IBM z/OS manual

Page 84

The guest LAN support provided in z/VM V4.2 simulates the HiperSockets function for communication among virtual machines without the need for real IQD channels, much as VM simulates channel-to-channel adapters for communication among virtual machines without the need for ESCON, FICON, or other real channel-to-channel con- nections. With the guest LAN capability, customers with S/390 servers can gain the benefi ts of HiperSockets com- munication among the virtual machines within a VM image, since no real IQD channels are required.

z/VM V4.4 further enhances its virtualization technology by providing the capability to deploy virtual IP switches in the guest LAN environment. The z/VM virtual switch replaces the need for virtual machines acting as routers to provide IPv4 connectivity to a physical LAN through an OSA- Express adapter. Routers consume valuable processor cycles and require additional copying of data being trans- ported. The virtual-switch function alleviates this problem and also provides centralized network confi guration and control. These controls allow the LAN administrator to more easily grant and revoke access to the network and to manage the confi guration of VLAN segments.

TCP/IP for z/VM provides numerous self-protection func- tions. A Secure Sockets Layer (SSL) server is available to facilitate secure and private conversations between z/VM servers and external clients. The upgraded SSL server in z/VM V4.4 provides appropriate RPM format packages for the SUSE LINUX Enterprise Server 7 (SLES 7) at the

2.4.7kernel level, SUSE LINUX Enterprise Server 8 (SLES 8) powered by UnitedLinux at the 2.4.19 kernel level, and Turbolinux Enterprise Server 8 (TLES 8) powered by

United Linux at the 2.4.19 kernel level. Security of the TCP/IP stack has been improved to help prevent additional types of Denial of Service (DoS) attacks including: Smurf, Fraggle, Ping-o-Death, Kiss of Death (KOD), KOX, Blat, SynFlood, Stream, and R4P3D. The overall security and auditability of the TCP/IP for z/VM stack and the integrity of the z/VM system have been improved by providing better controls, monitoring, and defaults. An IMAP user authenti- cation exit has been added that removes prior user ID and password length restrictions and eliminates the need for every IMAP client to have a VM user ID and password.

TCP/IP for z/VM, formerly a priced, optional feature of VM/ESA and z/VM V3, is packaged at no additional charge and shipped enabled for use with z/VM V4 and V5. The former priced, optional features of TCP/IP — the Network File System (NFS) server and TCP/IP source — are also packaged with TCP/IP for z/VM at no additional change.

In addition to the new function provided by the Performance Toolkit for VM, RealTime Monitor (RTM), and Performance Reporting Facility (PRF) are still available in z/VM V4.4 to support new and changed monitor records in z/VM. RTM simplifi es performance analysis and the installation man- agement of VM environments. PRF uses system monitor data to analyze system performance and to detect and diagnose performance problems. RACF for z/VM is avail- able as an priced, optional feature of z/VM V4 and provides improved data security for an installation. RTM, PRF, and the Performance Toolkit are also priced, optional features of z/VM V4 as is the Directory Maintenance Facility (DirMaint).

