Security on z/VM

Security on z/VM

Author: Paola Bari

Publisher: IBM Redbooks

Published: 2007-12-05

Total Pages: 348

ISBN-13: 0738488542

DOWNLOAD EBOOK

Discussions about server sprawl, rising software costs, going green, or moving data centers to reduce the cost of business are held in many meetings or conference calls in many organizations throughout the world. And many organizations are starting to turn toward System zTM and z/VM® after such discussions. The virtual machine operating system has over 40 years of experience as a hosting platform for servers, from the days of VM/SP, VM/XA, VM/ESA® and especially now with z/VM. With the consolidation of servers and conservative estimates that approximately seventy percent of all critical corporate data reside on System z, we find ourselves needing a highly secure environment for the support of this infrastructure. This document was written to assist z/VM support and security personnel in providing the enterprise with a safe, secure and manageable environment. This IBM® Redbooks® publication provides an overview of security and integrity provided by z/VM and the processes for the implementation and configuration of z/VM Security Server, z/VM LDAP Server, IBM Tivoli® Directory Server for z/OS®, and Linux® on System z with PAM for LDAP authentication. Sample scenarios with RACF® database sharing between z/VM and z/OS, or through Tivoli Directory Integrator to synchronize LDAP databases, are also discussed in this book. This book provides information about configuration and usage of Linux on System z with the System z Cryptographic features documenting their hardware and software configuration. The Consul zSecure Pro Suite is also part of this document: this product helps to control and audit security not only on one system, but can be used as a single point of enterprise wide security control. This document covers the installation and configuration of this product and detailed information is presented on how z/Consul can be used to collect and analyze z/VM security data and how it can be helpful in the administration of your audit data.


The Virtualization Cookbook for IBM Z Volume 1: IBM z/VM 7.2

The Virtualization Cookbook for IBM Z Volume 1: IBM z/VM 7.2

Author: Lydia Parziale

Publisher: IBM Redbooks

Published: 2021-07-15

Total Pages: 546

ISBN-13: 0738459720

DOWNLOAD EBOOK

This IBM® Redbooks® publication is volume one of five in a series of books entitled The Virtualization Cookbook for IBM Z. The series includes the following volumes: The Virtualization Cookbook for IBM z Systems® Volume 1: IBM z/VM® 7.2, SG24-8147 The Virtualization Cookbook for IBM Z Volume 2: Red Hat Enterprise Linux 8.2 Servers, SG24-8303 The Virtualization Cookbook for IBM z Systems Volume 3: SUSE Linux Enterprise Server 12, SG24-8890 The Virtualization Cookbook for IBM z Systems Volume 4: Ubuntu Server 16.04, SG24-8354 Virtualization Cookbook for IBM Z Volume 5: KVM, SG24-8463 It is recommended that you start with Volume 1 of this series because the IBM z/VM hypervisor is the foundation (or base "layer") for installing Linux on IBM Z®. This book series assumes that you are generally familiar with IBM Z technology and terminology. It does not assume an in-depth understanding of z/VM or Linux. It is written for individuals who want to start quickly with z/VM and Linux, and get virtual servers up and running in a short time (days, not weeks or months). Volume 1 starts with a solution orientation, discusses planning and security, and then, describes z/VM installation methods, configuration, hardening, automation, servicing, networking, optional features, and more. It adopts a "cookbook-style" format that provides a concise, repeatable set of procedures for installing, configuring, administering, and maintaining z/VM. This volume also includes a chapter on monitoring z/VM and the Linux virtual servers that are hosted. Volumes 2, 3, and 4 assume that you completed all of the steps that are described in Volume 1. From that common foundation, these volumes describe how to create your own Linux virtual servers on IBM Z hardware under IBM z/VM. The cookbook format continues with installing and customizing Linux. Volume 5 provides an explanation of the kernel-based virtual machine (KVM) on IBM Z and how it can use the z/Architecture®. It focuses on the planning of the environment and provides installation and configuration definitions that are necessary to build, manage, and monitor a KVM on Z environment. This publication applies to the supported Linux on Z distributions (Red Hat, SUSE, and Ubuntu).


