IBM Security Solutions Architecture for Network, Server and Endpoint


Book Description

Threats come from a variety of sources. Insider threats, as well as malicious hackers, are not only difficult to detect and prevent, but many times the authors of these threats are using resources without anybody being aware that those threats are there. Threats would not be harmful if there were no vulnerabilities that could be exploited. With IT environments becoming more complex every day, the challenges to keep an eye on all potential weaknesses are skyrocketing. Smart methods to detect threats and vulnerabilities, as well as highly efficient approaches to analysis, mitigation, and remediation, become necessary to counter a growing number of attacks against networks, servers, and endpoints in every organization. In this IBM® Redbooks® publication, we examine the aspects of the holistic Threat and Vulnerability Management component in the Network, Server and Endpoint domain of the IBM Security Framework. We explain the comprehensive solution approach, identify business drivers and issues, and derive corresponding functional and technical requirements, which enables us to choose and create matching security solutions. We discuss IBM Security Solutions for Network, Server and Endpoint to effectively counter threats and attacks using a range of protection technologies and service offerings. Using two customer scenarios, we apply the solution design approach and show how to address the customer requirements by identifying the corresponding IBM service and software products.




DataPower SOA Appliance Administration, Deployment, and Best Practices


Book Description

This IBM® Redbooks® publication focuses on operational and managerial aspects for DataPower® appliance deployments. DataPower appliances provide functionality that crosses both functional and organizational boundaries, which introduces unique management and operational challenges. For example, a DataPower appliance can provide network functionality, such as load balancing, and at the same time, provide enterprise service bus (ESB) capabilities, such as transformation and intelligent content-based routing. This IBM Redbooks publication provides guidance at both a general and technical level for individuals who are responsible for planning, installation, development, and deployment. It is not intended to be a "how-to" guide, but rather to help educate you about the various options and methodologies that apply to DataPower appliances. In addition, many chapters provide a list of suggestions.




IBM z/OS V2R1 Communications Server TCP/IP Implementation Volume 4: Security and Policy-Based Networking


Book Description

For more than 40 years, IBM® mainframes have supported an extraordinary portion of the world's computing work, providing centralized corporate databases and mission-critical enterprise-wide applications. IBM System z®, the latest generation of the IBM distinguished family of mainframe systems, has come a long way from its IBM System/360 heritage. Likewise, its IBM z/OS® operating system is far superior to its predecessors in providing, among many other capabilities, world-class and state-of-the-art support for the TCP/IP Internet protocol suite. TCP/IP is a large and evolving collection of communication protocols managed by the Internet Engineering Task Force (IETF), an open, volunteer organization. Because of its openness, the TCP/IP protocol suite has become the foundation for the set of technologies that form the basis of the Internet. The convergence of IBM mainframe capabilities with Internet technology, connectivity, and standards (particularly TCP/IP) is dramatically changing the face of information technology and driving requirements for ever more secure, scalable, and highly available mainframe TCP/IP implementations. The IBM z/OS Communications Server TCP/IP Implementation series provides understandable, step-by-step guidance about how to enable the most commonly used and important functions of z/OS Communications Server TCP/IP. This IBM Redbooks® publication is for people who install and support z/OS Communications Server. It explains how to set up security for your z/OS networking environment. Network security requirements have become more stringent and complex. Because many transactions are from unknown users and untrusted networks, careful attention must be given to host and user authentication, data privacy, data origin authentication, and data integrity. Also, because security technologies are complex and can be confusing, we include helpful tutorial information in the appendixes of this book.




Integration Throughout and Beyond the Enterprise


Book Description

Throughout the history of the IT industry, integration has been an important part of most projects. Whether it is integration of transactions, data, or processes, each has challenges and associated patterns and antipatterns. In an age of mobile devices, social networks, and cloud services, and big data analytics, integration is more important than ever, but the scope of the challenge for IT projects has changed. Partner APIs, social networks, physical sensors and devices, all of these and more are important sources of capability or insight. It is no longer sufficient to integrate resources under control of the enterprise, because many important resources are in the ecosystem beyond enterprise boundaries. With this as the basic tenet, we address these questions: What are the current integration patterns that help enterprises become and remain competitive? How do you choose when to use which pattern? What is the topology for a "composable business"? And how do you accelerate the process of implementation through intelligent choice of supporting integration middleware? This IBM® Redbooks® publication guides integration practitioners and architects in choosing integration patterns and technologies.