84

Image 84
Contents IBM zSeries 990 and z/OS Reference Guide Table of Contents ZSeries Overview What does an on demand company look like?To huge increases in user activity Tools for Managing e-businessArchitecture Architecture Operating System SupportIBM zSeries TionBase Ratio Z990 Design and Technology MultiChip Module is the technology cornerstone for Z990 Family Models Z990 ModelsZ990 and IBM On/Off Capacity on Demand Model Upgrades Z990 and z900 Performance Comparison Z990 I/O SubSystem Z990 Cage LayoutGreater than 15 Logical Partitions LP Physical Channel IDs PCHIDs SubSystemZ990 Channels and I/O Connectivity Logical Channel SubSystem Lcss SpanningIC Channel Spanning Up to 1024 Escon ChannelsInterSystem Channel-3 ISC-3 Integrated Cluster Bus-2 ICB-2Integrated Cluster Bus-3 ICB-3 Integrated Cluster Bus-4 ICB-4Ficon Express Channel Card Features Fibre Channel ConnectivityPerformance Flexibility Three channel types supportedShared infrastructure Native Ficon ChannelsFicon Connectivity Ficon CTC functionFicon Support for Cascaded Directors Ficon Bridge Channel FCP ChannelsOpen Systems Adapter-Express Features OSA-Express FCP Full fabric connectivityZ990 OSA-Express 1000BASE-T Ethernet OSA-Express Integrated Console ControllerQueued Direct Input/Output Qdio Z990 OSA-Express Gigabit EthernetNON-QDIO operational mode Z990 OSA-Express Token-RingServer to User connections Lpar Support of OSA-Express IPv6 SupportPerformance enhancements for virtual servers HiperSockets LCSS0 LCSS1HiperSockets Network Concentrator Cryptography Z990 Capacity Upgrade on Demand CUoD AvailabilityZSeries Security Certification Cryptography Plan Ahead and Concurrent ConditioningZ990 Server Capacity BackUp CBU Z990 Server Customer Initiated Upgrade CIU Concurrent MaintenanceAdvanced Availability Functions Transparent SparingConcurrent Capacity Backup Downgrade CBU Undo Concurrent Memory UpgradeParallel Sysplex Cluster Technology Coupling Facility Configuration Alternatives System-Managed CF Structure Duplexing Parallel Sysplex Coupling Connectivity Z990 Theoretical Maximum Coupling Link Speed OptionsIntelligent Resource Director IRD ScopeLpar CPU Management Dynamic Channel Path ManagementChannel Subsystem Priority Queuing Page Geographically Dispersed Parallel Sysplex HyperSwap Geographically Dispersed Parallel Sysplex Gdps Enhancements Page Page Parallel Sysplex FacilitiesNo single point of failure Components and assumptionsZ990 Support for Linux Linux on zSeriesIBM Middleware Tivoli Access Manager for Operating Systems Version Linux Distribution Partners VM Version 4 and VersionIntegrated Facility for Linux IFL OSA-Express Ethernet for LinuxHiperSockets Fibre Channel Protocol FCP channel Support for LinuxZSeries 990 Family Configuration Detail Cryptographic Support for LinuxLinux Support Cryptographic Features OSA-Express FeaturesProcessor Unit Assignments Processor MemoryZ990 Frame and I/O Configuration Content Planning for I/O General InformationPhysical Characteristics Z990 Power/Heating/Cooling System Power Consumption kWZ990 Dimensions System Cooling Air Flow Rate CFMCoupling Facility CF Level of Support Fiber-Optic Cabling and System ConnectivityFiber-optic jumper cabling package Integrated system services OS.e ZSeries Application Assist ProcessorOS Scalability Bit SupportAutomation Support System Services Sense and Respond with Workload ManagerWLM Improvements for WebSphere Data Management with DfsmsCICS/VSAM enabled for 24x7 availability System Management ServicesJES2 and JES3 Console Enhancements EnhancementsSecurity Services Advanced System AutomationRacf enhancements Multilevel SecurityLdap PKI Services FirewallNetwork Authentication Service Application Enablement ServicesLanguage Environment Java UnicodeCommunication Services Rexx FunctionsDynamic Virtual IP Address Takeover Sysplex DistributorIntrusion Detection Services IDS HiperSocketsOS Unix HighlightsUnix System Services benefits can include Distributed Computing ServicesZSeries File System zFS Distributed File Services DFS Server Message Block Internet ServicesPrint Services Infoprint CentralIntegrated Testing Softcopy Publications SupportLibrary Center PublicationsInstallation Considerations OS 1.4 and 1.5 are supported on the following IBM serversOS 1.6 is supported on the following IBM servers Migration/CoexistenceMigration, installation and customization Enhancements ZSeries Bimodal Support for z/OSWizards Order z/OS through the InternetVM Version 3 VM Version 4 Exploiting New Technology Systems Management Application Enablement Networking with z/VMPage VM Version 5 Engine-based Value Unit PricingEnhancements in z/VM V5.1 include Network Virtualization and Security Technology ExploitationSystems Management Improvements To learn more