22 Aug, 2014
Text Size

Audience

The audience will be comprised of architects and administrators from both customer and business partner organisations. Security personnel may also benefit from this course if they are to be involved with the administration of WebSphere MQ security but they should already be familiar with the concepts of messaging and in particular as it applies to WebSphere MQ. It is NOT suitable for a novice to attend this course. Students should be experienced WebSphere MQ or security personnel who have been identified as requiring the ability to set up and customise the MQ security infrastructure.

Prerequisites

The major pre-requisite skill is in-depth knowledge of WebSphere MQ administration. This can be obtained from our WebSphere MQ Administration course. To do the practical exercises knowledge of the Windows environment is necessary. A knowledge of security concepts and RACF administration (optional for z/OS sites) would be helpful.

Duration

2 days. Hands on.

Course Objectives

The purpose of this course is to provide attendees with a detailed understanding of the requirements for creating a secure MQ environment and the techniques for its implementation. It will provide a mix of lecture sessions and lab exercises. It is expected that students will use this techniques to secure their own WebSphere MQ environments. After completing this course you should be able to:

  • Define the following security concepts: Authentication; Non-repudiation; Encryption and decryption; Data integrity
  • Describe how Secure Sockets Layer (SSL) works
  • Implement SSL in WebSphere MQ
  • Identify key issues associated with WebSphere MQ client security
  • How to create specific and generic Profiles
  • Secure WebSphere MQ objects using the OAM
  • Understand context security and the use of alternate user authority
  • User Exits
  • Error Diagnosis
  • Detail the additional considerations for using WebSphere MQ with RACF on zOS

Course Content

Introduction
Consolidation of MQ objects on which security is required
Security Issues
Overview of security concepts and facilities in WebSphere MQ Firewalls
Logon Security
Principals
Security Identifiers
Z Security
Switch Profiles
MQ Admin
Local and Remote
Groups
Definition
MQM Group
Administering Groups on different Platforms
Profiles
Discreet and Generic
Creation
Using MQExplorer and Object Authorities
OAM
Authorization Service Interface
Access Control List
When Security Checks are made
OAM Commands
DSPMQAUT
DMPMQAUT
SETMQAUT
Z Series
How it is achieved
How it is granted
Resource Profiles
RACF Classes
SYSCASE
API relationship
Context Authority
Message and Identity
Content Programming
Passing Content Authority
Channel authority
Channel Initiator
Channel Parameters
MCAUSER
Message Channel Agent Exits
Sockets Layer (SSL) explained
Implementing SSL in WebSphere MQ
SSL Handshake
Key Repository
Setting Up the Channels
Distinguished Names
Clustering
Good Security Practices
Support Packs

Course Contact Form

Please complete the form to enquire about running a course at your premises or one of our training facilities

Name:

Email:

Telephone:

Organisation:


Comment: