This IBM® Redbooks® publication provides a general explanation of data protection through encryption and IBM Z® pervasive encryption with a focus on Linux on IBM Z encryption for data at-rest. It also describes how the various hardware and software components interact in a Linux on Z encryption environment for .

In addition, this book concentrates on the planning and preparing of the environment. It offers implementation, configuration, and operational examples that can be used in Linux on Z volume encryption environments.

This publication is intended for IT architects, system administrators, and security administrators who plan for, deploy, and manage security on the Z platform. The reader is expected to have a basic understanding of IBM Z security concepts.

Chapter 1. Protecting sensitive data

Chapter 2. Identifying components and release levels

Chapter 3. Planning for Linux on Z data at-rest encryption

Chapter 4. Preparing for Linux on Z data at-rest encryption

Chapter 5. Deploying encrypted volumes for data at-rest

Chapter 6. Auditing and monitoring the data at-rest environment

Chapter 7. Maintaining encrypted volumes for data at-rest

Chapter 8. Performing key management for data at-rest encryption

Appendix A. Using protected keys for high-speed encryption