What is the Hardware Management Console?
Before the specific responsibilities of the HMC and their security implications are discussed, it
is important to understand exactly what the HMC is and is not.
- The HMC is an orderable feature of an IBM Z. At least one HMC is required for all the capabilities of an IBM Z to be fully operational. The HMC feature consists of a standard PC hardware platform, which includes a keyboard, mouse, and display, along with preinstalled Licensed Internal Code that provides its various functions. Starting in HMC version 2.13.0, there is a 1U server option for including the HMC and display in the rack.
- The HMC is a closed platform. Specifically, closed means that the customer is not given access to the underlying operating platform and is not allowed to install and run other applications on the HMC. All configuration of the HMC is done by using tasks that are provided by the HMC Licensed Internal Code.
- The HMC is intended and required to be a network-attached device because the HMC uses the network to communicate with various system resources. The HMC Licensed Internal Code application provides the controls to configure the network for the HMC's use. The customer is expected to use normal procedures, such as periodic network scans, to test the HMC for network security.
- The HMC hardware is not serviced by the customer; service representative is responsible for this task.
- The HMC is not an operating platform that is directly usable by the customer; the HMC Licensed Internal Code, which provides the HMC application, is the only feature of the HMC that the customer is entitled to use.
In short, the HMC is considered an appliance whose purpose is to provide management and control of the mainframes and their associated operating systems and devices.