A high-performance foundation for building and deploying networking applications on z/OS
IBM z/OS® Communications Server, a high availability enterprise transaction and data server, provides common applications, such as FTP, Telnet and the remote execution of applications. Built for optimum productivity, it provides a secure platform for developing and sharing mainframe workloads.
IBM z/OS Encryption Readiness Technology (zERT) Network Analyzer, a new z/OSMF plugin, is now available for you to easily query and analyze the cryptographic protection attributes of your z/OS TCP/IP and Enterprise Extender connections.
Supports high-bandwidth and high-speed networking technologies, including Shared Memory Communications (SMC), which provides significant performance improvements for TCP protocol workloads.
Uses z/OS Parallel Sysplex® technology to enable high availability application support.
Protects sensitive data and the operation of the TCP/IP stack on z/OS.
Enables IPv6, the successor to aging IPv4 technology, to handle the demands of internet usage with 128-bit addressing.
Collects network topology, status, and performance information.
Makes it faster and easier to configure policy-based networking functions by using Configuration Assistant.
"zERT is simple and fast to setup and implement. It gives me immediate results and it increases z/OS network security in its full breadth at once - not just for a single component!"
"zERT is my one stop shop to monitor and manage the usage of all cryptographic algorithms within my z/OS network stack. It even provides real-time policy-based notifications when cryptographic usage doesn’t match my expectations!"
- Swiss Re Group
"zERT brings all the requested information that we need for our security business and to achieve our described security policy. I am using the zERT Reports in my daily business. For us, zERT is a big relief! We have used the zERT aggregation records to totally eliminate the TLS 1.0 protocol and SHA1/HMAC suites. zERT reporting also enabled us to find various problems in environment settings and configurations. I think we never would have had a chance to do this without the zERT support!"
- Svend Zaunick, Finanz Informatik
Fiducia & GAD IT AG is in the process of enabling z/OS Enterprise Readiness Technology (zERT) to monitor and record the cryptographic protection attributes of network connections terminating on z/OS. With zERT, Fiducia & GAD IT AG can determine which of the connections are properly or improperly configured. This could potentially help the company in its efforts to simplify compliance reporting.
z/OS Encryption Readiness Technology (zERT), a core capability of IBM Z pervasive encryption, is an intelligent network security discovery and monitor feature of z/OS Communications Server. IBM zERT Network Analyzer, a web-based interface on z/OSMF, helps you determine which z/OS TCP and Enterprise Extender traffic is or isn’t protected according to specific query criteria. With z/OS V2R5, here comes zERT Policy-based Enforcement which allows policy-based rules that describe different levels of cryptographic protection along with optional actions to take when TCP connections match those rules. With z/OS 3.1, IBM zERT Network Analyzer provides enhancements for database connection authentication, improved upgrade support, and a user interface refresh.
AT-TLS (Application Transparent — Transport Layer Security), is a z/OS Communications Server feature that provides TLS encryption and decryption of TCP/IP connections based on policies created with the IBM Network Configuration Assistant. The z/OS sockets application sends and receives clear text (unencrypted) data as usual while AT-TLS applies TLS protection to the data at the TCP transport layer. With z/OS 3.1, AT-TLS supports several new System SSL features.
z/OS 3.1 Communications Server also provides the following network security and compliance enhancements for more secure data transfer and higher productivity:
z/OS 3.1 Communications Server enhances application modernization and simplifies OS management for optimized business operation, including the following enhancements:
z/OS V2R4 Communications Server has added network support for z/OS Container Extensions which provides native z/OS support for Linux Docker based application workloads.
z/OS V2R4 Communications Server, with TCP/IP APAR PH22695 and SNA APAR OA59152, is enhanced to support SMC-Dv2. Unlike the original Shared Memory Communication - Direct Memory Access (SMC-D) protocol, SMC-Dv2 does not require that the communication peers reside within the same IP subnet.
In z/OS V2R5 Communications Server, SMC-Rv2 and IBM z15 with RoCE Express2 will support “routable RoCE” connectivity over multiple IP subnets for communications across IBM Z systems.
z/OS V2R4 Communications Server is enhanced to support OSA-Express7S features with 25 GbE bandwidth and IBM 25 GbE RoCE Express2 features.
IBM Configuration Assistant for z/OS Communications Server plays a key role for the network administrator as part of the IBM Cloud Provisioning and Management for z/OS solution.
z/OS V2R5 Communications Server provides the following TCP/IP usability enhancements to enable improved efficiency in system automation, the reduction of unwanted delays in system initialization, and improved certificate-related problem determination for AT-TLS and IPSec.
- Notification of availability of TCP/IP extended services
- AT-TLS and IPSec certificate diagnostics
- IPSec certificate reporting enhancements
IBM open badge for you to easily and quickly share verified proof of your achievements on networking on z/OS.
IBM open badge for you to easily and quickly share verified proof of your achievements on z/OS network security.
IBM open badge for you to easily and quickly share verified proof of your achievements on z/OS TCP/IP Configuration with NCA.
IBM open badge for you to have a general knowledge and understanding of TCP/IP on z/OS.
IBM open badge for you to learn how to configure zERT Policy Enforcement using the IBM Configuration Assistant for z/OS Communications Server (NCA).
Information on z/OS Communications Server new function APARs available for z/OS 3.1.
Information on z/OS Communications Server new function APARs available for z/OS V2R5.
Information on z/OS Communications Server new function APARs available for z/OS V2R4.
Base functions, connectivity, and routing.
High availability, scalability, and performance.
Security and policy-based networking.
The latest iteration of IBM Z® mainframes with on-chip AI inferencing and industry-first quantum-safe technologies.
The platform for privacy, security and resiliency in hybrid clouds.
A highly secure and scalable operating system for running mission-critical applications.