£1,725.00

Price for this course

3 HOURS

Duration

Classroom IBM

Delivery

Available dates


Mon15Feb 21 TO Wed17Feb 21

Where

Tech Data ILO UK
Connection details will be communicated separately
Instructor Led
Online

Code

TR-664614
Mon17May 21 TO Wed19May 21

Where

Tech Data ILO UK
Connection details will be communicated separately
Instructor Led
Online

Code

TR-664615

Overview

Organizations are compelled to find effective and cost-efficient data security solutions.

Encryption is one of the technologies that enables organizations to reduce the cost, impact and even likelihood of a breach. Encrypting data can help companies meet the stringent mandates of the GDPR, HIPAA and other mandates.

IBM z15 has been designed for pervasive encryption, enabling organizations to encrypt 100% of an organization’s IBM Z critical business data in-flight and at-rest, with no application changes and no impact to SLAs. Encrypting only the data required to meet compliance mandates should be considered a minimum threshold, not a best practice. IBM z15 makes pervasive encryption the new standard in data protection and the foundation of a larger data security and protection strategy.

z/OS is designed to provide new policy-based encryption options that take full advantage of the improvements in the z15 platform. These new capabilities include:

Data set encryption, which is one aspect of pervasive encryption, provides enhanced data protection for many z/OS data sets gives users the ability to encrypt data without needing to make changes to applications to embed encryption APIs within applications.

New z/OS policy controls which make it possible to use pervasive encryption to protect user data and simplify the task of compliance for many z/OS data sets, zFS file systems, and Coupling Facility structures.

Pervasive encryption for IBM Z® is a consumable approach to enable extensive encryption of data in-flight and at-rest to substantially simplify encryption and reduce costs associated with protecting data.

In this course you will learn how to implement Pervasive Encryption in your z/OS installation. The course explores in detail, the various technologies that are involved in z System and z/OS Cryptographic Services, ICSF, RACF and DFSMS access method Services.

In the hands-on exercises, you begin with the setup of your hardware crypto environment (CCA crypto express and CPACF), then you will load and activate your AES master keys, setup ICSF and its Key datasets (CKDS PKDS TKDS), then define your data encryption keys, activate your data set encryption policy, and encrypt your data sets and zFS filesystems.

These exercises reinforce the concepts and technologies being covered in the lectures.

Audience

This class is intended for z/OS system programmers and security specialists in charge of designing, implementing and monitoring Pervasive Encryption on z/OS.

Prerequisites

  • General z/OS knowledge, including basic UNIX System Services skills

  • Basic knowledge of RACF

  • Curriculum relationship

    o [ES66G]

Objective

After completing this course, you should be able to:

  • Describe the components of Pervasive Encryption on z/OS

  • Explain the role of encryption for data protection

2

  • Implement hardware crypto on your z System

  • Load and activate AES Master Keys

  • Implement and start ICSF

  • Understand the differences between secure keys clear keys and protected keys

  • Describe how are key values used for encryption and decryption

  • Generate, maintain and manage Keys

  • Setup access to key labels

  • Setup policy to supply key label (RACF SMS JCL)

  • Access data in encrypted data sets

  • Create encrypted data sets - Supplying key labels

  • Convert existing data sets to encryption

  • Verify encryption status

  • Encrypt Data in Transit

  • Encrypt Data at Rest

  • Manage data sets, data keys, and key labels

Course Outline

  • Describe the components of Pervasive Encryption on z/OS

  • Explain the role of encryption for data protection

2

  • Implement hardware crypto on your z System

  • Load and activate AES Master Keys

  • Implement and start ICSF

  • Understand the differences between secure keys clear keys and protected keys

  • Describe how are key values used for encryption and decryption

  • Generate, maintain and manage Keys

  • Setup access to key labels

  • Setup policy to supply key label (RACF SMS JCL)

  • Access data in encrypted data sets

  • Create encrypted data sets - Supplying key labels

  • Convert existing data sets to encryption

  • Verify encryption status

  • Encrypt Data in Transit

  • Encrypt Data at Rest

  • Manage data sets, data keys, and key labels



FAQs

What do I need to bring with me to my public class?

All required learning materials and equipment are provided in the classroom.

 

 

 

 

When do public training course fees have to be paid?

For public training classes payment must be received no later than three business days prior to the first day of class in order to remain in the class and confirm your seat. Failure to provide payment by this date may result in removal from the class, and/or late cancellation fees applied. You can submit payment in the form of a Purchase Order or credit card.

 

 

 

 

On-site (private) Course Pricing:

To find out more about On-site training e-mail us at enablement@agilesolutions.co.uk or call one of our offices.

 

 

 

 

What is the cancellation policy?

Requests for cancellations or date transfers need to be received at least ten (10) business days prior to the event start date in order to receive a full refund. If a cancellation or reschedule request is received less than ten (10) business days before the start date, the penalty of 100% of the cost of the course will be applied, resulting in no amount of the fee being refunded. Refunds will not be allowed for “no-shows” in our public training or IVA courses. This cancellation policy is strictly enforced.

 

 

 

 

What happens if Agile Solutions needs to cancel or reschedule a course?

Agile Solutions reserves the right to cancel events for any reason at any time. Cancellation liability for Agile Solutions, if Agile Solutions cancels the course, is limited to the return of course payment ONLY. Agile Solutions will not reimburse registrants for any other costs including but not limited to any travel cancellation fees or penalties, including airfare and hotel costs. PLEASE NOTE: If your registration status is either “Approved”, or “Pending Payment” you have not been confirmed for the class and it is recommended that you do not make any travel arrangements until you have received a confirmation e-mail letting you know the class and registration is confirmed.

 

 

 

 

How will I know if my course has been rescheduled?

Agile Solutions reserves the right to reschedule or cancel a course due to low enrollment or if necessitated by other circumstances. Agile Solutions will contact you via e-mail or phone to inform you of the change of schedule. Once you have been notified you may reschedule or receive a full credit. Agile Solutions shall not be liable for any other costs including but not limited to any non-refundable travel arrangements if a course is rescheduled or cancelled.