The combination of zSeries® hardware- and software-based security, along with incorporated J2EE security, offers significant defense against possible intrusions. The product security is a layered architecture built on top of the operating system platform, the Java™ Virtual Machine (JVM), and Java2 security.

WebSphere® Application Server for z/OS® integrates infrastructure and mechanisms to protect sensitive J2EE resources and administrative resources addressing the enterprise from an end-to-end security perspective based on industry standards.

WebSphere Application Server integrates with RACF® and WebSEAL Secure Proxy (Trusted Association Interceptor), providing a unified, policy-based and permission-based model for securing all Web resources and Enterprise Java Bean components, as defined in the J2EE specification.