Communications Server for z/OS V1R8 TCP/IP Implementation Volume 4: Policy-Based Network Security
An IBM Redbooks publication
Note: This is publication is now archived. For reference only.
Published on 19 January 2007
ISBN-10: 0738489824
ISBN-13: 9780738489827
IBM Form #: SG24-7342-00
Authors: Bill White, Adi Horowitz and Rudi Van Niekerk
This Communications Server (CS) for z/OS TCP/IP Implementation series provides easy-to-understand step-by-step how-to guidance on enabling the most commonly used and important functions of CS for z/OS TCP/IP.
With the advent of TCP/IP and the Internet, network security requirements have become more stringent and complex. Because many transactions come from untrusted networks such as the Internet, and from unknown users, careful attention must be given to host and user authentication, data privacy, data origin authentication, and data integrity. In addition, there are certain applications shipped with TCP/IP such as File Transfer Protocol (FTP) that, without proper configuration and access controls in place, could allow unauthorized
users access to system resources and data.
This IBM Redbooks publication explains how to set up security for your z/OS networking environment. For more specific information about CS for z/OS base functions, standard applications, and high availability, refer to the other volumes in the series. These are:
- Communications Server for z/OS V1R8 TCP/IP Implementation, Volume 1: Base Functions, Connectivity, and Routing, SG24-7339
- Communications Server for z/OS V1R8 TCP/IP Implementation, Volume 2: Standard Applications, SG24-7340
- Communications Server for z/OS V1R8 TCP/IP Implementation, Volume 3: High Availability, Scalability, and Performance, SG24-7341
Part 1. Policy-based networking
Chapter 1. Policy Agent
Chapter 2. IP filtering
Chapter 3. IP Security
Chapter 4. Network Address Translation support
Chapter 5. Application Transparent Transport Layer Security
Chapter 6. Intrusion Detection Services
Chapter 7. Quality of Service
Part 2. SAF-based security
Chapter 8. RACF demystified
Chapter 9. Protecting network resources
Appendix A. Basic cryptography
Appendix B. Tools for application security
Appendix C. Certificate management in z/OS
Appendix D. IPSec scenario policies