IBM Z10 BUISNESS CLASS Z10 BC User Manual
Page 8
• Improved availability with Parallel Sysplex and Coupling
Facility improvement
• Enhanced application development and integration with
new System REXX
™
facility, Metal C facility, and z/OS
UNIX
®
System Services commands
• Enhanced Workload Manager in managing discretionary
work and zIIP and zAAP workloads
Commitment to system integrity
First issued in 1973, IBM’s MVS
™
System Integrity State-
ment and subsequent statements for OS/390
®
and z/OS
stand as a symbol of IBM’s confi dence and commitment
to the z/OS operating system. Today, IBM reaffi rms its com-
mitment to z/OS system integrity.
IBM’s commitment includes designs and development
practices intended to prevent unauthorized application
programs, subsystems, and users from bypassing z/OS
security—that is, to prevent them from gaining access,
circumventing, disabling, altering, or obtaining control of
key z/OS system processes and resources unless allowed
by the installation. Specifi cally, z/OS “System Integrity” is
defi ned as the inability of any program not authorized by
a mechanism under the installation’s control to circumvent
or disable store or fetch protection, access a resource
protected by the z/OS Security Server (RACF), or obtain
control in an authorized state; that is, in supervisor state,
with a protection key less than eight (8), or Authorized
Program Facility (APF) authorized. In the event that an IBM
System Integrity problem is reported, IBM will always take
action to resolve it.
IBM’s long-term commitment to System Integrity is unique
in the industry, and forms the basis of the z/OS industry
leadership in system security. z/OS is designed to help you
protect your system, data, transactions, and applications
from accidental or malicious modifi cation. This is one of
the many reasons System z remains the industry’s premier
data server for mission-critical workloads.
z/VM
z/VM V5.4 is designed to extend its System z virtualization
technology leadership by exploiting more capabilities of
System z servers including:
• Greater fl exibility, with support for the new z/VM-mode
logical partitions, allowing all System z processor-types
(CPs, IFLs, zIIPs, zAAPs, and ICFs) to be defi ned in
the same z/VM LPAR for use by various guest operating
systems
• Capability to install Linux on System z as well as z/VM
from the HMC on a System z10 that eliminates the need
for any external network setup or a physical connection
between an LPAR and the HMC
• Enhanced physical connectivity by exploiting all OSA-
Express3 ports, helping service the network and reduc-
ing the number of required resources
• Dynamic memory upgrade support that allows real
memory to be added to a running z/VM system. With z/VM
V5.4, memory can be added nondisruptively to individual
guests that support the dynamic memory reconfi guration
architecture. Systems can now be confi gured to reduce
the need to re-IPL z/VM. Processors, channels, OSA
adapters, and now memory can be dynamically added to
both the z/VM system itself and to individual guests.
The operation and management of virtual machines
has been enhanced with new systems management
APIs, improvements to the algorithm for distributing a
guest’s CPU share among virtual processors, and usability
enhancements for managing a virtual network.
Security capabilities of z/VM V5.4 provide an upgraded
LDAP server at the functional level of the z/OS V1.10 IBM
Tivoli
®
Directory Server for z/OS and enhancements to the
RACF Security Server to create LDAP change log entries
in response to updates to RACF group and user profi les,
including user passwords and password phrases. The z/VM
SSL server now operates in a CMS environment, instead of
requiring a Linux distribution, thus allowing encryption ser-
vices to be deployed more quickly and helping to simplify
installation, service, and release-to-release migration.
8