My concern about the requirement to run an anti-virus type program on z/VM is not that we don't need one, but that we don't have one to run. We do run a z/VM-CMS based webserver and with it we deliver binary files to end-users. Yes, this can and will be replaced by a linux/x86 solution, but our source of the data is currently z/VM-CMS based and under different circumstances the z/VM-CMS environment would be exploited more not less.
Without a z/VM-CMS based anti-virus type program to run against a specific set of files that are intended for delivery to end-users, I cannot promote the use of z/VM-CMS based webservers. /Tom Kern Alan Altmark wrote: > ... snipped... > On Tuesday, 06/08/2010 at 11:11 EDT, Michael Coffin > <michaelcof...@mccci.com> wrote: >> One of my favorites is the requirement to regularly run software > approved for >> the purpose of identifying and controlling ?malicious code?. There is > no such >> thing in a z/VM CMS environment, since there is no ?malicious code? no >> ?malicious code scanning program? has ever been written. > > I beg to differ. Before you discard it out of hand, consider the effect > of the requirement on your ability to host e-mail using z/VM IMAP. In > that case you would be actively looking for an e-mail scanner that could > read the IMAP data store. Since it's in SFS, that means you need a > CMS-based scanner. Or you might instead have a compensating control that > inspects traffic flowing to/from IMAP. > > ...more snipped...
