IBM z/VM Security and Integrity resources

z/VM
News
About z/VM
Events calendar
Products and features
Downloads
Technical resources
Library
How to buy
Service
Education
Site map
Site search
Printer-friendly
Notify me
Contact z/VM

IBM Systems >

System z >

z/VM >

z/VM Security and Integrity Resources

Updated: 23 July 2008

Keep apprised on security related to z/VM. This page includes news, news archive, pertinent presentations, papers, Redbooks, and publications, links to press articles and pointers to online discussions.

July 23, 2008

z/VM V5.3 Common Criteria Certification Update:
IBM has successfully completed its activities relating to the evaluation of z/VM V5.3 with the RACF Security Server optional feature for conformance to the Controlled Access Protection Profile (CAPP) and Labeled Security Protection Profile (LSPP) of the Common Criteria standard for IT security, ISO/IEC 15408, at Evaluation Assurance Level 4+ (EAL4+).

Certification is pending.

A link to the z/VM Secure Configuration Guide is given below.

Feb. 06, 2007

Statement of Direction (*) for z/VM V5.3
Common Criteria Certification:
IBM intends to evaluate z/VM V5.3 with the RACF Security Server optional feature for conformance to the Controlled Access Protection Profile (CAPP) and Labeled Security Protection Profile (LSPP) of the Common Criteria standard for IT security, ISO/IEC 15408, at Evaluation Assurance Level 4 (EAL4).

This represents a modification to IBM's previously expressed Statement of Direction of July 27, 2005, which stated IBM's intent to evaluate z/VM V5.2 at EAL4. Based on additional assessment of requirements, IBM no longer intends to evaluate z/VM V5.2.

Feb. 06, 2007

New security-related enhancements for z/VM V5.3

Delivery of LDAP server and client
Enhanced system security with longer passwords
z/VM V5.3 adds Secure Sockets Layer/Transport Layer Security (SSL/TLS) support for industry-standard secure FTP (RFC 4217), Telnet (draft specification #6), and SMTP (RFC 3207) sessions.
SSL server enhancements
Support of drive-based data encryption with the IBM System Storage TS1120 Tape Drive (machine type 2 3592, model E05).

Read more about z/VM Security in the z/VM Security News archive

Papers, Redbooks, and Publications
Publication: z/VM V5.3 Secure Configuration Guide (07-2008)
This link is secured to ensure that your download is not corrupted.
Redbook: Introduction to the New Mainframe: Security (04-2007)
Redbook: IBM Tivoli Security and System z (01-2008)
Redpaper: Monitoring System z Cryptographic Services (12-2007)
Redpaper: Security on z/VM (12-2007)
z/VM Security and Integrity 04-2005
Linux on IBM eServer zSeries: Best Security Practices
Linux on zSeries Security White Paper
Exploring Open Source Security for a Linux Server Environment

Presentations
z/VM Security and Integrity (Alan Altmark, Aug.2005) Updated

Press articles
Understanding z/VM Integrity and Security, by Alan Altmark
(eServer Magazine Mainframe Edition, 11/2002)

Discussions
Fora and Listserv discussions with the VM and Linux community

Note: *
All statements regarding IBM's plans, directions, and intent are subject to change or withdrawal without notice. Any reliance on this Statement of Direction is at the relying party's sole risk and will not create any liability or obligation for IBM.

	Mainframe security

	Security links News Archive Integrity Statement IBM Security System z Security z/OS Security Linux on System z

	z/VM V5.3 Resources z/VM V5.2 Resources

	Read about System z Optimized to help meet the requirements of today's on demand solutions.

	Learning opportunities View calendar of events where you can hear about z/VM, Linux on System z, and more