Quick Links:
HOME PAGE
CONTACT US
INFOSEC and RACF TRAINING
IT and z/OS AUDIT
TRAINING
-
HG62:Comprehensive Information Systems Auditing with Case Studies
-
HG64:How to Audit z/OS with MVS, RACF, ACF2, Top Secret, CICS, DB2, and MQ Series Security
-
HG65:How to Audit z/OS with USS, TCP/IP, FTP, and the Internet
- Seminar
Schedule/
Registration/ Locations/Hotels
 Bethesda, MD
 -Clearwater, FL
RACF USER NEWS
(Describes next NYRUG Meeting
NEWSLETTERS AND USER GROUPS
ARTICLES
PRIVACY STATEMENT
ABOUT US
OTHER INFO SOURCES
|
|
HG65: How to Audit z/OS with USS, TCP/IP, FTP, and the Internet
(3 Days, 24 CPE Credits; $1590)
- April 6-8, 2011 in Bethesda, MD
For more information on RACF seminar dates, locations, and hotels, and how to
register, please click here:
Schedule/Registration/Locations/Hotels for IS Audit Training
This class is a logical follow-on to
"HG64: How to Audit MVS, RACF, ACF2, CICS, and DB2 Security". Mainframe Data Security Officers will benefit from this class, as well as IT auditors.
Now that most mainframe installations have connected at least one mainframe to the Internet, auditors and security staff need to address the effect this has on mainframe security. IBM has made these Internet
connections possible by adding several layers of software to the MVS operating system:
- USS or UNIX System Services:
This is UNIX running under the control of MVS and the
security software. It interfaces with RACF, ACF2, or TopSecret to make this perhaps the most
secure UNIX commonly available.
- TCP/IP,
the communication protocol of the Internet, and of most types of computers.
This makes it possible for the mainframe to communicate with the Internet, with Windows,
with other UNIXes, with Novell, and with other platforms easily. On the mainframe, you will
often find DB2, MQ Series, CICS, and other system software talking to other computers using
TCP/IP. Of course, to provide effective security, we need to control every path into the
system. The number of paths is greater now because we use TCP/IP. The security mechanisms
we use combine the best of RACF/ACF2/TopSecret with the best of TCP/IP native security.
The quality of the security depends upon how well we implement and integrate these mechanisms.
- FTP or File Transfer Protocol.
TCP/IP always includes a series of programs or daemons,
each dedicated
to a specific purpose. One of the best known of these is FTP, which lets you upload and download
files over the Internet. On the mainframe, FTP can upload and download MVS files as well as
USS (UNIX) files. FTP can also serve as an RJE remote and it can talk to DB2.
- The Websphere Web Server
(another of FTP's daemons) is software that talks over the Internet
to Internet Explorer and other browsers on people's personal computers. (It is comparable to
Apache or IIS, but is much more secure.) This is often the driving force behind connecting the
mainframe to the Internet, since it supports e-business.
Each of these layers has its own security, which is dependent on the security of the layers below it.
IBM gives us the tools to secure this all thoroughly, but the tools are often not thoroughly
implemented. Effective auditors can help to close the security gap by identifying the risks and
making practical recommendations to improve the way the tools are implemented.
This class shows you how the software in each of these layers works, how its security
works, and how to audit it. For
all of these, you will learn a systematic approach to evaluate the risk, evaluate the security
tools in place, and to make practical recommendations to improve security.
You will learn:
- How USS works how its security works
- How TCP/IP works and how its security works
- How FTP works and how its security works on the mainframe
- How the Websphere web server works and how its security works
- What data to collect and how to interpret it
- How to conduct the audit efficiently and effectively,
The workbook is a valuable reference.
For more information on seminar dates, locations, and hotels, and how to
register, please click here:
Schedule/Registration/Locations/Hotels
Return to Top of Page
Return to Home Page
Who Should Attend HG65?
- Information Techology auditors who will be auditing z/OS systems, especially those who
have taken HG64 or have similar experience
- Mainframe Data Security Officers who want to learn how to secure their Internet connections
Please note that you can save money by holding these classes in-house. Call
Stu at (301) 229-7187 for details.
Note also the classes we offer for Information Security Training, as
listed on the left under QUICK LINKS.
Return to Top of Page
Return to Home Page
|
|
"Stu is more than just knowledgeable about MVS technologies,
he is an enthusiastic fan of these technologies, with a rare ability
to make dry technical content humorous and fun for the audience.
"
---Brian Yarbrough, PriceWaterhouseCoopers
"Seminar was very pertinent to my audit assignments, and information was clearly
presented."
---Patricia O'Connell, Dollar Bank
|
|