On Friday, 04/17/2009 at 11:03 EDT, Harold Grovesteen <[email protected]> wrote:
> >No, it has nothing to do with certification. In the evaluated > >configuration, RACF is present and is protecting all Guest LANs and > >VSWITCHes. When an ESM is active, even unrestricted Guest LANs are under > >ESM control. If you want everyone to freely access a virtual network, you > >must explicitly say so. [Note: The z/VM EAL 4+ common critieria > >certification only applies to the evaluated configuration. No claims are > >made for other configurations.] > > > Does that configuration assume an ESM? I'm new to security being thrown > into it by PCI at my organization. Yes. The EAL 4+ certification applies to - z/VM 5.3 - with RACF - accessed using the VM Telnet server or local non-SNA terminals - configured as described in the z/VM Secure Configuration Guide z/VM 5.4 was designed and developed using the same processes and procedure to meet the same standards, but has not been formally evaluated. Alan Altmark z/VM Development IBM Endicott ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