DataPower SOA Appliance Service Planning, Implementation, and Best Practices


Book Description

This IBM® Redbooks® publication will help you to better understand the effective use of the WebSphere® DataPower® family of appliances. It provides guidance on the best methods identified to date for building the various components that implement solutions, such as handling MQ-based message flows or creating authentication and authorization policies. The information and recommendations in this publication are the result of real world experiences using the appliances. Such experience shows that taking the time to plan a solution implementation before beginning the work yields the greatest savings in time and energy and the highest quality outcome. This publication begins with a checklist of items to consider when planning a DataPower solution. This publication is intended to provide answers or guidance to implementation problems often encountered by users of the appliance. This book is not intended to present complete solutions or templates because experience shows that every customer uses the appliance in their own unique environment with unique requirements. Thus, this publication provides a compendium of information about particular aspects of a solution. Use the Table of Contents or Index to find your current issue, and return to this publication when the next issue or question arises. Refer to the related IBM Redbooks publication entitled DataPower SOA Appliance Administration, Deployment, and Best Practices, SG24-7901 for more information.




IBM z/OS V2R2 Communications Server TCP/IP Implementation: Volume 4 Security and Policy-Based Networking


Book Description

For more than 50 years, IBM® mainframes have supported an extraordinary portion of the world's computing work, providing centralized corporate databases, and mission-critical enterprise-wide applications. IBM z® Systems, the latest generation of the IBM distinguished family of mainframe systems, has come a long way from its IBM System/360 heritage. Likewise, its IBM z/OS® operating system is far superior to its predecessors in providing, among many other capabilities, world-class and state-of-the-art support for the TCP/IP Internet protocol suite. TCP/IP is a large and evolving collection of communication protocols managed by the Internet Engineering Task Force (IETF), an open, volunteer organization. Because of its openness, the TCP/IP protocol suite has become the foundation for the set of technologies that form the basis of the Internet. The convergence of IBM mainframe capabilities with Internet technology, connectivity, and standards (particularly TCP/IP) is dramatically changing the face of information technology and driving requirements for ever more secure, scalable, and highly available mainframe TCP/IP implementations. The IBM z/OS Communications Server TCP/IP Implementation series provides understandable, step-by-step guidance about how to enable the most commonly used and important functions of z/OS Communications Server TCP/IP. This IBM Redbooks® publication is for people who install and support z/OS Communications Server. It explains how to set up security for your z/OS networking environment. With the advent of TCP/IP and the Internet, network security requirements have become more stringent and complex. Because many transactions are from unknown users and untrusted networks such as the Internet, careful attention must be given to host and user authentication, data privacy, data origin authentication, and data integrity. Also, because security technologies are complex and can be confusing, we include helpful tutorial information in the appendixes of this book. For more information about z/OS Communications Server base functions, standard applications, and high availability, see the other following volumes in the series: IBM z/OS V2R2 Communications Server TCP/IP Implementation Volume 1: Base Functions, Connectivity, and Routing, SG24-8360 IBM z/OS V2R2 Communications Server TCP/IP Implementation Volume 2: Standard Applications, SG24-8361 IBM z/OS V2R2 Communications Server TCP/IP Implementation Volume 3: High Availability, Scalability, and Performance, SG24-8362 This book does not duplicate the information in these publications. Instead, it complements those publications with practical implementation scenarios that might be useful in your environment. For more information about at what level a specific function was introduced, see z/OS Communications Server: New Function Summary, GC31-8771.




IBM z/OS V1R12 Communications Server TCP/IP Implementation: Volume 4 Security and Policy-Based Networking


Book Description

For more than 40 years, IBM® mainframes have supported an extraordinary portion of the world's computing work, providing centralized corporate databases and mission-critical enterprise-wide applications. The IBM System z® provides world class and state-of-the-art support for the TCP/IP Internet protocol suite. TCP/IP is a large and evolving collection of communication protocols managed by the Internet Engineering Task Force (IETF), an open, volunteer, organization. Because of its openness, the TCP/IP protocol suite has become the foundation for the set of technologies that form the basis of the Internet. The convergence of IBM mainframe capabilities with Internet technology, connectivity, and standards (particularly TCP/IP) is dramatically changing the face of information technology and driving requirements for ever more secure, scalable, and highly available mainframe TCP/IP implementations. The IBM z/OS® Communications Server TCP/IP Implementation series provides understandable, step-by-step guidance about how to enable the most commonly used and important functions of z/OS Communications Server TCP/IP. This IBM Redbooks® publication explains how to set up security for the z/OS networking environment. Network security requirements have become more stringent and complex. Because many transactions come from unknown users and untrusted networks, careful attention must be given to host and user authentication, data privacy, data origin authentication, and data integrity. We also include helpful tutorial information in the appendixes of this book because security technologies can be quite complex, For more specific information about z/OS Communications Server base functions, standard applications, and high availability, refer to the other volumes in the series.




