Book description
No IT server platform is 100% secure and useful at the same time. If your server is installed in a secure vault, three floors underground in a double-locked room, not connected to any network and switched off, one would say it was reasonably secure, but it would be a stretch to call it useful.
This IBM® Redbooks® publication is about switching on the power to your Linux® on System z® server, connecting it to the data and to the network, and letting users have access to this formidable resource space in a secure, controlled, and auditable fashion to make sure the System z server and Linux are useful to your business. As the quotation illustrates, the book is also about ensuring that, before you start designing a security solution, you understand what the solution has to achieve.
The base for a secure system is tightly related to the way the architecture and virtualization has been implemented on IBM System z. Since its inception 45 years ago, the architecture has been continuously developed to meet the increasing demands for a more secure and stable platform.
This book is intended for system engineers and security administrators who want to customize a Linux on System z environment to meet strict security, audit, and control regulations.
For additional information, there is a tech note that describes the best practices for securing your network. It can be found at:
http://www.redbooks.ibm.com/abstracts/tips0981.html?Open
Table of contents
- Front cover
- Notices
- Preface
- Chapter 1. Introduction
-
Chapter 2. The z/VM security management support utilities
- 2.1 The need for security management in z/VM
- 2.2 External security management
- 2.3 User directory management
- 2.4 Securing console access to z/VM virtual machines
- 2.5 Securing network access to z/VM
- 2.6 Securing z/VM resources
- 2.7 z/VM Directory Maintenance Facility (DirMaint)
- 2.8 Other ESM and directory manager security observations in this book
-
Chapter 3. Configuring and using the System z LDAP servers
- 3.1 The z/VM and z/OS LDAP servers
- 3.2 Setting up the z/OS LDAP server
- 3.3 Setting up the z/VM LDAP server
- 3.4 Extending the LDBM schema
- 3.5 LDBM and native authentication
- 3.6 Access control lists
- 3.7 Linux authentication using the z/VM LDAP server
- 3.8 Using an OpenLDAP server with the z/VM LDAP server
- 3.9 Centralizing Linux audit information with z/VM RACF
- 3.10 Using z/VM LDAP in an SSI cluster
- Chapter 4. Authentication and access control
- Chapter 5. Cryptographic hardware
-
Chapter 6. Physical and infrastructure security on System z
- 6.1 Physical environment
- 6.2 Minimal Installations
- 6.3 Protecting the Hardware Management Console
- 6.4 Protecting the configuration
- 6.5 Building a secure multizone application environment
- 6.6 IBM security solutions
- 6.7 Linux firewalls
- 6.8 Disk security
- 6.9 Protecting ECKD disk
- 6.10 Protecting Fibre Channel Protocol (FCP) disks
- 6.11 Protecting z/VM minidisks
- Chapter 7. Security implications of z/VM SSI and LGR
- Chapter 8. Best practices
- Appendix A. Using phpLDAPadmin to manage the z/VM and z/OS LDAP servers
- Appendix B. Additional material
- Related publications
- Back cover
Product information
- Title: Security for Linux on System z
- Author(s):
- Release date: January 2013
- Publisher(s): IBM Redbooks
- ISBN: 9780738437545
You might also like
book
The Definitive Guide to SUSE Linux Enterprise Server 12
The Definitive Guide to SUSE Linux Enterprise Server 12 is a task-oriented book designed for self-study …
book
Debugging Linux Systems
Debugging Linux Systems discusses the main tools available today to debug 2.6 Linux Kernels. We start …
book
Linux Server Hacks, Volume Two
Today's system administrators deal with a vast number of situations, operating systems, software packages, and problems. …
book
Maximum Linux Security
Maximum Linux Security: A Hacker's Guide to Protecting Your Linux Server and Workstation is designed for …