Reduce Risk and Improve Security on IBM Mainframes: Volume 2 Mainframe Communication and Networking Security

Reduce Risk and Improve Security on IBM Mainframes: Volume 2 Mainframe Communication and Networking Security

Author: Axel Buecker

Publisher: IBM Redbooks

Published: 2015-09-25

Total Pages: 188

ISBN-13: 0738440949

DOWNLOAD EBOOK

This IBM® Redbooks® publication documents the strength and value of the IBM security strategy with IBM z Systems hardware and software (referred to in this book by the previous product name, IBM System z®). In an age of increasing security consciousness and more dangerous and advanced persistent threats, System z provides the capabilities to address today's business security challenges. This book explores how System z hardware is designed to provide integrity, process isolation, and cryptographic capability to help address security requirements. We highlight the features of IBM z/OS® and other operating systems that offer a variety of customizable security elements. We also describe z/OS and other operating systems and additional software that use the building blocks of System z hardware to meet business security needs. We explore these from the perspective of an enterprise security architect and how a modern mainframe must fit into an enterprise security architecture. This book is part of a three-volume series that focuses on guiding principles for optimized mainframe security configuration within a holistic enterprise security architecture. The intended audience includes enterprise security architects, planners, and managers who are interested in exploring how the security design and features of the System z platform, the z/OS operating system, and associated software address current issues, such as data encryption, authentication, authorization, network security, auditing, ease of security administration, and monitoring.


Reduce Risk and Improve Security on IBM Mainframes: Volume 3 Mainframe Subsystem and Application Security

Reduce Risk and Improve Security on IBM Mainframes: Volume 3 Mainframe Subsystem and Application Security

Author: Axel Buecker

Publisher: IBM Redbooks

Published: 2015-11-02

Total Pages: 200

ISBN-13: 0738441023

DOWNLOAD EBOOK

This IBM® Redbooks® publication documents the strength and value of the IBM security strategy with IBM zTM Systems hardware and software. In an age of increasing security consciousness and more and more dangerous advanced persistent threats, IBM z SystemsTM provides the capabilities to address the needs of today's business security challenges. This publication explores how z Systems hardware is designed to provide integrity, process isolation, and cryptographic capability to help address security requirements. We highlight the features of IBM z/OS® and other operating systems, which offer a variety of customizable security elements. We discuss z/OS and other operating systems and additional software that use the building blocks of z Systems hardware to provide solutions to business security needs. We also explore the perspective from the view of an enterprise security architect and how a modern mainframe has to fit into an overarching enterprise security architecture. This book is part of a three-volume series that focuses on guiding principles for optimized mainframe security configuration within a holistic enterprise security architecture. The series' intended audience includes enterprise security architects, planners, and managers who are interested in exploring how the security design and features of z Systems, the z/OS operating system, and associated software address current issues such as data encryption, authentication, authorization, network security, auditing, ease of security administration, and monitoring.


Reduce Risk and Improve Security on IBM Mainframes: Volume 1 Architecture and Platform Security

Reduce Risk and Improve Security on IBM Mainframes: Volume 1 Architecture and Platform Security

Author: Axel Buecker

Publisher: IBM Redbooks

Published: 2016-03-22

Total Pages: 332

ISBN-13: 0738440108

DOWNLOAD EBOOK

This IBM® Redbooks® publication documents the strength and value of the IBM security strategy with IBM System z® hardware and software. In an age of increasing security consciousness, IBM System z provides the capabilities to address the needs of today's business security challenges. This publication explores how System z hardware is designed to provide integrity, process isolation, and cryptographic capability to help address security requirements. This book highlights the features of IBM z/OS® and other operating systems, which offer various customizable security elements under the Security Server and Communication Server components. This book describes z/OS and other operating systems and additional software that leverage the building blocks of System z hardware to provide solutions to business security needs. This publication's intended audience is technical architects, planners, and managers who are interested in exploring how the security design and features of System z, the z/OS operating system, and associated software address current issues, such as data encryption, authentication, authorization, network security, auditing, ease of security administration, and monitoring.


IBM z/OS Mainframe Security and Audit Management Using the IBM Security zSecure Suite

IBM z/OS Mainframe Security and Audit Management Using the IBM Security zSecure Suite

Author: Axel Buecker

Publisher: IBM Redbooks

Published: 2011-08-18

Total Pages: 494

ISBN-13: 0738435880

DOWNLOAD EBOOK

Every organization has a core set of mission-critical data that must be protected. Security lapses and failures are not simply disruptions—they can be catastrophic events, and the consequences can be felt across the entire organization. As a result, security administrators face serious challenges in protecting the company's sensitive data. IT staff are challenged to provide detailed audit and controls documentation at a time when they are already facing increasing demands on their time, due to events such as mergers, reorganizations, and other changes. Many organizations do not have enough experienced mainframe security administrators to meet these objectives, and expanding employee skillsets with low-level mainframe security technologies can be time-consuming. The IBM® Security zSecure suite consists of multiple components designed to help you administer your mainframe security server, monitor for threats, audit usage and configurations, and enforce policy compliance. Administration, provisioning, and management components can significantly reduce administration, contributing to improved productivity, faster response time, and reduced training time needed for new administrators. This IBM Redbooks® publication is a valuable resource for security officers, administrators, and architects who wish to better understand their mainframe security solutions.


