End to End Security with z Systems


Book Description

This IBM® RedpaperTM provides a broad understanding of the components necessary to secure your IBM z Systems environment. It provides an end-to-end architectural reference document for a use case that employs both mobile and analytics. It also provides an end to end explanation of security on z Systems from the systems of record through the systems of engagement. Security is described in terms of transactions, covering what happens after a transaction hits the system of engagement and what needs to be in place from that moment forward. The audience for this paper is IT architects and those planning to use z Systems for their mobile and analytics environments.




Getting Started with z/OS Data Set Encryption


Book Description

This IBM® Redpaper Redbooks® publication provides a broad explanation of data protection through encryption and IBM Z® pervasive encryption with a focus on IBM z/OS® data set encryption. It describes how the various hardware and software components interact in a z/OS data set encryption environment. In addition, this book concentrates on the planning and preparing of the environment and offers implementation, configuration, and operational examples that can be used in z/OS data set encryption environments. This publication is intended for IT architects, system programmer, and security administrators who plan for, deploy, and manage security on the Z platform. The reader is expected to have a basic understanding of IBM Z security concepts.




Security and Linux on z Systems


Book Description

This IBM® RedpaperTM publication discusses security practices for running Linux on z Systems on the IBM z14. It examines the unique security and integrity features that the IBM Z platform brings to the enterprise. It also examines pervasive encryption and its role in protecting data at rest.




Security on z/VM


Book Description

Discussions about server sprawl, rising software costs, going green, or moving data centers to reduce the cost of business are held in many meetings or conference calls in many organizations throughout the world. And many organizations are starting to turn toward System zTM and z/VM® after such discussions. The virtual machine operating system has over 40 years of experience as a hosting platform for servers, from the days of VM/SP, VM/XA, VM/ESA® and especially now with z/VM. With the consolidation of servers and conservative estimates that approximately seventy percent of all critical corporate data reside on System z, we find ourselves needing a highly secure environment for the support of this infrastructure. This document was written to assist z/VM support and security personnel in providing the enterprise with a safe, secure and manageable environment. This IBM® Redbooks® publication provides an overview of security and integrity provided by z/VM and the processes for the implementation and configuration of z/VM Security Server, z/VM LDAP Server, IBM Tivoli® Directory Server for z/OS®, and Linux® on System z with PAM for LDAP authentication. Sample scenarios with RACF® database sharing between z/VM and z/OS, or through Tivoli Directory Integrator to synchronize LDAP databases, are also discussed in this book. This book provides information about configuration and usage of Linux on System z with the System z Cryptographic features documenting their hardware and software configuration. The Consul zSecure Pro Suite is also part of this document: this product helps to control and audit security not only on one system, but can be used as a single point of enterprise wide security control. This document covers the installation and configuration of this product and detailed information is presented on how z/Consul can be used to collect and analyze z/VM security data and how it can be helpful in the administration of your audit data.




Securing Your Cloud: IBM z/VM Security for IBM z Systems and LinuxONE


Book Description

As workloads are being offloaded to IBM® z SystemsTM based cloud environments, it is important to ensure that these workloads and environments are secure. This IBM Redbooks® publication describes the necessary steps to secure your environment for all of the components that are involved in a z Systems cloud infrastructure that uses IBM z/VM® and Linux on z Systems. The audience for this book is IT architects and those planning to use z Systems for their cloud environments.




Security for Linux on System z


Book Description

No IT server platform is 100% secure and useful at the same time. If your server is installed in a secure vault, three floors underground in a double-locked room, not connected to any network and switched off, one would say it was reasonably secure, but it would be a stretch to call it useful. This IBM® Redbooks® publication is about switching on the power to your Linux® on System z® server, connecting it to the data and to the network, and letting users have access to this formidable resource space in a secure, controlled, and auditable fashion to make sure the System z server and Linux are useful to your business. As the quotation illustrates, the book is also about ensuring that, before you start designing a security solution, you understand what the solution has to achieve. The base for a secure system is tightly related to the way the architecture and virtualization has been implemented on IBM System z. Since its inception 45 years ago, the architecture has been continuously developed to meet the increasing demands for a more secure and stable platform. This book is intended for system engineers and security administrators who want to customize a Linux on System z environment to meet strict security, audit, and control regulations. For additional information, there is a tech note that describes the best practices for securing your network. It can be found at: http://www.redbooks.ibm.com/abstracts/tips0981.html?Open




