No IT server platform is 100% secure and useful at the same time. If your server is installed in a secure vault, three floors underground in a double-locked room, not connected to any network and switched off, one would say it was reasonably secure, but it would be a stretch to call it useful.

This IBM® Redbooks® publication is about switching on the power to your Linux® on System z® server, connecting it to the data and to the network, and letting users have access to this formidable resource space in a secure, controlled, and auditable fashion to make sure the System z server and Linux are useful to your business. As the quotation illustrates, the book is also about ensuring that, before you start designing a security solution, you understand what the solution has to achieve.

The base for a secure system is tightly related to the way the architecture and virtualization has been implemented on IBM System z. Since its inception 45 years ago, the architecture has been continuously developed to meet the increasing demands for a more secure and stable platform.

This book is intended for system engineers and security administrators who want to customize a Linux on System z environment to meet strict security, audit, and control regulations.

For additional information, there is a tech note that describes the best practices for securing your network. It can be found at:

http://www.redbooks.ibm.com/abstracts/tips0981.html?Open

Chapter 1. Introduction

Chapter 2. The z/VM security management support utilities

Chapter 3. Configuring and using the z/VM LDAP server

Chapter 4. Authentication and access control

Chapter 5. Cryptographic hardware

Chapter 6. Physical and infrastructure security on System z

Chapter 7. Best practices

Appendix A. Using z/OS features in a Linux environment

Appendix B. z/VSE Security and Linux on System z

Appendix C. Additional material