Securing Your Cloud: IBM z/VM Security for IBM z Systems and LinuxONE

Securing Your Cloud: IBM z/VM Security for IBM z Systems and LinuxONE

Author: Lydia Parziale

Publisher: IBM Redbooks

Published: 2016-10-19

Total Pages: 196

ISBN-13: 073844202X

DOWNLOAD EBOOK

As workloads are being offloaded to IBM® z SystemsTM based cloud environments, it is important to ensure that these workloads and environments are secure. This IBM Redbooks® publication describes the necessary steps to secure your environment for all of the components that are involved in a z Systems cloud infrastructure that uses IBM z/VM® and Linux on z Systems. The audience for this book is IT architects and those planning to use z Systems for their cloud environments.


An Introduction to z/VM Single System Image (SSI) and Live Guest Relocation (LGR)

An Introduction to z/VM Single System Image (SSI) and Live Guest Relocation (LGR)

Author: Lydia Parziale

Publisher: IBM Redbooks

Published: 2016-03-31

Total Pages: 136

ISBN-13: 0738436623

DOWNLOAD EBOOK

IBM® z/VM® 6.2 introduces significant changes to z/VM in the form of multi-system clustering technology allowing up to four z/VM instances in a single system image (SSI) cluster. This technology is important, because it offers clients an attractive alternative to vertical growth by adding new z/VM systems. In the past, this capability required duplicate efforts to install, maintain, and manage each system. With SSI, these duplicate efforts are reduced or eliminated. Support for live guest relocation (LGR) allows you to move Linux virtual servers without disruption to the business, helping you to avoid planned outages. The z/VM systems are aware of each other and can take advantage of their combined resources. LGR enables clients to avoid loss of service due to planned outages by relocating guests from a system requiring maintenance to a system that remains active during the maintenance period. Together, the SSI and LGR technologies offer substantial client value, and they are a major departure from past z/VM practices. This IBM Redbooks® publication gives you a broad understanding of the new SSI architecture and an overview of LGR. We show an LGR example that shows a typical SAP user environment. In our example, the SAP Application Server Central Instance resides on a Linux on System z® guest and an IBM DB2® 10 database server runs on z/OS®. This book is written for IT architects, who design the systems, and IT specialists, who build the systems.


End to End Security with z Systems

End to End Security with z Systems

Author: Lydia Parziale

Publisher: IBM Redbooks

Published: 2015-04-03

Total Pages: 48

ISBN-13: 0738454192

DOWNLOAD EBOOK

This IBM® RedpaperTM provides a broad understanding of the components necessary to secure your IBM z Systems environment. It provides an end-to-end architectural reference document for a use case that employs both mobile and analytics. It also provides an end to end explanation of security on z Systems from the systems of record through the systems of engagement. Security is described in terms of transactions, covering what happens after a transaction hits the system of engagement and what needs to be in place from that moment forward. The audience for this paper is IT architects and those planning to use z Systems for their mobile and analytics environments.


Introduction to the New Mainframe: z/VM Basics

Introduction to the New Mainframe: z/VM Basics

Author: Lydia Parziale

Publisher: IBM Redbooks

Published: 2008-01-10

Total Pages: 468

ISBN-13: 0738488550

DOWNLOAD EBOOK

This textbook provides students with the background knowledge and skills necessary to begin using the basic functions and features of z/VM Version 5, Release 3. It is part of a series of textbooks designed to introduce students to mainframe concepts and help prepare them for a career in large systems computing. For optimal learning, students are assumed to be literate in personal computing and have some computer science or information systems background. Others who will benefit from this textbook include z/OS professionals who would like to expand their knowledge of other aspects of the mainframe computing environment. This course can be used as a prerequisite to understanding Linux on System z. After reading this textbook and working through the exercises, the student will have received a basic understanding of the following topics: The Series z Hardware concept and the history of the mainframe Virtualization technology in general and how it is exploited by z/VM Operating systems that can run as guest systems under z/VM z/VM components The z/VM control program and commands The interactive environment under z/VM, CMS and its commands z/VM planning and administration Implementing the networking capabilities of z/VM Tools to monitor the performance of z/VM systems and guest operating systems The REXX programming language and CMS pipelines Security issues when running z/VM