Introduction to the New Mainframe: Security

Introduction to the New Mainframe: Security

Author: Rica Weller

Publisher: IBM Redbooks

Published: 2007-04-26

Total Pages: 550

ISBN-13: 0738489646

DOWNLOAD EBOOK

This book provides students of information systems with the background knowledge and skills necessary to begin using the basic security facilities of IBM System z. It enables a broad understanding of both the security principles and the hardware and software components needed to insure that the mainframe resources and environment are secure. It also explains how System z components interface with some non-System z components. A multi-user, multi-application, multi-task environment such as System z requires a different level of security than that typically encountered on a single-user platform. In addition, when a mainframe is connected in a network to other processors, a multi-layered approach to security is recommended. Students are assumed to have successfully completed introductory courses in computer system concepts. Although this course looks into all the operating systems on System z, the main focus is on IBM z/OS. Thus, it is strongly recommended that students have also completed an introductory course on z/OS. Others who will benefit from this course include experienced data processing professionals who have worked with non-mainframe-based platforms, as well as those who are familiar with some aspects of the mainframe environment or applications but want to learn more about the security and integrity facilities and advantages offered by the mainframe environment.


ABCs of z/OS System Programming: Volume 4

ABCs of z/OS System Programming: Volume 4

Author: Paul Rogers

Publisher: IBM Redbooks

Published: 2011-02-10

Total Pages: 222

ISBN-13: 073843499X

DOWNLOAD EBOOK

This IBM® Redbooks® publication describes the functions of z/OS® Communications Server. z/OS Communications Server provides a set of communications protocols that support peer-to-peer connectivity functions for both local and wide-area networks, including the most popular wide-area network, the Internet. z/OS Communications Server also provides performance enhancements that can benefit a variety of TCP/IP applications. z/OS Communications Server provides both SNA and TCP/IP networking protocols for z/OS. The SNA protocols are provided by VTAM® and include Subarea, Advanced Peer-to-Peer Networking, and High Performance Routing protocols. z/OS Communications Server exploits z/OS UNIX® services even for traditional MVSTM environments and applications. Prior to utilizing TCP/IP services, therefore, a full-function mode z/OS UNIX environment including a Data Facility Storage Management Subsystem (DFSMSdfp), a z/OS UNIX file system, and a security product (such as Resource Access Control Facility, or RACF®) must be defined and active before z/OS Communications Server can be started successfully. The ABCs of z/OS System Programming is a 13-volume collection that provides an introduction to the z/OS operating system and the hardware architecture. Whether you are a beginner or an experienced system programmer, the ABCs collection provides the information that you need to start your research into z/OS and related subjects. If you want to become more familiar with z/OS in your current environment, or if you are evaluating platforms to consolidate your e-business applications, the ABCs collection will serve as a powerful technical tool. The contents of the volumes are as follows: Volume 1: Introduction to z/OS and storage concepts, TSO/E, ISPF, JCL, SDSF, and z/OS delivery and installation Volume 2: z/OS implementation and daily maintenance, defining subsystems, JES2 and JES3, LPA, LNKLST, authorized libraries, SMP/E, Language Environment® Volume 3: Introduction to DFSMS, data set basics storage management hardware and software, catalogs, and DFSMStvs Volume 4: Communication Server, TCP/IP, and VTAM Volume 5: Base and Parallel Sysplex®, System Logger, Resource Recovery Services (RRS), global resource serialization (GRS), z/OS system operations, automatic restart management (ARM), Geographically Dispersed Parallel SysplexTM (GDPS®) Volume 6: Introduction to security, RACF, Digital certificates and PKI, Kerberos, cryptography and z990 integrated cryptography, zSeries® firewall technologies, LDAP, and Enterprise identity mapping (EIM) Volume 7: Printing in a z/OS environment, Infoprint Server and Infoprint Central Volume 8: An introduction to z/OS problem diagnosis Volume 9: z/OS UNIX System Services Volume 10: Introduction to z/Architecture®, zSeries processor design, zSeries connectivity, LPAR concepts, HCD, and HMC Volume 11: Capacity planning, performance management, RMFTM, and SMF Volume 12: WLM Volume 13: JES3


