Linux on IBM eServer zSeries and S/390: Best Security Practices

An IBM Redbooks publication

Note: This is publication is now archived. For reference only.

thumbnail 

Published on May 21, 2004

  1. .PDF (2.9 MB)


Share this page:   

ISBN-10: 0738497665
ISBN-13: 9780738497662
IBM Form #: SG24-7023-00


Authors: Gregory Geiselhart, Ami Ehlenberger, Darius Fariborz, Jerry Lam, Neville Mendes, Carlos Ordonez, Luiz Carlos Santos and Karl-Erik Stenfors

    menu icon

    Abstract

    This IBM Redbooks publication discusses best security practices for running Linux as a z/VM guest on IBM eServer zSeries and S/390 machines. This publication is intended for system administrators and IT architects responsible for deploying secure Linux servers running under z/VM. We consider both z/VM and Linux security topics.

    We examine the unique security and integrity features zSeries offers for consolidating a large number Linux servers under z/VM. We discuss virtual machine isolation and command privileges assigned to VM guests. Security configuration options for z/VM Version 4.4 are explained.

    In this book, we also discuss Linux security topics. We examine options for hardening a Linux installation. Securing Linux network traffic using Secure Sockets Layer and Secure Shell is considered. We look at implementing a virtual private network using FreeS/WAN. Commercial firewall technology and implementation using the StoneGate firewall for zSeries is discussed. We examine using IBM Tivoli Access Manager in conjunction with an LDAP server running on z/OS to authenticate Linux users against a RACF running on z/OS.

    Table of Contents

    Chapter 1. Introduction

    Chapter 2. z/VM integrity and security

    Chapter 3. Hardening a Linux installation

    Chapter 4. Secure Sockets Layer and the Secure Shell

    Chapter 5. Implementing virtual private networks using FreeS/WAN

    Chapter 6. StoneGate firewall

    Chapter 7. Using z/OS features in a Linux environment

     

    Others who read this also read