Configuration for z/OS IPSec and IP Packet Filtering
Project and Program: Enterprise Data Center
, Security and Compliance
, SHARE in Orlando 2011
Starting in z/OS V1R7, the z/OS Communications Server provides a new IPSec and IP packet filtering capability that replaces these functions in Firewall Technologies beginning in z/OS V1R8. IP packet filtering protects the z/OS system by using policy controls to determine which packets are allowed in and out of z/OS. IPSec protects data in the network by providing encryption and authentication services transparently to applications running on z/OS. In this session, we will cover information that will enable you to deploy a z/OS-based IP packet filtering and IPSec solution. General IPSec and packet filtering concepts, and z/OS usage scenarios, deployment and management requirements will be covered. The sessions include detailed information on how to configure these security functions. This includes a demo of the z/OS Configuration Assistant for network security policy configuration, use of the migration assistant, configuration of the related infrastructure (policy agent, IKE, trmd), required RACF profiles, and keyring setup. Also covered is runtime management of IP packet filters and IPSec security associations.
Presenter(s): Lin Overby, IBM Corporation
Back to Proceedings File Library