Mainframe Hardening Standards

Jey_P
Jey_P used Ask the Experts™
on
Hi ..

Please direct me , where i can find mainframe hardening Standards? Are anyone using mainframe hardening standards ? I did check CIS as well, there are no Standards available for Mainframe.

Regards,
JP
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
bbaoIT Consultant
Commented:
better be specific and give the model of your mainframe please?
Gary PattersonVP Technology / Senior Consultant
Commented:
"Mainframe" covers a lot of territory.  If you mean IBM z Systems when you say "mainframe", then these three IBM Redbooks are a good place to start to learn about mainframe security hardening:

http://www.redbooks.ibm.com/Redbooks.nsf/RedbookAbstracts/sg247803.html?Open
http://www.redbooks.ibm.com/Redbooks.nsf/RedbookAbstracts/sg248195.html?Open
http://www.redbooks.ibm.com/Redbooks.nsf/RedbookAbstracts/sg248196.html?Open
btanExec Consultant
Distinguished Expert 2018
Commented:
I see it more of IBM z/OS. Can check out the NIST NVD benchmark
https://web.nvd.nist.gov/view/ncp/repository?product=IBM+z%2fOS+Version+2%2c+Release+1&startIndex=0
Fundamentals of JavaScript

Learn the fundamentals of the popular programming language JavaScript so that you can explore the realm of web development.

Jey_PIT Security Eng

Author

Commented:
I've requested that this question be deleted for the following reason:

I am deleting this question , I do not have  proper answer .
btanExec Consultant
Distinguished Expert 2018

Commented:
The question asked for Mainframe hardening guide. The experts shared the various guide as advice. If they are not valid or relevant pls do state so instead of just deleting the question. For kind assessment.
bbaoIT Consultant

Commented:
agree with btan.

you didn't ask a proper question so you don't have a proper answer. that's it.
Top Expert 2014

Commented:
Agree with btan and "Bing CISM / CISSP".

A "mainframe" is not a operating system, it is a term that today generally refers to IBM zSystem class servers.  These servers can run different operating systems and products and each one has their own standards for securing.

Your question is like asking "how do I harden a x86 server?"

You don't harden hardware from a security point of view, you restrict physical access to it.  You "harden" an operating system and the software you run on that operating system.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial