Maximizing Security on LinuxONE
A draft IBM Redpaper publication
Updated 01 July 2020
IBM Form #: REDP-5535-01
Rate and comment
Authors: Lydia Parziale, Leticia Alexander, Yongkook Kim, Rushir Patel, Narjisse Zaki
LinuxONE is a hardware system that is designed to support and exploit the Linux operating system based on the value of its unique underlying architecture. LinuxONE can be used within a private and multi-cloud environment to support a range of workloads and service a variety of needs. On LinuxONE, security is built into both the hardware and software.
This IBM® Redpaper publication gives a broad understanding of how to leverage the various security features that exploit and complement the LinuxONE hardware security features, such as these:
- Hardware accelerated encryption of data, which is delivered with near-zero overhead by the on-chip Central Processor Assist for Cryptographic Function (CPACF) and a dedicated Crypto Express adapter.
- Virtualization and industry-leading isolation capabilities with PR/SM, EAL 5+ LPARs, DPM, KVM, and IBM z/VM®.
- The IBM Secure Service Container technology, which provides workload isolation, restricted administrator access, and tamper protection against internal threats, including from systems administrators.
- Other technologies that exploit LinuxONE security capabilities and deeper dives into practical use cases for these technologies.
This IBM Redpaper publication was written for IT executives, architects, specialists, security administrators, and others who consider security for LinuxONE.
Table of contents
These pages are Web versions of IBM Redbooks- and Redpapers-in-progress. They are published here for those who need the information now and may contain spelling, layout and grammatical errors. This material has not been submitted to any formal IBM test and is published AS IS. It has not been the subject of rigorous review. Your feedback is welcomed to improve the usefulness of the material to others.
Follow IBM Redbooks
Follow IBM Redbooks