01 Feb, 2015
Text Size

Audience

The audience will be comprised of architects and administrators from both customer and business partner organisations. Security personnel may also benefit from this course if they are to be involved with the administration of WebSphereMQ security but they should already be familiar with the concepts of messaging and in particular as it applies to WebSphereMQ.

It is NOT suitable for a novice to attend this course. Students should be experienced WebSphereMQ or security personnel who have been identified as requiring the ability to set up and customise the MQ security infrastructure.

Prerequisites

The major prerequisite skill is in-depth knowledge of WebSphereMQ administration. This can be obtained from our WebSphereMQ Administration courses, for z/OS or for LUW.

To do the practical exercises, knowledge of the Windows environment is necessary.

A knowledge of security concepts and RACF administration (optional for z/OS sites) would be helpful.

Duration

2 days. Hands on.

This course is available on site only. Please call for details.

Course Objectives

The purpose of this course is to provide attendees with a detailed understanding of the requirements for creating a secure MQ environment and the techniques for its implementation. It will provide a mix of lecture sessions and lab exercises. It is expected that students will use this techniques to secure their own WebSphereMQ environments.

After completing this course you should be able to:

  • Define the following security concepts:
    • Authentication.
    • Non-repudiation.
    • Encryption and decryption.
    • Data integrity.
  • Describe how Secure Sockets Layer (SSL) works.
  • Implement SSL in WebSphereMQ.
  • Identify key issues associated with WebSphereMQ client security.
  • How to create specific and generic Profiles.
  • Secure WebSphereMQ objects using the OAM.
  • Understand context security and the use of alternate user authority.
  • User Exits.
  • Error Diagnosis.
  • Detail the additional considerations for using WebSphereMQ with RACF on zOS.

Course Content

Introduction.
Consolidation of MQ objects on which security is required.
Security Issues.
Overview of security concepts and facilities in WebSphereMQ Firewalls:
• Logon Security.
Principals.
Security Identifiers.
Z Security:
• Switch Profiles.
• MQ Admin.
Local and Remote:
• Groups.
Definition.
MQM Group.
Administering Groups on different Platforms:
• Profiles.
Discreet and Generic:
• Creation.
• Using MQ Explorer and Object Authorities.
• OAM.
Authorization Service Interface.
Access Control List.
When Security Checks are made.
OAM Commands:
• DSPMQAUT.
• DMPMQAUT.
• SETMQAUT.
Z Series.
How it is achieved.
How it is granted.
Resource Profiles.
RACF Classes.
SYSCASE.
API relationship.
Context Authority.
Message and Identity.
Content Programming.
Passing Content Authority.
Channel authority.
Channel Initiator.
Channel Parameters.
MCAUSER.
Message Channel Agent Exits.
Sockets Layer (SSL) explained:
• Implementing SSL in WebSphereMQ.
• SSL Handshake.
• Key Repository.
• Setting Up the Channels.
• Distinguished Names.
Clustering.
Good Security Practices.
Support Packs.

Search Public Courses

Course Contact Form

Please complete the form to enquire about running a course at your premises or one of our training facilities

Name:

Email:

Telephone:

Organisation:


Comment: