Skip to main content
IBM Redbooks

Security on z/VM

An IBM Redbooks publication

Note: This is publication is now archived. For reference only.

thumbnail 

Published on 19 November 2007, updated 05 December 2007

  1. .EPUB (5.8 MB)
  2. .PDF (4.2 MB)
Google Play Books
Read in Google Books - This link opens in a new tab
Order hardcopy - This link opens in a new tab
Share this page:
 
 

ISBN-10: 0738488542
ISBN-13: 9780738488547
IBM Form #: SG24-7471-00

Authors: Paola Bari, Helio Almeida, Gary Detro, David Druker, Marian Gasparovic, Manfred Gnirss and Jean Francois Jiguet

    menu icon

    Abstract

    Discussions about server sprawl, rising software costs, going green, or moving data centers to reduce the cost of business are held in many meetings or conference calls in many organizations throughout the world. And many organizations are starting to turn toward System z™ and z/VM® after such discussions. The virtual machine operating system has over 40 years of experience as a hosting platform for servers, from the days of VM/SP, VM/XA, VM/ESA® and especially now with z/VM. With the consolidation of servers and conservative estimates that approximately seventy percent of all critical corporate data reside on System z, we find ourselves needing a highly secure environment for the support of this infrastructure. This document was written to assist z/VM support and security personnel in providing the enterprise with a safe, secure and manageable environment.

    This IBM® Redbooks® publication provides an overview of security and integrity provided by z/VM and the processes for the implementation and configuration of z/VM Security Server, z/VM LDAP Server, IBM Tivoli® Directory Server for z/OS®, and Linux® on System z with PAM for LDAP authentication.

    Sample scenarios with RACF® database sharing between z/VM and z/OS, or through Tivoli Directory Integrator to synchronize LDAP databases, are also discussed in this book.

    This book provides information about configuration and usage of Linux on System z with the System z Cryptographic features documenting their hardware and software configuration.

    The Consul zSecure Pro Suite is also part of this document: this product helps to control and audit security not only on one system, but can be used as a single point of enterprise wide security control. This document covers the installation and configuration of this product and detailed information is presented on how z/Consul can be used to collect and analyze z/VM security data and how it can be helpful in the administration of your audit data.

    Table of Contents

    Chapter 1. z/VM and security

    Chapter 2. RACF feature of z/VM

    Chapter 3. z/VM LDAP server

    Chapter 4. Implementing Pluggable Authentication Modules LDAP for Linux servers

    Chapter 5. Enterprise integration

    Chapter 6. Cryptography on z/VM

    Chapter 7. IBM Tivoli zSecure for zVM RACF

    Appendix A. DirMaint implementation

    Appendix B. RACF procedural checklist

    Appendix C. Additional material

     

    Others who read this also read