Reduce Risk and Improve Security on IBM Mainframes: Volume 3 Mainframe Subsystem and Application Security

Reduce Risk and Improve Security on IBM Mainframes: Volume 3 Mainframe Subsystem and Application Security PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738441023
Category : Computers
Languages : en
Pages : 200

Get Book Here

Book Description
This IBM® Redbooks® publication documents the strength and value of the IBM security strategy with IBM zTM Systems hardware and software. In an age of increasing security consciousness and more and more dangerous advanced persistent threats, IBM z SystemsTM provides the capabilities to address the needs of today's business security challenges. This publication explores how z Systems hardware is designed to provide integrity, process isolation, and cryptographic capability to help address security requirements. We highlight the features of IBM z/OS® and other operating systems, which offer a variety of customizable security elements. We discuss z/OS and other operating systems and additional software that use the building blocks of z Systems hardware to provide solutions to business security needs. We also explore the perspective from the view of an enterprise security architect and how a modern mainframe has to fit into an overarching enterprise security architecture. This book is part of a three-volume series that focuses on guiding principles for optimized mainframe security configuration within a holistic enterprise security architecture. The series' intended audience includes enterprise security architects, planners, and managers who are interested in exploring how the security design and features of z Systems, the z/OS operating system, and associated software address current issues such as data encryption, authentication, authorization, network security, auditing, ease of security administration, and monitoring.

Reduce Risk and Improve Security on IBM Mainframes: Volume 3 Mainframe Subsystem and Application Security

Reduce Risk and Improve Security on IBM Mainframes: Volume 3 Mainframe Subsystem and Application Security PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738441023
Category : Computers
Languages : en
Pages : 200

Get Book Here

Book Description
This IBM® Redbooks® publication documents the strength and value of the IBM security strategy with IBM zTM Systems hardware and software. In an age of increasing security consciousness and more and more dangerous advanced persistent threats, IBM z SystemsTM provides the capabilities to address the needs of today's business security challenges. This publication explores how z Systems hardware is designed to provide integrity, process isolation, and cryptographic capability to help address security requirements. We highlight the features of IBM z/OS® and other operating systems, which offer a variety of customizable security elements. We discuss z/OS and other operating systems and additional software that use the building blocks of z Systems hardware to provide solutions to business security needs. We also explore the perspective from the view of an enterprise security architect and how a modern mainframe has to fit into an overarching enterprise security architecture. This book is part of a three-volume series that focuses on guiding principles for optimized mainframe security configuration within a holistic enterprise security architecture. The series' intended audience includes enterprise security architects, planners, and managers who are interested in exploring how the security design and features of z Systems, the z/OS operating system, and associated software address current issues such as data encryption, authentication, authorization, network security, auditing, ease of security administration, and monitoring.

Reduce Risk and Improve Security on IBM Mainframes

Reduce Risk and Improve Security on IBM Mainframes PDF Author: Axel Bücker
Publisher:
ISBN:
Category : Computer networks
Languages : en
Pages : 192

Get Book Here

Book Description
This IBM® Redbooks® publication documents the strength and value of the IBM security strategy with IBM zTM Systems hardware and software. In an age of increasing security consciousness and more and more dangerous advanced persistent threats, IBM z SystemsTM provides the capabilities to address the needs of today's business security challenges. This publication explores how z Systems hardware is designed to provide integrity, process isolation, and cryptographic capability to help address security requirements. We highlight the features of IBM z/OS® and other operating systems, which offer a variety of customizable security elements. We discuss z/OS and other operating systems and additional software that use the building blocks of z Systems hardware to provide solutions to business security needs. We also explore the perspective from the view of an enterprise security architect and how a modern mainframe has to fit into an overarching enterprise security architecture. This book is part of a three-volume series that focuses on guiding principles for optimized mainframe security configuration within a holistic enterprise security architecture. The series' intended audience includes enterprise security architects, planners, and managers who are interested in exploring how the security design and features of z Systems, the z/OS operating system, and associated software address current issues such as data encryption, authentication, authorization, network security, auditing, ease of security administration, and monitoring.

