Meet speakers from the Enterprise Network Solutions team
|
|
|
|
|
|
Chris Meyer
STSM,
z/OS Network Security Architect |
Michael Fitzpatrick
STSM,
Lead Architect Multi-site Workload Lifeline |
Mike Fox,
Enterprise Networking Solutions Architect
|
Randy Kunkel,
Senior software engineer
|
Sam Reynolds
Enterprise Networking Solutions - Architecture, Design, and Strategy |
Check out the Enterprise Networking Solutions sessions
z/OS Communications Server Technical Update: Summer 2022 Edition
In this session, the speakers will provide a look at new features in z/OS Communications Server from z/OS V2.5 and continuous delivery. We will look at improvements to network security through zERT policy-based enforcement, a new SERVAUTH class resource for control of the z/OS FTP server JES interface, IPSec certificate reporting enhancements, and AT-TLS and IPSec certificate diagnostics. We will examine how "Routable RoCE" provides multiple IP subnet support for Shared Memory Communications. And we will look at new notifications that Communications Server provides to indicate that TCP/IP and its required services are initialized.
- Time: Aug 22, 2022 | 9:45 AM - 10:45 AM (EDT)
- Speaker: Sam Reynolds, Mike Fitzpatrick
- Room: Delaware A
- ID: 98456
z/OS Communications Server Network Security Overview
z/OS Communications Server provides a wide variety of security features to protect z/OS from the network and to protect z/OS data as it traverses the network. This session will introduce many of those security features and highlight some of the more recent enhancements. Topics include IP Security, AT-TLS, Intrusion Detection Services, zERT and SAF-based access controls.
- Time: Aug 22, 2022 | 11:00 AM - 12:00 PM (EDT)
- Speaker: Chris Meyer
- Room: Delaware A
- ID: 66204
VTAM, SNA, and Enterprise Extender: Status and Future
The Systems Network Architecture (SNA) protocol has been in use in enterprise computing environments for nearly half of a century. Despite rumors of its demise, it is still used to transport a large percentage of mission-critical data around the world. However, it has evolved, and more changes are coming. In this session, the speaker will review some general concepts related to VTAM and the SNA protocol. The current and future viability of SNA will also be discussed.
- Time: Aug 22, 2022 | 1:45 PM - 2:45 PM (EDT)
- Speaker: Sam Reynolds
- Room: Delaware A
- ID: 93611
Sysplex Network Technologies and Considerations
In this session, the speaker will review z/OS Communication Server networking technologies that help maximize the value of the Parallel Sysplex environment. He will discuss recent enhancements in the area of High Availability and workload balancing, including considerations for enabling these features. Topics will also include:
- Best practices recommendations for intra-Sysplex connectivity
- External connectivity into the Sysplex environment
- Techniques for achieving network interface resilience in a flat network
- The impacts of using stateful firewalls in the Sysplex access network
- Time: Aug 23, 2022 | 10:30 AM - 11:30 AM (EDT)
- Speaker: Mike Fitzpatrick
- Room: Delaware A
- ID: 20742
ISPF Recent Improvements and Community Contributions
In this session, the speaker will discuss and demonstrate recent changes made to ISPF in z/OS V2R4 and V2R5, along with contributions from the ISPF community.
-
Time: Aug 23, 2022 | 8:00 AM - 9:00 AM (EDT)
-
Speaker: Sam Reynolds and Tom Conley
-
Room: Franklin A
-
ID: 92365
IP Routing on z/OS: The Basics Part 1 of 2
In this session we will introduce IP routing from a z/OS point of view. Topics covered include cover basic IP routing concepts including IPv4 and IPv6, ARP, route tables, and static routes. We will also discuss z/OS-specific IP routing concepts including VIPA, OSA redundancy and failover. We also will cover special considerations for a flat layer-2 network.
- Time: Aug 23, 2022 | 8:00 AM - 9:00 AM (EDT)
- Speaker: Mike Fox
- Room: Delaware A
- ID: 98987
IP Routing on z/OS: Dynamic Routing and Cisco ACI Connectivity Part 2 of 2
In this session we will introduce dynamic routing from a z/OS point of view and will also discuss attaching z/OS to a Cisco ACI fabric. We will cover the basics of the OMPROUTE routing daemon's implementation of OSPF on z/OS, and principles for attaching to backbones that run either OSPF or other routing protocols such as BGP. Best practices recommendations for dynamic routing on z/OS and for attaching z/OS to a Cisco ACI fabric will also be discussed.
- Time: Aug 23, 2022 | 9:15 AM - 10:15 AM (EDT)
- Speaker: Mike Fox
- Room: Delaware A
- ID: 61545
Lunch and Learn (LNL): Secure z/OS! F.A.Q. Experience
Enjoy a little “dinner theater” covering the theme of cyber security & resiliency on the Quantum-safe z16!
The newly formed Enterprise Knights Theatrical Troupe will play out the all-new Escape experience at fictional company, Mock-Up Services Enterprises (MUSE), and investigate the rumored cyber incident at its recent acquisition, Fictitious Acquisitional Quandary (FAQ). Sign up for the lunch, discover security insights from several cyber security SMEs, and enjoy the show!
- Time: Aug 23, 2022 | 12:00 PM - 1:00 PM (EDT)
- Speaker: Chris Meyer and other security experts
- Room: Delaware C
- ID: 79504
Shared Memory Communications Version 2 - Multiple IP Subnet Support
Shared Memory Communications has been limited to communications within a single IP subnet. SMC Version 2 removes this limitation by providing multiple IP subnet support for both SMC-D and SMC-R. This session will provide a brief introduction and overview of SMCv2, SMC-Dv2, and SMC-Rv2. Additional information will be provided for SMC-Rv2 along with RoCEv2 ("Routable RoCE”) including the IBM z16 and RoCE Express3. SMC-Rv2 uses RoCEv2 technology which uses your existing IP topology and IP routes to extend the reach of RDMA thereby expanding the benefits of SMC-R to additional application workloads. In this session you will learn how you can define and control the scope of SMCv2 connection eligibility and how to identify potential use cases that could benefit from the savings in network related CPU cost, reduced latency, and increased throughput. Learn how you can unleash SMCv2 in your enterprise!
- Time: Aug 24, 2022 | 8:00 AM - 9:00 AM (EDT)
- Speaker: Randall Todd Kunkel- Room: Delaware A
- ID: 20062
AT-TLS Hints and Tips
Application Transparent Transport Layer Security (AT-TLS) is one of the most heavily used security features of z/OS Communications Server, but it can sometimes add complexity to already complex set of technologies like TLS and digital certificates. Come to this session for hints, tips, lessons learned, and best practices regarding AT-TLS deployment and problem diagnosis.
- Time: Aug 24, 2022 | 10:30 AM - 11:30 AM (EDT)
- Speaker: Chris Meyer- Room: Delaware B
- ID: 24476
TCP/IP Stack Configuration with Network Configuration Assistant for z/OS CS
In this session we will take a detailed look at the capabilities of the IBM Network Configuration Assistant for z/OS CS to configure a TCP/IP stack including unified sysplex configuration, reusable configuration, dynamic stack reconfiguration, and configuration for disaster recovery and planned outages. This is a great introduction to the TCP/IP labs in "Lab: Network Configuration Assistant for z/OS CS: Choose your topic".
- Time: Aug 24, 2022 | 1:15 PM - 2:15 PM (EDT)
- Speaker: Mike Fox- Room: Delaware A
- ID: 44248
Using Network Configuration Assistant to Configure zERT Policy Enforcement
zERT Policy Enforcement allows you to configure policy rules to take actions in real time based on the observed cryptographic attributes of inbound and outbound z/OS TCP connections. As part of this support the Network Configuration Assistant (NCA) provides new, advanced function for configuring zERT policy enforcement. In this presentation you will learn how to get the most out of NCA's zERT support, including quickly and efficiently defining zERT rules and using reusable rules and rule sets to group your zERT rules into logical, hierarchical buckets that are easy to manage and coordinate.
- Time: Aug 24, 2022 | 4:00 PM - 5:00 PM (EDT)
- Speaker: Mike Fox- Room: Delaware A
- ID: 28406
Getting the Most Out of OSA and HiperSockets with z/OS Communications Server
The IBM zSystems OSA-Express is a critical aspect of your z/OS application workloads. OSA and HiperSockets are used for both SNA and IP connectivity. In this session, we will focus on how z/OS Communications Server uses OSA for IPv4/IPv6 external connectivity based on the Queued Direct IO (QDIO) architecture. The session will cover the operational aspects of OSA as well as configuration options for optimizing both inbound and outbound network traffic. We will also look at how HiperSockets Converged Interface (HSCI) could be an operational benefit to your environment. The focus will be on the z/OS Communications Server software use of OS. The speaker will also discuss hardware aspects where such aspects are of importance to understanding how the hardware and software combine and cooperate to deliver optimal function and performance.
- Time: Aug 25, 2022 | 8:00 AM - 9:00 AM (EDT)
- Speaker: Randall Todd Kunkel
- Room: Delaware A
- ID: 83782
Lab: ISPF "Choose Your Own” Lab
ISPF is still relevant in today's modern environments and as such this lab will explore some different aspects of ISPF. There will be labs relating to the ISPF Editor. As ISPF users, a large proportion of our work involves using the ISPF editor. While we are probably comfortable using the basic features of the editor, many of us are not taking advantage of other editor features. In this Hands-on Lab, you will learn how you can improve your productivity by customizing your edit environment and taking advantage of some of the advanced features of the editor. You will learn, through hands-on exercises, how to customize edit profiles and edit settings, how to recover edit session data after a system failure, and how to add power to your edit session with advanced edit commands. In addition there will be a lab concentrating on ISPF dialog development looking at how the different pieces of an ISPF application are created and are used together. . You will learn, through hands-on exercises, how to code some REXX that displays an ISPF panel, as well as interacting with ISPF messages and skeletons.
- Time: Aug 25, 2022 | 9:15 AM - 10:15 AM (EDT)
- Speaker: Sam Reynolds and Tom Conley
- Room: Fairfield: HOL
- ID: 17175
Guarding the Gates with z/OS IP Packet Filtering
One of the many powerful security technologies in z/OS Communications Server is IP packet filtering. From blocking unwanted protocols to limiting which outbound TCP connections are permitted, packet filters are a great tool for locking down access to your z/OS systems. Come to this session for an overview of packet filters on z/OS, configuration tips and some practical examples for creating useful filters that just might help you sleep better at night!
- Time: Aug 25, 2022 | 10:30 AM - 11:30 AM (EDT)
- Speaker: Chris Meyer
- Room: Delaware A
- ID: 53249
Lab: Network Configuration Assistant for z/OS CS Hands-on Labs - Choose Your Own Topic - Section 1 of 2
The "Network Configuration Assistant for z/OS Communications Server” (NCA) provides the capability for configuring the TCP/IP stack and policy-based networking and security. Starting with z/OS V2R5, you can now configure the zERT policy enforcement capability which allows you to take actions in real time based on the observed cryptographic attributes of inbound and outbound z/OS TCP connections. Come to this hands-on lab to become familiar with these capabilities. Choose from the following topics to get hands-on training for the specific area(s) of NCA that most interest you: - Create and modify the TCP/IP profile using NCA - Create and work with alternate configurations for TCP/IP failover and planned outages using NCA - Create zERT policy with NCA.
