Security for Linux on System z

An IBM Redbooks publication

Published 10 January 2013

Authors: Lydia Parziale, Jonathan Barney, Vic Cross, William Johnston, Eduardo Kienetz, Eric Marins, Nilesh Patel, Sri Venkatesen


No IT server platform is 100% secure and useful at the same time. If your server is installed in a secure vault, three floors underground in a double-locked room, not connected to any network and switched off, one would say it was reasonably secure, but it would be a stretch to call it useful.

This IBM® Redbooks® publication is about switching on the power to your Linux® on System z® server, connecting it to the data and to the network, and letting users have access to this formidable resource space in a secure, controlled, and auditable fashion to make sure the System z server and Linux are useful to your business. As the quotation illustrates, the book is also about ensuring that, before you start designing a security solution, you understand what the solution has to achieve.

The base for a secure system is tightly related to the way the architecture and virtualization has been implemented on IBM System z. Since its inception 45 years ago, the architecture has been continuously developed to meet the increasing demands for a more secure and stable platform.

This book is intended for system engineers and security administrators who want to customize a Linux on System z environment to meet strict security, audit, and control regulations.
For additional information, there is a tech note that describes the best practices for securing your network. It can be found at:

Table of contents

Chapter 1. Introduction
Chapter 2. The z/VM security management support utilities
Chapter 3. Configuring and using the z/VM LDAP server
Chapter 4. Authentication and access control
Chapter 5. Cryptographic hardware
Chapter 6. Physical and infrastructure security on System z
Chapter 7. Best practices
Appendix A. Using z/OS features in a Linux environment
Appendix B. z/VSE Security and Linux on System z
Appendix C. Additional material

Follow IBM Redbooks

Follow IBM Redbooks