IBM z/OS V2R2: Security

IBM z/OS V2R2: Security

Author: Keith Winnard

Publisher: IBM Redbooks

Published: 2015-12-17

Total Pages: 52

ISBN-13: 0738441279

DOWNLOAD EBOOK

This IBM® Redbooks® publication helps you to become familiar with the technical changes that were introduced to the security areas with IBM z/OS® V2R2. The following chapters are included: - Chapter 1, "RACF updates" on page 1: In this chapter, we describe the read-only auditor attribute, password security enhancements, RACDCERT (granular certificate administration), UNIX search authority, and RACF Remote sharing facility (RRSF). - Chapter 2, "LDAP updates" on page 13: In this chapter, we describe the activity log enhancements, compatibility level upgrade without LDAP outage, dynamic group performance enhancements, and replication of password policy attributes from a read-only replica. - Chapter 3, "PKI updates" on page 21: In this chapter, we describe the Network Authentication Service (KERBEROS) PKINIT, PKI nxm authorization, PKI OCSP enhancement, and RACDCERT (granular certificate administration) - Chapter 4, "z/OS UNIX search and file execution authority" on page 27: z/OS UNIX search authority, z/OS UNIX file execution, Examples for exploiting the new functions This book is one of a series of IBM Redbooks that take a modular approach to providing information about the updates that are included with z/OS V2R2. This approach has the following goals: - Provide modular content - Group the technical changes into a topic - Provide a more streamlined way of finding relevant information that is based on the topic We hope you find this approach useful and we welcome your feedback.


Getting Started with z/OS Data Set Encryption

Getting Started with z/OS Data Set Encryption

Author: Bill White

Publisher: IBM Redbooks

Published: 2021-12-10

Total Pages: 274

ISBN-13: 0738460222

DOWNLOAD EBOOK

This IBM® Redpaper Redbooks® publication provides a broad explanation of data protection through encryption and IBM Z® pervasive encryption with a focus on IBM z/OS® data set encryption. It describes how the various hardware and software components interact in a z/OS data set encryption environment. In addition, this book concentrates on the planning and preparing of the environment and offers implementation, configuration, and operational examples that can be used in z/OS data set encryption environments. This publication is intended for IT architects, system programmer, and security administrators who plan for, deploy, and manage security on the Z platform. The reader is expected to have a basic understanding of IBM Z security concepts.


ABCs of IBM z/OS System Programming Volume 1

ABCs of IBM z/OS System Programming Volume 1

Author: Lydia Parziale

Publisher: IBM Redbooks

Published: 2018-01-22

Total Pages: 118

ISBN-13: 0738442763

DOWNLOAD EBOOK

The ABCs of IBM® z/OS® System Programming is a 13-volume collection that provides an introduction to the z/OS operating system and the hardware architecture. Whether you are a beginner or an experienced system programmer, the ABCs collection provides the information that you need to start your research into z/OS and related subjects. Whether you want to become more familiar with z/OS in your current environment, or you are evaluating platforms to consolidate your online business applications, the ABCs collection will serve as a powerful technical tool. Volume 1 provides an updated understanding of the software and IBM zSeries architecture, and explains how it is used together with the z/OS operating system. This includes the main components of z/OS needed to customize and install the z/OS operating system. This edition has been significantly updated and revised.


Introduction to Storage Area Networks

Introduction to Storage Area Networks

Author: Jon Tate

Publisher: IBM Redbooks

Published: 2018-10-09

Total Pages: 302

ISBN-13: 0738442887

DOWNLOAD EBOOK

The superabundance of data that is created by today's businesses is making storage a strategic investment priority for companies of all sizes. As storage takes precedence, the following major initiatives emerge: Flatten and converge your network: IBM® takes an open, standards-based approach to implement the latest advances in the flat, converged data center network designs of today. IBM Storage solutions enable clients to deploy a high-speed, low-latency Unified Fabric Architecture. Optimize and automate virtualization: Advanced virtualization awareness reduces the cost and complexity of deploying physical and virtual data center infrastructure. Simplify management: IBM data center networks are easy to deploy, maintain, scale, and virtualize, delivering the foundation of consolidated operations for dynamic infrastructure management. Storage is no longer an afterthought. Too much is at stake. Companies are searching for more ways to efficiently manage expanding volumes of data, and to make that data accessible throughout the enterprise. This demand is propelling the move of storage into the network. Also, the increasing complexity of managing large numbers of storage devices and vast amounts of data is driving greater business value into software and services. With current estimates of the amount of data to be managed and made available increasing at 60% each year, this outlook is where a storage area network (SAN) enters the arena. SANs are the leading storage infrastructure for the global economy of today. SANs offer simplified storage management, scalability, flexibility, and availability; and improved data access, movement, and backup. Welcome to the cognitive era. The smarter data center with the improved economics of IT can be achieved by connecting servers and storage with a high-speed and intelligent network fabric. A smarter data center that hosts IBM Storage solutions can provide an environment that is smarter, faster, greener, open, and easy to manage. This IBM® Redbooks® publication provides an introduction to SAN and Ethernet networking, and how these networks help to achieve a smarter data center. This book is intended for people who are not very familiar with IT, or who are just starting out in the IT world.