Reduce Risk and Improve Security on IBM Mainframes: Volume 2 Mainframe Communication and Networking Security

Reduce Risk and Improve Security on IBM Mainframes: Volume 2 Mainframe Communication and Networking Security PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738440949
Category : Computers
Languages : en
Pages : 188

Get Book Here

Book Description
This IBM® Redbooks® publication documents the strength and value of the IBM security strategy with IBM z Systems hardware and software (referred to in this book by the previous product name, IBM System z®). In an age of increasing security consciousness and more dangerous and advanced persistent threats, System z provides the capabilities to address today's business security challenges. This book explores how System z hardware is designed to provide integrity, process isolation, and cryptographic capability to help address security requirements. We highlight the features of IBM z/OS® and other operating systems that offer a variety of customizable security elements. We also describe z/OS and other operating systems and additional software that use the building blocks of System z hardware to meet business security needs. We explore these from the perspective of an enterprise security architect and how a modern mainframe must fit into an enterprise security architecture. This book is part of a three-volume series that focuses on guiding principles for optimized mainframe security configuration within a holistic enterprise security architecture. The intended audience includes enterprise security architects, planners, and managers who are interested in exploring how the security design and features of the System z platform, the z/OS operating system, and associated software address current issues, such as data encryption, authentication, authorization, network security, auditing, ease of security administration, and monitoring.

Reduce Risk and Improve Security on IBM Mainframes: Volume 1 Architecture and Platform Security

Reduce Risk and Improve Security on IBM Mainframes: Volume 1 Architecture and Platform Security PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738440108
Category : Computers
Languages : en
Pages : 332

Get Book Here

Book Description
This IBM® Redbooks® publication documents the strength and value of the IBM security strategy with IBM System z® hardware and software. In an age of increasing security consciousness, IBM System z provides the capabilities to address the needs of today's business security challenges. This publication explores how System z hardware is designed to provide integrity, process isolation, and cryptographic capability to help address security requirements. This book highlights the features of IBM z/OS® and other operating systems, which offer various customizable security elements under the Security Server and Communication Server components. This book describes z/OS and other operating systems and additional software that leverage the building blocks of System z hardware to provide solutions to business security needs. This publication's intended audience is technical architects, planners, and managers who are interested in exploring how the security design and features of System z, the z/OS operating system, and associated software address current issues, such as data encryption, authentication, authorization, network security, auditing, ease of security administration, and monitoring.

IBM z/OS Mainframe Security and Audit Management Using the IBM Security zSecure Suite

IBM z/OS Mainframe Security and Audit Management Using the IBM Security zSecure Suite PDF Author: Axel Buecker
Publisher: IBM Redbooks
ISBN: 0738435880
Category : Computers
Languages : en
Pages : 494

Get Book Here

Book Description
Every organization has a core set of mission-critical data that must be protected. Security lapses and failures are not simply disruptions—they can be catastrophic events, and the consequences can be felt across the entire organization. As a result, security administrators face serious challenges in protecting the company's sensitive data. IT staff are challenged to provide detailed audit and controls documentation at a time when they are already facing increasing demands on their time, due to events such as mergers, reorganizations, and other changes. Many organizations do not have enough experienced mainframe security administrators to meet these objectives, and expanding employee skillsets with low-level mainframe security technologies can be time-consuming. The IBM® Security zSecure suite consists of multiple components designed to help you administer your mainframe security server, monitor for threats, audit usage and configurations, and enforce policy compliance. Administration, provisioning, and management components can significantly reduce administration, contributing to improved productivity, faster response time, and reduced training time needed for new administrators. This IBM Redbooks® publication is a valuable resource for security officers, administrators, and architects who wish to better understand their mainframe security solutions.