Swift in the Cloud


Book Description

Write and run Swift language programs in the Cloud Written by the team of developers that has helped bring the Swift language to Cloud computing, this is the definitive guide to writing and running Swift language programs for cloud environment. In Swift in the Cloud, you'll find full coverage of all aspects of creating and running Swift language applications in Cloud computing environments, complete with examples of real code that you can start running and experimenting with today. Since Apple introduced the Swift language in 2014, it has become one of the most rapidly adopted computer programming languages in history—and now you too can start benefitting from using the same programming language for all components of a scalable, robust business software solution. Create server applications using Swift and run them on pay-as-you-go cloud infrastructure Quickly write and test Swift code snippets in your own cloud sandbox Use Docker containers to deploy Swift applications into multiple cloud environments without having to change code Grasp the elements and structure of the Swift.org open technology project Find out how to avoid the complexities of runtime configuration by using Cloud Foundry buildpacks for Swift Build high performing web applications and REST APIs with an open source Swift based web server framework Scale up your cloud services by running Swift modules in an asynchronous, open source, 'serverless' cloud environment Whether you are already using Swift to build mobile applications or a seasoned web developer, Swift in the Cloud will help you leverage server-side Swift to power your next generation of applications.




IBM DS8870 Architecture and Implementation (Release 7.5)


Book Description

This IBM® Redbooks® publication describes the concepts, architecture, and implementation of the IBM DS8870. The WhitepaperRedpaperbook provides reference information to assist readers who need to plan for, install, and configure the DS8870. The IBM DS8870 is the most advanced model in the IBM DS8000® series and is equipped with IBM POWER7+TM based controllers. Various configuration options are available that scale from dual 2-core systems up to dual 16-core systems with up to 1 TB of cache. The DS8870 features an integrated High-Performance Flash Enclosure (HPFE) with flash cards that can deliver up to 250,000 IOPS and up to 3.4 GBps bandwidth. A High-Performance All-Flash configuration is also available. The DS8870 now features 16 Gbps host adapters. Connectivity options, with up to 128 Fibre Channel/IBM FICON® ports for host connections, make the DS8870 suitable for multiple server environments in open systems and IBM zTM Systems environments. DS8870 Release 7.5 brings new and enhanced IBM z SystemsTM synergy features. These features are covered in detail in IBM DS8870 and IBM z Systems Synergy, REDP-5186. The DS8870 supports advanced disaster recovery solutions, business continuity solutions, and thin provisioning. All disk drives in the DS8870 storage system have the Full Disk Encryption (FDE) feature. The DS8870 also can be integrated in a Lightweight Directory Access Protocol (LDAP) infrastructure. The DS8870 can automatically optimize the use of each storage tier, particularly flash drives and flash cards, through the IBM Easy Tier® feature, which is available at no extra charge. This edition applies the IBM DS8870 Release 7.5.




Reduce Risk and Improve Security on IBM Mainframes: Volume 1 Architecture and Platform Security


Book Description

This IBM® Redbooks® publication documents the strength and value of the IBM security strategy with IBM System z® hardware and software. In an age of increasing security consciousness, IBM System z provides the capabilities to address the needs of today's business security challenges. This publication explores how System z hardware is designed to provide integrity, process isolation, and cryptographic capability to help address security requirements. This book highlights the features of IBM z/OS® and other operating systems, which offer various customizable security elements under the Security Server and Communication Server components. This book describes z/OS and other operating systems and additional software that leverage the building blocks of System z hardware to provide solutions to business security needs. This publication's intended audience is technical architects, planners, and managers who are interested in exploring how the security design and features of System z, the z/OS operating system, and associated software address current issues, such as data encryption, authentication, authorization, network security, auditing, ease of security administration, and monitoring.




Securing Your Cloud: IBM Security for LinuxONE


Book Description

As workloads are being offloaded to IBM® LinuxONE based cloud environments, it is important to ensure that these workloads and environments are secure. This IBM Redbooks® publication describes the necessary steps to secure your environment from the hardware level through all of the components that are involved in a LinuxONE cloud infrastructure that use Linux and IBM z/VM®. The audience for this book is IT architects, IT Specialists, and those users who plan to use LinuxONE for their cloud environments.




Recent Books