Security on IBM z/VSE

Security on IBM z/VSE

Author: Helmut Hellner

Publisher: IBM Redbooks

Published: 2018-06-14

Total Pages: 472

ISBN-13: 0738456918

DOWNLOAD EBOOK

One of a firm's most valuable resources is its data: client lists, accounting data, employee information, and so on. This critical data must be securely managed and controlled, and simultaneously made available to those users authorized to see it. The IBM® z/VSE® system features extensive capabilities to simultaneously share the firm's data among multiple users and protect them. Threats to this data come from various sources. Insider threats and malicious hackers are not only difficult to detect and prevent, they might be using resources with the business being unaware. This IBM Redbooks® publication was written to assist z/VSE support and security personnel in providing the enterprise with a safe, secure and manageable environment. This book provides an overview of the security that is provided by z/VSE and the processes for the implementation and configuration of z/VSE security components, Basic Security Manager (BSM), IBM CICS® security, TCP/IP security, single sign-on using LDAP, and connector security.


z/VM and Linux on IBM System z: The Virtualization Cookbook for SLES 11 SP1

z/VM and Linux on IBM System z: The Virtualization Cookbook for SLES 11 SP1

Author: Michael MacIsaac

Publisher: IBM Redbooks

Published: 2011-02-22

Total Pages: 300

ISBN-13: 0738435074

DOWNLOAD EBOOK

This IBM® Redbooks® publication describes how to create your own Linux® virtual servers on IBM System z® hardware under z/VM®. It adopts a cookbook format that provides a concise, repeatable set of procedures for installing and configuring z/VM in an LPAR and then installing and customizing Linux. You need an IBM System z logical partition (LPAR) with associated resources, z/VM 6.1 media, and SLES 11 SP1 Linux for System z. This book assumes that you have a general familiarity with System z technology and terminology. It does not assume an in-depth understanding of z/VM and Linux. It is written for those who want to get a quick start with z/VM and Linux on the mainframe.


z/VM and Linux on IBM System z: The Virtualization Cookbook for Red Hat Enterprise Linux 6.0

z/VM and Linux on IBM System z: The Virtualization Cookbook for Red Hat Enterprise Linux 6.0

Author: Michael MacIsaac

Publisher: IBM Redbooks

Published: 2011-02-18

Total Pages: 296

ISBN-13: 0738435104

DOWNLOAD EBOOK

This IBM® Redbooks® publication describes how to create Linux® virtual servers in IBM z/VM® on IBM System z® hardware. This book adopts a cookbook format that provides a concise, repeatable set of procedures for installing and configuring z/VM in a logical partition (LPAR) and then installing and customizing Linux. You need an IBM System z LPAR with the associated resources, z/VM V6.1 media, and a Linux distribution. This book assumes that you have a general familiarity with System z technology and terminology. It does not assume an in-depth understanding of z/VM and Linux. It is written for those clients who want to get a quick start with z/VM and Linux on the mainframe.


z/VM and Linux Operations for z/OS System Programmers

z/VM and Linux Operations for z/OS System Programmers

Author: Lydia Parziale

Publisher: IBM Redbooks

Published: 2008-10-28

Total Pages: 438

ISBN-13: 0738431591

DOWNLOAD EBOOK

This IBM Redbooks publication discusses z/VM and Linux operations from the perspective of the z/OS programmer or system programmer. Although other books have been written about many of these topics, this book gives enough information about each topic to describe z/VM and Linux on IBM System z operations to somebody who is new to both environments. This book is intended for z/OS programmers and system programmers who are transitioning to the z/VM and Linux on System z environments and who want a translation guide for assistance. We base this book on our experiences using System z10 Enterprise Edition, z/VM version 5.3 RSU 0701, and Novell SUSE Linux Enterprise Server (SLES) 10 on System z.