Getting Started with z/OS Data Set Encryption

Getting Started with z/OS Data Set Encryption PDF Author: Bill White
Publisher: IBM Redbooks
ISBN: 0738460222
Category : Computers
Languages : en
Pages : 274

Get Book Here

Book Description
This IBM® Redpaper Redbooks® publication provides a broad explanation of data protection through encryption and IBM Z® pervasive encryption with a focus on IBM z/OS® data set encryption. It describes how the various hardware and software components interact in a z/OS data set encryption environment. In addition, this book concentrates on the planning and preparing of the environment and offers implementation, configuration, and operational examples that can be used in z/OS data set encryption environments. This publication is intended for IT architects, system programmer, and security administrators who plan for, deploy, and manage security on the Z platform. The reader is expected to have a basic understanding of IBM Z security concepts.

IBM z/OS V2R2: Security

IBM z/OS V2R2: Security PDF Author: Keith Winnard
Publisher: IBM Redbooks
ISBN: 0738441279
Category : Computers
Languages : en
Pages : 52

Get Book Here

Book Description
This IBM® Redbooks® publication helps you to become familiar with the technical changes that were introduced to the security areas with IBM z/OS® V2R2. The following chapters are included: - Chapter 1, "RACF updates" on page 1: In this chapter, we describe the read-only auditor attribute, password security enhancements, RACDCERT (granular certificate administration), UNIX search authority, and RACF Remote sharing facility (RRSF). - Chapter 2, "LDAP updates" on page 13: In this chapter, we describe the activity log enhancements, compatibility level upgrade without LDAP outage, dynamic group performance enhancements, and replication of password policy attributes from a read-only replica. - Chapter 3, "PKI updates" on page 21: In this chapter, we describe the Network Authentication Service (KERBEROS) PKINIT, PKI nxm authorization, PKI OCSP enhancement, and RACDCERT (granular certificate administration) - Chapter 4, "z/OS UNIX search and file execution authority" on page 27: z/OS UNIX search authority, z/OS UNIX file execution, Examples for exploiting the new functions This book is one of a series of IBM Redbooks that take a modular approach to providing information about the updates that are included with z/OS V2R2. This approach has the following goals: - Provide modular content - Group the technical changes into a topic - Provide a more streamlined way of finding relevant information that is based on the topic We hope you find this approach useful and we welcome your feedback.

ABCs of IBM z/OS System Programming Volume 1

ABCs of IBM z/OS System Programming Volume 1 PDF Author: Lydia Parziale
Publisher: IBM Redbooks
ISBN: 0738442763
Category : Computers
Languages : en
Pages : 118

Get Book Here

Book Description
The ABCs of IBM® z/OS® System Programming is a 13-volume collection that provides an introduction to the z/OS operating system and the hardware architecture. Whether you are a beginner or an experienced system programmer, the ABCs collection provides the information that you need to start your research into z/OS and related subjects. Whether you want to become more familiar with z/OS in your current environment, or you are evaluating platforms to consolidate your online business applications, the ABCs collection will serve as a powerful technical tool. Volume 1 provides an updated understanding of the software and IBM zSeries architecture, and explains how it is used together with the z/OS operating system. This includes the main components of z/OS needed to customize and install the z/OS operating system. This edition has been significantly updated and revised.

Security on z/VM

Security on z/VM PDF Author: Paola Bari
Publisher: IBM Redbooks
ISBN: 0738488542
Category : Computers
Languages : en
Pages : 348

