We can host this training at your preferred location. Contact us!

This course explains how to set up security for the z/OS networking environment. With the advent of TCP/IP and the Internet, network security requirements have become more stringent and complex.
The Communications Server, along with other elements in z/OS including RACF and Policy Agent (PAGENT), provides IP security functions. These protect data privacy and intergrity for z/OS, and protect system resources from unauthorized access.
This is a 'workshop' style course, and attendees will work through extensive hands-on exercises, on their own z/OS system.

This course is also available 'on demand' (minimum 2 students) for additional public presentations or for one-company, on-site presentations.

Attendees will need a sound knowledge of TCP/IP concepts and protocols (this can be gained by attending the RSM course TCP/IP Fundamentals), and TCP/IP in a z/OS environment (this can be gained by attending the RSM course z/OS Communications Server Part 2 - Implementing TCP/IP under z/OS. A good knowledge of UNIX System Services is also needed, which can be gained by attending RSM's course Using RACF under UNIX System Services (USS).

explain how z/OS SAF, especially RACF, is used to protect your network and communications
discuss the RACF Security profiles required to protect access to various network resources
describe how Digital Certificates can be implemented and used within z/OS and how various clients and servers use the certificates
explain how Digital Certificates are used in a policy-based z/OS environment
implement NSS using a daemon and a Client
explain the rules and policies used in the Policy Agent (PAGENT) to dictate how users, applications and organizations access and use their IT resources
understand how the PAGENT can be configued as a Central Policy Server
describe the QoS concepts and how to implement QoS
permit or deny IP packets into and out of z/OS using IP Filtering
explain how to implement IP Security
describe at a high level how the IPSec tunnel traverses a NAT or NAPT device
explain how to implement the TLS and SSL protocol technology to protect data exchanges between client and server applications
implement TN3270/Telnet security and FTPS
implement the SSH daemon and SFTP
understand IDS
configure policy based routing tables.

RACF Demystified

Protecting System Resources

Certificate Management in z/OS

Network Security Services

Policy Agent

Central Policy Server

Quality of Service

IP Filtering

IP Security

Network Address Translation Traversal Support

Application Transparent Transport Layer Security

SSH Daemon and SFTP

Intrusion Detection Services

Polcy Based Routing

Upcoming Trainings

Join our public courses in our United Kingdom facilities. Private class trainings will be organized at the location of your preference, according to your schedule.

Classroom / Virtual Classroom

12 July 2024