Communications Server for z/OS V1R9 TCP/IP Implementation Volume 4: Security and Policy-Based Networking

An IBM Redbooks publication


Abstract

This Communications Server (CS) for z/OS TCP/IP Implementation series provides easy-to-understand, step-by-step how-to guidance on enabling the most commonly used and important functions of CS for z/OS TCP/IP.

With the advent of TCP/IP and the Internet, network security requirements have become more stringent and complex. Because many transactions come from untrusted networks such as the Internet, and from unknown users, careful attention must be given to host and user authentication, data privacy, data origin authentication, and data integrity. In addition, there are certain applications shipped with TCP/IP such as File Transfer Protocol (FTP) that, without proper configuration and access controls in place, could allow unauthorized users access to system resources and data.

This IBM Redbooks® publication explains how to set up security for your z/OS networking environment. For more specific information about CS for z/OS base functions, standard applications, and high availability, refer to the other volumes in the series. These are:


  • "Communications Server for z/OS V1R9 TCP/IP Implementation, Volume 1: Base Functions, Connectivity, and Routing," SG24-7532
  • "Communications Server for z/OS V1R9 TCP/IP Implementation, Volume 2: Standard Applications," SG24-7533
  • "Communications Server for z/OS V1R9 TCP/IP Implementation, Volume 3: High Availability, Scalability, and Performance," SG24-7534

Table of contents

Part 1. SAF-based security
Chapter 1. RACF demystified
Chapter 2. Protecting network resources
Part 2. Working with digital certificates
Chapter 3. Certificate management in z/OS
Chapter 4. Network Security Services
Part 3. Policy-based networking
Chapter 5. Policy Agent
Chapter 6. Central Policy Server
Chapter 7. Quality of Service
Chapter 8. IP filtering
Chapter 9. IP Security
Chapter 10. Network Address Translation traversal support
Chapter 11. Application Transparent Transport Layer Security
Chapter 12. Intrusion Detection Services
Chapter 13. Policy-based routing
Part 4. Application-based security
Chapter 14. Telnet security
Chapter 15. Secure File Transfer Protocol
Part 5. Appendixes
Appendix A. Basic cryptography
Appendix B. Telnet security: advanced settings
Appendix C. Configuring IPSec between z/OS and Windows
Appendix D. zIIP Assisted IPSec
Appendix E. Our implementation environment




Profile

Publish Date
01 July 2008

Last Update
26 April 2010


Rating:
(based on 21 reviews)


Author(s)

ISBN-10
0738485055

ISBN-13
9780738485058

IBM Form Number
SG24-7535-00

Number of pages
794