Skip to main content

Communications Server for z/OS V1R9 TCP/IP Implementation Volume 4: Security and Policy-Based Networking

An IBM Redbooks publication

Note: This is publication is now archived. For reference only.


Published on 01 July 2008, updated 26 April 2010

  1. .PDF (29.7 MB)

Share this page:   

ISBN-10: 0738485055
ISBN-13: 9780738485058
IBM Form #: SG24-7535-00

Authors: Bill White, Gwen Dente, Octavio L Ferreira, Shizuka Katoh, Shuo Ni, Matt Nuttall, Yohko Ojima, Joel Porterie and Larry Templeton

    menu icon


    This Communications Server (CS) for z/OS TCP/IP Implementation series provides easy-to-understand, step-by-step how-to guidance on enabling the most commonly used and important functions of CS for z/OS TCP/IP.

    With the advent of TCP/IP and the Internet, network security requirements have become more stringent and complex. Because many transactions come from untrusted networks such as the Internet, and from unknown users, careful attention must be given to host and user authentication, data privacy, data origin authentication, and data integrity. In addition, there are certain applications shipped with TCP/IP such as File Transfer Protocol (FTP) that, without proper configuration and access controls in place, could allow unauthorized users access to system resources and data.

    This IBM Redbooks® publication explains how to set up security for your z/OS networking environment. For more specific information about CS for z/OS base functions, standard applications, and high availability, refer to the other volumes in the series. These are:

    • "Communications Server for z/OS V1R9 TCP/IP Implementation, Volume 1: Base Functions, Connectivity, and Routing," SG24-7532
    • "Communications Server for z/OS V1R9 TCP/IP Implementation, Volume 2: Standard Applications," SG24-7533
    • "Communications Server for z/OS V1R9 TCP/IP Implementation, Volume 3: High Availability, Scalability, and Performance," SG24-7534

    Table of Contents

    Part 1. SAF-based security

    Chapter 1. RACF demystified

    Chapter 2. Protecting network resources

    Part 2. Working with digital certificates

    Chapter 3. Certificate management in z/OS

    Chapter 4. Network Security Services

    Part 3. Policy-based networking

    Chapter 5. Policy Agent

    Chapter 6. Central Policy Server

    Chapter 7. Quality of Service

    Chapter 8. IP filtering

    Chapter 9. IP Security

    Chapter 10. Network Address Translation traversal support

    Chapter 11. Application Transparent Transport Layer Security

    Chapter 12. Intrusion Detection Services

    Chapter 13. Policy-based routing

    Part 4. Application-based security

    Chapter 14. Telnet security

    Chapter 15. Secure File Transfer Protocol

    Part 5. Appendixes

    Appendix A. Basic cryptography

    Appendix B. Telnet security: advanced settings

    Appendix C. Configuring IPSec between z/OS and Windows

    Appendix D. zIIP Assisted IPSec

    Appendix E. Our implementation environment


    Others who read this also read