- Time: Aug 25, 2022 | 12:00 PM - 1:00 PM (EDT)
- Speaker: Mike Fox
- Room: Fairfield: HOL
- ID: 20871
Lab: Network Configuration Assistant for z/OS CS Hands-on Labs - Choose Your Own Topic - Section 2 of 2
The "Network Configuration Assistant for z/OS Communications Server” (NCA) provides the capability for configuring the TCP/IP stack and policy-based networking and security. Starting with z/OS V2R5, you can now configure the zERT policy enforcement capability which allows you to take actions in real time based on the observed cryptographic attributes of inbound and outbound z/OS TCP connections. Come to this hands-on lab to become familiar with these capabilities. Choose from the following topics to get hands-on training for the specific area(s) of NCA that most interest you: - Create and modify the TCP/IP profile using NCA - Create and work with alternate configurations for TCP/IP failover and planned outages using NCA - Create zERT policy with NCA.
- Time: Aug 25, 2022 | 1:15 PM - 2:15 PM (EDT)
- Speaker: Mike Fox
- Room: Fairfield: HOL
- ID: 20871
z/OS Communications Server Performance Update
z/OS Communications Server Performance Update In this session, the speaker will explore selected topics related to the performance of z/OS Communications Server (CS), with a particular focus on recent releases of z/OS Communications Server. Topics to be covered include the performance advantages of Shared Memory Communications, the networking cost of securing TCP connections, and more.
- Time: Aug 25, 2022 | 2:45 PM - 3:45 PM (EDT)
- Speaker: Mike Fitzpatrick
- Room: Delaware A
- ID: 70610
z/OS TCP/IP Cryptography Demystified
z/OS Communications Server offers full support for TLS/SSL (through its AT-TLS feature) and for IPSec to protect IP-based traffic as it traverses the network. In addition, z/OS supports SSH and related protocols through its OpenSSH server. All these protocols make heavy use of cryptography and leverage various cryptographic functions on the platform. This session will explore the key cryptographic software and hardware components that come into play for AT-TLS, IPsec and OpenSSH and will address common questions regarding when, where and how those cryptographic components are used.
- Time: Aug 25, 2022 | 4:00 PM - 5:00 PM (EDT)
- Speaker: Chris Meyer
- Room: Delaware D (live-stream)
- ID: 80623
Understanding z/OS Communication Server Storage Usage
If you have ever wondered how the z/OS Communications Server uses storage in your z/OS LPARs, this session is for you. The session will provide an overview and explanation of the z/OS Communications Server storage concepts and model - how TCP/IP and VTAM uses private storage, CSA, ECSA, CSM storage (ECSA, fixed, data spaces), etc. Updates on how z/OS Communications Server now exploits 64-bit storage will also be covered. The session will provide hints and tips about how to monitor z/OS Communications Server storage usage through display commands and RMF reports.
- Time: Aug 26, 2022 | 8:00 AM - 9:00 AM (EDT)
- Speaker: Mike Fitzpatrick
- Room: Delaware A
- ID: 58690
zERT Hints and Tips
IBM z/OS Encryption Readiness Technology (zERT) has given z/OS system programmers and auditors visibility into the cryptographic protection of z/OS TCP/IP and Enterpise Extender connections since z/OS V2R3. zERT data reveals which protocols are being used, which cryptographic algorithms have been selected, what are the key lengths involved, and more. This session will provide a short overview of the zERT capabilities and discuss some of the common questions zERT users have raised before, during and after zERTdeployment. Topic areas include: validating zERT configuration, importing and querying data into the zERT Network Analyzer, understanding reasons why sessions might be reported as being unprotected, and more.
- Time: Aug 26, 2022 | 9:15 AM - 10:15 AM (EDT)
- Speaker: Chris Meyer
- Room: Delaware A
- ID: 77072
Excited about the sessions?
Note: For those sessions that are held in a live-stream room, you can also sign up the virtual registration and join the session via live-stream remotely.