IBM System z10 EC Reference Manual

Also see for System z10 EC: Reference guide

Contents

7Commitment to system integrityFirst issued in 1973, IBM’s MVS™ System Integrity State-ment and subsequent statements for OS/390® and z/OSstand as a symbol of IBM’s confidence and commitment tothe z/OS operating system. Today, IBM reaffirms its com-mitment to z/OS system integrity.IBM’s commitment includes designs and developmentpractices intended to prevent unauthorized applicationprograms, subsystems, and users from bypassing z/OSsecurity—that is, to prevent them from gaining access, cir-cumventing, disabling, altering, or obtaining control of keyz/OS system processes and resources unless allowed by theinstallation. Specifically, z/OS “System Integrity” is definedas the inability of any program not authorized by a mecha-nism under the installation’s control to circumvent or disablestore or fetch protection, access a resource protected bythe z/OS Security Server (RACF), or obtain control in anauthorized state; that is, in supervisor state, with a protectionkey less than eight (8), or Authorized Program Facility (APF)authorized. In the event that an IBM System Integrity prob-lem is reported, IBM will always take action to resolve it.IBM’s long-term commitment to System Integrity is uniquein the industry, and forms the basis of the z/OS industryleadership in system security. z/OS is designed to help youprotect your system, data, transactions, and applicationsfrom accidental or malicious modification. This is one ofthe many reasons System z remains the industry’s premierdata server for mission-critical workloads.z/VMThe z/VM hypervisor is designed to help clients extend thebusiness value of mainframe technology across the enter-prise by integrating applications and data while providingexceptional levels of availability, security, and operationalease. z/VM virtualization technology is designed to allowthe capability for clients to run hundreds to thousands ofLinux servers on a single mainframe running with otherSystem z operating systems, such as z/OS, or as a large-scale Linux-only enterprise server solution. z/VM 5.3 canalso help to improve productivity by hosting non-Linuxworkloads such as z/OS, z/VSE, and z/TPF.z/VM 5.3 is designed to offer:• Large real memory exploitation support (up to 256 GB)• Single-image CPU support for 32 processors• Guest support enhancements, including a z/OS testingenvironment for the simulation and virtualization of zAAPand zIIP specialty processors• Support for selected features of the IBM System z10 EC• Comprehensive security with a new LDAP server andRACF feature, including support for password phrases• Enhancements to help improve the ease-of-use of virtualnetworks• Management enhancements for Linux and other virtualimages• Integrated systems management from the HMCz/VSEz/VSE 4.1, the latest advance in the ongoing evolution ofVSE, is designed to help address needs of VSE clientswith growing core VSE workloads and/or those who wishto exploit Linux on System z for new, Web-based businesssolutions and infrastructure simplification.z/VSE 4.1 is designed to support:• z/Architecture mode only• 64-bit real addressing and up to 8 GB of processorstorage• System z encryption technology including CPACF, con-figurable Crypto Express2, and TS1120 encrypting tape• Midrange Workload License Charge (MWLC) pricing,including full-capacity and sub-capacity options.