IBM z/OS V1R13 Communications Server TCP/IP Implementation: Volume 4 Security and Policy-Based Networking


Book Description

For more than 40 years, IBM® mainframes have supported an extraordinary portion of the world's computing work, providing centralized corporate databases and mission-critical enterprise-wide applications. The IBM System z®, the latest generation of the IBM distinguished family of mainframe systems, has come a long way from its IBM System/360 heritage. Likewise, its IBM z/OS® operating system is far superior to its predecessors in providing, among many other capabilities, world-class and state-of-the-art support for the TCP/IP Internet protocol suite. TCP/IP is a large and evolving collection of communication protocols managed by the Internet Engineering Task Force (IETF), an open, volunteer organization. Because of its openness, the TCP/IP protocol suite has become the foundation for the set of technologies that form the basis of the Internet. The convergence of IBM mainframe capabilities with Internet technology, connectivity, and standards (particularly TCP/IP) is dramatically changing the face of information technology and driving requirements for even more secure, scalable, and highly available mainframe TCP/IP implementations. The IBM z/OS Communications Server TCP/IP Implementation series provides understandable, step-by-step guidance about how to enable the most commonly used and important functions of z/OS Communications Server TCP/IP. This IBM Redbooks® publication explains how to set up security for the z/OS networking environment. Network security requirements have become more stringent and complex. Because many transactions come from unknown users and untrusted networks, careful attention must be given to host and user authentication, data privacy, data origin authentication, and data integrity. We also include helpful tutorial information in the appendixes of this book because security technologies can be quite complex.




IBM z/OS V1R11 Communications Server TCP/IP Implementation Volume 4: Security and Policy-Based Networking


Book Description

Note: This PDF is over 900 pages, so when you open it with Adobe Reader and then do a "Save As", the save process could time out. Instead, right-click on the PDF and select "Save Target As". For more than 40 years, IBM® mainframes have supported an extraordinary portion of the world's computing work, providing centralized corporate databases and mission-critical enterprise-wide applications. The IBM System z®, the latest generation of the IBM distinguished family of mainframe systems, has come a long way from its IBM System/360 heritage. Likewise, its IBM z/OS® operating system is far superior to its predecessors, providing, among many other capabilities, world-class, state-of-the-art, support for the TCP/IP Internet protocol suite. TCP/IP is a large and evolving collection of communication protocols managed by the Internet Engineering Task Force (IETF), an open, volunteer, organization. Because of its openness, the TCP/IP protocol suite has become the foundation for the set of technologies that form the basis of the Internet. The convergence of IBM mainframe capabilities with Internet technology, connectivity, and standards (particularly TCP/IP) is dramatically changing the face of information technology and driving requirements for ever more secure, scalable, and highly available mainframe TCP/IP implementations. The IBM z/OS Communications Server TCP/IP Implementation series provides understandable, step-by-step guidance about how to enable the most commonly used and important functions of z/OS Communications Server TCP/IP. This IBM Redbooks® publication explains how to set up security for your z/OS networking environment. With the advent of TCP/IP and the Internet, network security requirements have become more stringent and complex. Because many transactions come from unknown users and from untrusted networks such as the Internet, careful attention must be given to host and user authentication, data privacy, data origin authentication, and data integrity. Also, because security technologies are complex and can be confusing, we include helpful tutorial information in the appendixes of this book. For more specific information about z/OS Communications Server base functions, standard applications, and high availability, refer to the other volumes in the series: "IBM z/OS V1R11 Communications Server TCP/IP Implementation Volume 1: Base Functions, Connectivity, and Routing," SG24-7798 "IBM z/OS V1R11 Communications Server TCP/IP Implementation Volume 2: Standard Applications," SG24-7799 "IBM z/OS V1R11 Communications Server TCP/IP Implementation Volume 3: High Availability, Scalability, and Performance," SG24-7800 In addition, "z/OS Communications Server: IP Configuration Guide," SC31-8775, "z/OS Communications Server: IP Configuration Reference," SC31-8776, and "z/OS Communications Server: IP User's Guide and Commands," SC31-8780, contain comprehensive descriptions of the individual parameters for setting up and using the functions that we describe in this book. They also include step-by-step checklists and supporting examples. It is not the intent of this book to duplicate the information in those publications, but to complement them with practical implementation scenarios that might be useful in your environment. To determine at what level a specific function was introduced, refer to "z/OS Communications Server: New Function Summary," GC31-8771.