Cybercrime is a sophisticated activity. It is no longer a playing field for “script-kiddies” trying to get access to systems and servers for fun, and it is not about quick hacks to get in and get out quickly. It is now about real commercial, political, or even military advantages. There have been reports in the press recently of large systems data breaches, and it is apparent that some of these are associated with attempts to access mainframe data.
The skills and knowledge that are required to manage and operate a sophisticated IBM System z mainframe are different from those that are used by professionals who use Linux, UNIX, or Windows servers for commercial organizations. The complexity of ways in which various organizations use System z over many years, means that there are now fewer people with the knowledge and skills to even attempt breaking into a mainframe system. However, as criminal organizations realize the benefits of gaining access to mainframe data, the efforts to achieve this increase. The requirement to secure mainframes and their valuable data exists within every organization, within a network of firewalls and network protection systems, access control hubs, DMZs, and application gateways, all of which can make up layers of defense.
In consequence, it is of real value for us to consider the security capabilities of the mainframe. This time, however, we want to ensure that you know how to configure these machines so that they are highly resistant to attacks. If resistance is not possible or practical, you must understand where detective controls can be used. If detective controls are not possible, then you must understand what forensic capabilities are possible. This IBM Redbooks Solution Guide provides the security professional, or the enterprise security architect, an understanding of best practices to secure the IBM mainframe in a holistic approach.
The material included in this document is in DRAFT form and is provided 'as is' without warranty of any kind. IBM is not responsible for the accuracy or completeness of the material, and may update the document at any time. The final, published document may not include any, or all, of the material included herein. Client assumes all risks associated with Client's use of this document.