This IBM® Redbook discusses best security practices for running Linux as a z/VM® guest on IBM Eserver® zSeries® and S/390® machines. This publication is intended for system administrators and IT architects responsible for deploying secure Linux servers running under z/VM. We consider both z/VM and Linux security topics.
We examine the unique security and integrity features zSeries offers for consolidating a large number Linux servers under z/VM. We discuss virtual machine isolation and command privileges assigned to VM guests. Security configuration options for z/VM Version 4.4 are explained.
In this book, we also discuss Linux security topics. We examine options for hardening a Linux installation. Securing Linux network traffic using Secure Sockets Layer and Secure Shell is considered. We look at implementing a virtual private network using FreeS/WAN. Commercial firewall technology and implementation using the StoneGate firewall for zSeries is discussed. We examine using IBM Tivoli® Access Manager in conjunction with an LDAP server running on z/OS® to authenticate Linux users against a RACF® running on z/OS.
About The Author
Gregory Geiselhart is a Project Leader for Linux on zSeries at the International Technical Support Organization, Poughkeepsie Center.
Ami Ehlenberger is a Staff Software Engineer and has been with IBM for the past four years. Ami was hired into the OS/390® development team in 1999 and has since worked in the areas of integration test, solution design, and services. She has a B.S. in Computer Science from Indiana University of Pennsylvania and an MBA in e-business from the University of Phoenix. Her expertise resides in LDAP, IBM WebSphere®, and IBM Tivoli Access Manager. Ami currently works for the Custom Technology Center, an IBM Eserver services organization.
Darius Fariborz has been a Network Architect in IBM Global Services since 1995. He joined IBM U.K. Laboratories in 1985 and holds an MSc in Telecommunications and Micro-Electronics from the University of Surrey. Prior to joining IBM, Darius worked for International Aeroradio Limited as a software engineer from 1982 to 1984 and as hardware design engineer for Thorn EMI Datatech from 1979 to 1982. His main interests are in network connectivity and security.
Explore the new features added to the core Docker Engine to make multi-container orchestration easy
Leverage tools such as Docker Machine, Swarm, Compose, and third-party tools such as Kubernetes, Mesosphere, and CoreOS to orchestrate containers
Use Docker Compose with Swarm and
Microsoft Expression Blend 4 Step by Step
Microsoft Expression Blend 4 is Microsoft’s newest interactive design tool. It’s intended for
designers and developers who need to create user interfaces for rich Internet, desktop, and
mobile applications—and it offers tools that support the design of such applications, from
conception to completion.
Why Kids Kill: Inside the Minds of School Shooters
Ten years after the school massacre at Columbine High School in Colorado, school shootings are a new and alarming epidemic. While sociologists have attributed the trigger of violence to peer pressure, such as bullying and social isolation, prominent...
The Art of Memory (Frances Yates: Selected Works) "Once in a very great while, historical scholarship produces a book which makes one immediately begin re-thinking many of one's major suppositions about the thought systems of the past. Professor Yates has given us such a book."--Norman D. Hinton, The Modern Schoolman
A Chemist's Guide to Density Functional Theory "Chemists familiar with conventional quantum mechanics will applaud and benefit greatly from this particularly instructive, thorough and clearly written exposition of density functional theory: its basis, concepts, terms, implementation, and performance in diverse applications. Users of DFT for structure, energy, and molecular property...