprise with a safe, secure and manageable environment. This IBM® Redbooks® publication provides an overview of security and integrity provided by z/VM and the processes for the implementation and configuration of z/VM Security Server, z/VM LDAP Server, IBM Tivoli® Directory Server for z/OS®, and Linux® on System z with PAM for LDAP authentication. Sample scenarios with RACF® database sharing between z/VM and z/OS, or through Tivoli Directory Integrator to synchronize LDAP databases, are also discussed in this book. This book provides information about configuration and usage of Linux on System z with the System z Cryptographic features documenting their hardware and software configuration. The Consul zSecure Pro Suite is also part of this document: this product helps to control and audit security not only on one system, but can be used as a single point of enterprise wide security control. This document covers the installation and configuration of this product and detailed information is presented on how z/Consul can be used to collect and analyze z/VM security data and how it can be helpful in the administration of your audit data.

Mainframe Basics for Security Professionals

Mainframe Basics for Security Professionals PDF Author: Ori Pomerantz
Publisher: Pearson Education
ISBN: 013270434X
Category : Computers
Languages : en
Pages : 194

Get Book Here

Book Description
Leverage Your Security Expertise in IBM® System zTM Mainframe Environments For over 40 years, the IBM mainframe has been the backbone of the world’s largest enterprises. If you’re coming to the IBM System z mainframe platform from UNIX®, Linux®, or Windows®, you need practical guidance on leveraging its unique security capabilities. Now, IBM experts have written the first authoritative book on mainframe security specifically designed to build on your experience in other environments. Even if you’ve never logged onto a mainframe before, this book will teach you how to run today’s z/OS® operating system command line and ISPF toolset and use them to efficiently perform every significant security administration task. Don’t have a mainframe available for practice? The book contains step-by-step videos walking you through dozens of key techniques. Simply log in and register your book at www.ibmpressbooks.com/register to gain access to these videos. The authors illuminate the mainframe’s security model and call special attention to z/OS security techniques that differ from UNIX, Linux, and Windows. They thoroughly introduce IBM’s powerful Resource Access Control Facility (RACF) security subsystem and demonstrate how mainframe security integrates into your enterprise-wide IT security infrastructure. If you’re an experienced system administrator or security professional, there’s no faster way to extend your expertise into “big iron” environments. Coverage includes Mainframe basics: logging on, allocating and editing data sets, running JCL jobs, using UNIX System Services, and accessing documentation Creating, modifying, and deleting users and groups Protecting data sets, UNIX file system files, databases, transactions, and other resources Manipulating profiles and managing permissions Configuring the mainframe to log security events, filter them appropriately, and create usable reports Using auditing tools to capture static configuration data and dynamic events, identify weaknesses, and remedy them Creating limited-authority administrators: how, when, and why

z/OS Version 1 Release 11 Implementation

z/OS Version 1 Release 11 Implementation PDF Author: Paul Rogers
Publisher: IBM Redbooks
ISBN: 073843387X
Category : Computers
Languages : en
Pages : 736

Get Book Here

Book Description
This IBM® Redbooks® publication positions the new z/OS® Version 1 Release 11 for migration by discussing many of the new functions that are available. The goal for the z/OS platform is to eliminate, automate, and simplify tasks without sacrificing z/OS strengths, and to deliver a z/OS management facility that is easy to learn and use. z/OS is a highly secure, scalable, high-performance enterprise operating system on which to build and deploy Internet- and JavaTM-enabled applications, providing a comprehensive and diverse application execution environment. This books describes the following new and changed functions: - IBM z/OS Management Facility - Allocation enhancements in z/OS V1R11 - BCPii function enhancements in z/OS V1R11 - JES2 and JES3 enhancements - zFS file sharing enhancements - Extended access volume enhancements - Choosing whether to run zAAP work on zIIP processors - System REXX enhancements in V1R11 - RRS global panel options - Service aids enhancements in V1R11 - GRS ENQ contention notification enhancements and analysis for GRS latches - Basic HyperSwap® support enhancement - Message Flood Automation enhancements - Program Management new Binder IEWPARMS - Predictive failure analysis (PFA) - SMF enhancements in V1R11 - System Logger enhancements - XCF/XES enhancements in V1R11 - AutoIPL support - Displaying PDSE caching statistics - ISPF enhancements - IBM Health Checker for z/OS enhancements

RACF Remote Sharing Facility over TCP/IP

RACF Remote Sharing Facility over TCP/IP PDF Author: Karan Singh
Publisher: IBM Redbooks
ISBN: 0738437050
Category : Computers
Languages : en
Pages : 164

Get Book Here

Book Description
The IBM RACF® remote sharing facility (RRSF) allows RACF to communicate with other IBM z/OS® systems that use RACF, allowing you to maintain remote RACF databases. RRSF support for the security administrator provides these benefits: Administration of RACF databases from anywhere in the RRSF network Creation of User ID associations for password and password phrase synchronization Automatic synchronization of databases Before to z/OS V1R13, RRSF only supported the APPC protocol. With z/OS release V1R13, TCP/IP can be used to extend the RACF Remote Sharing Facility (RRSF) functionality to a network of RRSF nodes capable of communicating over the TCP/IP protocol. Using TCP/IP connections for RRSF nodes provides advantages over APPC such as improved security, including stronger encryption levels. This IBM® Redbooks® publication addresses the issue of implementing a new RRSF network using the TCP/IP protocol. It covers planning, implementation, and operational issues for deploying RRSF using TCP/IP. In addition, It addresses migration of an RRSF network from APPC to TCP/IP, including in-depth examples of the migration process.