How to Detect Attempted Mainframe Intrusions

This presentation will focus on Policy-based Network Management and the use of its primary component The Policy Agent (PAGENT) as a tool for detecting and reporting attempted Mainframe Intrusions.

Attendees will learn the following:

• The role of Policy-based Information System Management
• The architecture and elements of a Policy-based Network
• The components of PAGENT and their functional use
• The relationship between PAGENT and one or more TCP/IP Stacks
• The function of the Traffic Regulation Management Daemon (TRMD)
• The types of Intrusions that can be detected by PAGENT/TRMD
• How to determine if PAGENT is active on your system
• How to create a PAGENT Configuration
• How to create an Intrusion Detection Services (IDS) Policy
• How to authorize the use of PAGENT and needed resources
• How to START the PAGENT Procedure (PROC)
• How to conduct a Penetration Test
• How to Query/Display Intrusion Reports

The content of this presentation is derived from the following generally available source materials:

• z/OS Communications Server IP Configuration Guide, version 1 Release 13, Document Number SC31-8775-19
• z/OS V1R13 Communications Server TCP/IP Implementation: Volume 4 Security and Policy-based Networking Redbook
• V1R13 IBM Configuration Assistant for z/OS Communications Server

Tracks: IT Services Delivery and Security and Compliance