Get Book Here

Book Description
Discussions about server sprawl, rising software costs, going green, or moving data centers to reduce the cost of business are held in many meetings or conference calls in many organizations throughout the world. And many organizations are starting to turn toward System zTM and z/VM® after such discussions. The virtual machine operating system has over 40 years of experience as a hosting platform for servers, from the days of VM/SP, VM/XA, VM/ESA® and especially now with z/VM. With the consolidation of servers and conservative estimates that approximately seventy percent of all critical corporate data reside on System z, we find ourselves needing a highly secure environment for the support of this infrastructure. This document was written to assist z/VM support and security personnel in providing the enterprise with a safe, secure and manageable environment. This IBM® Redbooks® publication provides an overview of security and integrity provided by z/VM and the processes for the implementation and configuration of z/VM Security Server, z/VM LDAP Server, IBM Tivoli® Directory Server for z/OS®, and Linux® on System z with PAM for LDAP authentication. Sample scenarios with RACF® database sharing between z/VM and z/OS, or through Tivoli Directory Integrator to synchronize LDAP databases, are also discussed in this book. This book provides information about configuration and usage of Linux on System z with the System z Cryptographic features documenting their hardware and software configuration. The Consul zSecure Pro Suite is also part of this document: this product helps to control and audit security not only on one system, but can be used as a single point of enterprise wide security control. This document covers the installation and configuration of this product and detailed information is presented on how z/Consul can be used to collect and analyze z/VM security data and how it can be helpful in the administration of your audit data.

ABCs of z/OS System Programming: Volume 4

ABCs of z/OS System Programming: Volume 4 PDF Author: Paul Rogers
Publisher: IBM Redbooks
ISBN: 073843499X
Category : Computers
Languages : en
Pages : 222

Get Book Here

Book Description
This IBM® Redbooks® publication describes the functions of z/OS® Communications Server. z/OS Communications Server provides a set of communications protocols that support peer-to-peer connectivity functions for both local and wide-area networks, including the most popular wide-area network, the Internet. z/OS Communications Server also provides performance enhancements that can benefit a variety of TCP/IP applications. z/OS Communications Server provides both SNA and TCP/IP networking protocols for z/OS. The SNA protocols are provided by VTAM® and include Subarea, Advanced Peer-to-Peer Networking, and High Performance Routing protocols. z/OS Communications Server exploits z/OS UNIX® services even for traditional MVSTM environments and applications. Prior to utilizing TCP/IP services, therefore, a full-function mode z/OS UNIX environment including a Data Facility Storage Management Subsystem (DFSMSdfp), a z/OS UNIX file system, and a security product (such as Resource Access Control Facility, or RACF®) must be defined and active before z/OS Communications Server can be started successfully. The ABCs of z/OS System Programming is a 13-volume collection that provides an introduction to the z/OS operating system and the hardware architecture. Whether you are a beginner or an experienced system programmer, the ABCs collection provides the information that you need to start your research into z/OS and related subjects. If you want to become more familiar with z/OS in your current environment, or if you are evaluating platforms to consolidate your e-business applications, the ABCs collection will serve as a powerful technical tool. The contents of the volumes are as follows: Volume 1: Introduction to z/OS and storage concepts, TSO/E, ISPF, JCL, SDSF, and z/OS delivery and installation Volume 2: z/OS implementation and daily maintenance, defining subsystems, JES2 and JES3, LPA, LNKLST, authorized libraries, SMP/E, Language Environment® Volume 3: Introduction to DFSMS, data set basics storage management hardware and software, catalogs, and DFSMStvs Volume 4: Communication Server, TCP/IP, and VTAM Volume 5: Base and Parallel Sysplex®, System Logger, Resource Recovery Services (RRS), global resource serialization (GRS), z/OS system operations, automatic restart management (ARM), Geographically Dispersed Parallel SysplexTM (GDPS®) Volume 6: Introduction to security, RACF, Digital certificates and PKI, Kerberos, cryptography and z990 integrated cryptography, zSeries® firewall technologies, LDAP, and Enterprise identity mapping (EIM) Volume 7: Printing in a z/OS environment, Infoprint Server and Infoprint Central Volume 8: An introduction to z/OS problem diagnosis Volume 9: z/OS UNIX System Services Volume 10: Introduction to z/Architecture®, zSeries processor design, zSeries connectivity, LPAR concepts, HCD, and HMC Volume 11: Capacity planning, performance management, RMFTM, and SMF Volume 12: WLM Volume 13: JES3