IBM z/VM Security and Integrity resources

z/VM
News
About z/VM
Events calendar
Products and features
Downloads
Technical resources
Library
How to buy
Install
Service
Education
Site map
Site search
Printer-friendly
Notify me
Contact z/VM

IBM Systems >

System z >

z/VM >

z/VM Security and Integrity Resources

Updated: March 19, 2013

Keep apprised on security related to z/VM. This page includes news, news archive, pertinent presentations, papers, Redbooks, and publications, links to press articles and pointers to online discussions.

February 20, 2013	z/VM V6.1 Achieves Common Criteria Certification All certification activities for z/VM 6.1 are complete. The certifying body issued its certification on February 20, 2013. z/VM 6.1 with the RACF Security Server optional feature has been certified to conform to the Operating System Protection Profile (OSPP) with Virtualization (-VIRT) and Labeled Security (-LS) extensions of the Common Criteria standard for IT security, ISO/IEC 15408, at Evaluation Assurance Level 4 (EAL4+). Report: z/VM 6.1 Certification Report Report: z/VM 6.1 Security Target
June 26, 2012	z/VM 6.1 System SSL Cryptographic Module Receives FIPS 140-2 Certification All FIPS 140-2 certification work is complete. The z/VM V6.1 System SSL module has been validated as conforming to the Federal Information Protection Standard (FIPS) 140-2. This is the first time that z/VM has been certified to this industry-recognized cryptographic standard. z/VM System SSL is used by both the z/VM LDAP Server and z/VM SSL Server. Report: System SSL Cryptographic Module Receives FIPS 140-2 Certification Report: Validated 140-1 and 140-2 Cryptographic Modules, Certificate 1735 Report: z/VM Version 6 Release 1 System SSL Security Policy
July 22, 2010	Statement of Direction EAL4 Certification for z/VM V6.1 IBM intends to evaluate z/VM V6.1 with the RACF Security Server optional feature, including labeled security, for conformance to the Operating System Protection Profile (OSPP) of the Common Criteria standard for IT security, ISO/IEC 15408, at Evaluation Assurance Level 4 (EAL4+). Note: This statement of direction was made in a July 22, 2010 IBM announcement for z/VM V6.1. All statements regarding IBM's plans, directions, and intent are subject to change or withdrawal without notice.
October 6, 2009	Solution Edition for Security Offering Securing your z/VM® and Linux® for System z® environment Consolidation, cost savings, and Green Initiatives are sweeping though all industries at an exponential pace. Securing a virtualized environment is a vital component of the enterprise security strategy. System z risk and security management controls provide differentiated advantage over alternative solutions.IBM's virtualization components have been integrated within hardware and software for over 30 years, and provide a robust set of unparalleled capabilities. Scalability, availability, and reliability controls are built within the infrastructure. Additional business value is included in centralized auditing and reporting functions, centralized security components and centralized infrastructure. The Solution Edition Offering for Security delivers the capabilities required to secure your virtualization environment. Learn more...
September 18, 2008	z/VM V5.3 Achieves Common Criteria Certification All certification activities for z/VM V5.3 are complete. The certifying body issued its certification on July 28, 2008. z/VM V5.3 with the RACF Security Server optional feature has been certified to conform to to the Controlled Access Protection Profile (CAPP) and Labeled Security Protection Profile (LSPP) of the Common Criteria standard for IT security, ISO/IEC 15408, at Evaluation Assurance Level 4+ (EAL4+). Publication: z/VM V5.3 Secure Configuration Guide This link is secured to ensure that your download is not corrupted. Report: z/VM V5.3 Certification Report Report: z/VM V5.3 Security Target

You can find previous announcements of security-related information in the z/VM Security News archive

Papers, Redbooks, and Publications
Publication: Cryptographic Advances for Linux on IBM System z Applications (05-2012)
Publication: z/VM V5.4 Secure Configuration Guide (07-2008)
Redbook: Introduction to the New Mainframe: Security (04-2007)
Redbook: IBM Tivoli Security and System z (01-2008)
Redpaper: Monitoring System z Cryptographic Services (12-2007)
Redbook: Security on z/VM (12-2007)
The Value of z/VM: z/VM Security and Integrity (04-2005)
Linux on IBM eServer zSeries: Best Security Practices
Linux on zSeries Security White Paper
Exploring Open Source Security for a Linux Server Environment

Presentations
z/VM Security and Integrity (Alan Altmark, Aug.2005) Updated

Press articles
Cover Story: Securing a Virtual World, by Alan Altmark
(IBM Systems Magazine - Mainframe Edition, May/June 2009)
Understanding z/VM Integrity and Security, by Alan Altmark
(IBM eServer Magazine - Mainframe Edition, Nov/Dec 2002)

Discussions
Fora and Listserv discussions with the VM and Linux community

Note: *
All statements regarding IBM's plans, directions, and intent are subject to change or withdrawal without notice. Any reliance on this Statement of Direction is at the relying party's sole risk and will not create any liability or obligation for IBM.

	Mainframe security

	Security links News Archive Integrity Statement APAR Notification (Security/Integrity) z/VM Security IBM Security System z Security Linux on System z

	Current releases

	z/VM V6.2 Resources
	z/VM V6.1 Resources
	z/VM V5.4 Resources

	More about System z Optimized to help meet the requirements of today's on-demand solutions.

	Attend events to learn about z/VM, Linux on System z, and more