Home Page Icon
Home Page
Table of Contents for
IBM Redbooks promotions
Close
IBM Redbooks promotions
by Joe Welsh, Jan Thielmann, Vinodkumar Ramalingam, Vinicius Oliveira, Christopher
Reduce Risk and Improve Security on IBM Mainframes: Volume 2 Mainframe Communication and Networking Security
Front cover
Notices
Trademarks
IBM Redbooks promotions
Preface
Authors
Now you can become a published author, too
Comments welcome
Stay connected to IBM Redbooks
Chapter 1. Mainframe network concepts and functions
1.1 Introduction to mainframe networks
1.1.1 Technical overview
1.1.2 Communications Server features and benefits
1.1.3 Who supports the network
1.2 History of mainframe networks
1.3 Mainframe network architecture
1.4 Networking hardware
1.4.1 Network connections
1.5 Network protocols
1.5.1 TCP/IP
1.5.2 SMC-R
1.5.3 SNA
1.6 Additional network components
1.6.1 VTAM
1.6.2 TCP/IP stack and functions
1.6.3 Enterprise Extender
1.6.4 TN3270/E
1.6.5 Special features
1.7 Network tools and products
1.7.1 NetView Performance Monitor
1.7.2 OMEGAMON XE for Mainframe Networks
1.7.3 Session Manager for z/OS
1.7.4 Solve: Access Session Management
1.8 Operations and administration
1.8.1 Operational tasks
1.8.2 z/OS network administrator tasks
1.9 Securing mainframe networks
Chapter 2. Cryptography for network security
2.1 Security concepts and architecture for network cryptography on System z
2.1.1 Basics of cryptography for network security
2.1.2 Definition of a secure communication model for networks
2.1.3 Applications of cryptosystems for network security
2.1.4 Overview of the z/OS TCP/IP cryptographic infrastructure
2.1.5 Transport Layer Security on z/OS
2.1.6 AT-TLS
2.1.7 IPSec
2.1.8 OpenSSH on z/OS
2.1.9 PKI services
2.2 Guiding principles for cryptography for network security
2.2.1 Choosing appropriate cryptographic algorithms for network security
2.2.2 Defining a cryptography strategy within your organization
2.2.3 Choosing Transport Layer Security implementations
2.2.4 Things to keep in mind when defining certificates
2.2.5 Guiding principles for IPSec
2.2.6 OpenSSH on z/OS UNIX, z/OS dependant features implementation
Chapter 3. TCP/IP security
3.1 Introduction
3.1.1 IP network design
3.1.2 System z in a DMZ
3.1.3 Mixing environments
3.1.4 HiperSockets
3.2 Sockets and APIs
3.3 Telnet Server
3.3.1 Security concepts and architecture
3.4 FTP
3.4.1 Security concepts and architecture
3.5 InetD, the Internet daemon
3.5.1 Security concepts and architecture
3.6 Virtual IP addressing
3.6.1 Security concepts and architecture
3.7 z/OS IP filtering
3.7.1 Security concepts and architecture
3.8 IPSec
3.8.1 Security concepts and architecture
3.9 z/OS Intrusion Detection Services
3.9.1 Security concepts and architecture
3.10 IP resource security
3.10.1 SAF controls
3.10.2 Multi-level security
3.10.3 OSA-Express connection isolation
3.10.4 IP Profile Controls
Chapter 4. SNA security
4.1 Introduction
4.2 SNA encryption versus IP encryption
4.3 Security controls using VTAM start options
4.3.1 Crypto-based start options
4.3.2 Access control start options
4.4 Transport security
4.4.1 Enterprise Extender
4.4.2 UDP/IP considerations
4.4.3 Network Address Translation considerations
4.4.4 Enterprise Extender IP security
4.5 TN3270 Security
4.5.1 Background
4.5.2 Securing TN3270 IP flow
4.5.3 SSL/TLS support
4.5.4 TN3270 SSL support
4.5.5 Securing DLSw connections
4.6 Searching security
4.6.1 Basics of searching
4.6.2 Subarea searches
4.6.3 Searching an APPN network
4.6.4 Controlling searches of other APPN networks
4.6.5 ADJCLUST tables
4.6.6 Controlling searches entering a network
4.6.7 Session Management Exit
4.6.8 Directory Services Management Exit
4.6.9 Searches that are not network-qualified
4.6.10 Authorized Cross-Net searches
4.7 Application security
4.7.1 Session-level encryption for data confidentiality
4.7.2 Message authentication for data integrity
4.7.3 LU 6.2 session-level authentication
4.7.4 LU 6.2 conversation-level authentication
4.8 Recap of recommendations
Chapter 5. Shared Memory Communications over RDMA
5.1 Overview
5.1.1 SMC-R: A hybrid protocol
5.1.2 SMC-R eligibility
5.1.3 Enabling SMC-R and connection setup
5.2 Security characteristics of SMC-R connections
5.2.1 Protecting application data
5.2.2 Protecting network protocol headers
5.2.3 Firewalls and Deep Packet Inspection (DPI) devices
5.3 z/OS network security features and SMC-R
5.3.1 Interface-based SMC-R enablement
5.3.2 Port-based SMC-R exclusion
5.3.3 SAF-based network access controls
5.3.4 IP filter rules
5.3.5 IPSec
5.3.6 SSL/TLS, including Application Transparent TLS (AT-TLS)
5.3.7 SSH
5.3.8 Application layer security protocols and features
5.3.9 Integrated Intrusion Detection Services (IDS)
5.3.10 Multilevel Security (MLS)
Related publications
IBM Redbooks
Other publications
Help from IBM
Back cover
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Notices
Next
Next Chapter
Preface
IBM Redbooks promotions
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset