Information Security Training
from the Henderson Group
This page is:
AUDIT TRAINING:HG65:
z/OS with USS, TCP/IP, FTP, and the Internet

Quick Links:

HOME PAGE

CONTACT US

INFOSEC and RACF TRAINING

IT and z/OS AUDIT TRAINING

RACF USER NEWS (Describes next NYRUG Meeting

NEWSLETTERS AND USER GROUPS

ARTICLES PRIVACY STATEMENT

ABOUT US

OTHER INFO SOURCES


HG65: How to Audit z/OS with USS, TCP/IP, FTP, and the Internet


(3 Days, 24 CPE Credits; $1590)



  • April 6-8, 2011 in Bethesda, MD

For more information on RACF seminar dates, locations, and hotels, and how to register, please click here:
Schedule/Registration/Locations/Hotels for IS Audit Training


This class is a logical follow-on to "HG64: How to Audit MVS, RACF, ACF2, CICS, and DB2 Security". Mainframe Data Security Officers will benefit from this class, as well as IT auditors. Now that most mainframe installations have connected at least one mainframe to the Internet, auditors and security staff need to address the effect this has on mainframe security. IBM has made these Internet connections possible by adding several layers of software to the MVS operating system:
  • USS or UNIX System Services: This is UNIX running under the control of MVS and the security software. It interfaces with RACF, ACF2, or TopSecret to make this perhaps the most secure UNIX commonly available.
  • TCP/IP, the communication protocol of the Internet, and of most types of computers. This makes it possible for the mainframe to communicate with the Internet, with Windows, with other UNIXes, with Novell, and with other platforms easily. On the mainframe, you will often find DB2, MQ Series, CICS, and other system software talking to other computers using TCP/IP. Of course, to provide effective security, we need to control every path into the system. The number of paths is greater now because we use TCP/IP. The security mechanisms we use combine the best of RACF/ACF2/TopSecret with the best of TCP/IP native security. The quality of the security depends upon how well we implement and integrate these mechanisms.
  • FTP or File Transfer Protocol. TCP/IP always includes a series of programs or daemons, each dedicated to a specific purpose. One of the best known of these is FTP, which lets you upload and download files over the Internet. On the mainframe, FTP can upload and download MVS files as well as USS (UNIX) files. FTP can also serve as an RJE remote and it can talk to DB2.
  • The Websphere Web Server (another of FTP's daemons) is software that talks over the Internet to Internet Explorer and other browsers on people's personal computers. (It is comparable to Apache or IIS, but is much more secure.) This is often the driving force behind connecting the mainframe to the Internet, since it supports e-business.
Each of these layers has its own security, which is dependent on the security of the layers below it. IBM gives us the tools to secure this all thoroughly, but the tools are often not thoroughly implemented. Effective auditors can help to close the security gap by identifying the risks and making practical recommendations to improve the way the tools are implemented.

This class shows you how the software in each of these layers works, how its security works, and how to audit it. For all of these, you will learn a systematic approach to evaluate the risk, evaluate the security tools in place, and to make practical recommendations to improve security.

You will learn:

  • How USS works how its security works
  • How TCP/IP works and how its security works
  • How FTP works and how its security works on the mainframe
  • How the Websphere web server works and how its security works
  • What data to collect and how to interpret it
  • How to conduct the audit efficiently and effectively,
The workbook is a valuable reference.

For more information on seminar dates, locations, and hotels, and how to register, please click here:
Schedule/Registration/Locations/Hotels

Return to Top of Page

Return to Home Page





Who Should Attend HG65?
  • Information Techology auditors who will be auditing z/OS systems, especially those who have taken HG64 or have similar experience
  • Mainframe Data Security Officers who want to learn how to secure their Internet connections

Please note that you can save money by holding these classes in-house. Call Stu at (301) 229-7187 for details.

Note also the classes we offer for Information Security Training, as listed on the left under QUICK LINKS.
Return to Top of Page

Return to Home Page

"Stu is more than just knowledgeable about MVS technologies, he is an enthusiastic fan of these technologies, with a rare ability to make dry technical content humorous and fun for the audience. " ---Brian Yarbrough, PriceWaterhouseCoopers

"Seminar was very pertinent to my audit assignments, and information was clearly presented."
---Patricia O'Connell, Dollar Bank


Return to Top of Page

Return to Home Page












Stu Henderson offers consulting, seminars, articles, and other information sharing related to information security and auditing. His consulting includes: security reviews, risk assessments, RACF implementation assistance, and Information Technology audit technical counseling.

His most popular seminars provide: RACF training, mainframe audit training including MVS and z/OS audit training. His RACF seminars include: "Effective RACF Administration", "Advanced RACF Administration", and "UNIX (USS) for RACF Administrators".

His audit seminars include: "How to Audit MVS, RACF, ACF2, TopSecret, CICS, DB2, and MQ Series Security" and the follow-on "How to Audit z/OS with USS, TCP/IP, FTP, and the Internet"

Information on class location and schedules, as well as articles, links and other useful information sharing may be found on his website at www.stuhenderson.com