OverviewToday a sound understanding of security is essential for all of us working in IT. This one-day course is the ideal introduction to IBM's RACF, and is suitable for all technicians, administrators, support personnel and managers who will come across RACF in their daily work. It is also an ideal introduction to RACF for Systems Programmers and those training to be RACF Administrators. The course clearly explains the concepts and terminology of RACF, and introduces all the major RACF commands.<br><br>This course is also available for one-company, on-site presentations and for live presentation over the Internet, via the Virtual Classroom Environment service.
PrerequisitesAttendees should have a clear understanding of z/OS at a conceptual level.
Delegates will learn how to
- identify the need for security in business information systems
- explain all major RACF commands
- explain dataset and general resources
- understand how to connect users to groups
- understand the dataset related commands to manage both discrete and generic profiles
- understand the commands to manage general resources
- describe the audit facilities available in RACF
- use and explain the operation of the setropts management commands.
OutlineIntroduction to RACF
What is required of a security system?; IBM's Resource Access Control Facility (RACF); Main RACF/MVS components; How does RACF work?; RACF Profiles; RACF classes; Controlling access; RACF commands.Planning for RACF
Management commitment; Selecting a security planning and implementation team; Responsibilities of the implementation team; Deciding what to protect; Deciding how to protect data; Establishing ownership structures; Establishing who needs access.RACF Group Structure
RACF group structure; Group types; Data set owning groups; Users owning groups; General Resource groups; Concept of group and profile ownership; Administration delegation; Benefits of RACF groups; Defining RACF groups; Group CONNECT authority; Group profile contents; Group related commands.Defining Users to RACF
Information on users; RACF user information; DFP segment information; TSO segment information; OPERPARM segment information; NETVIEW segment information; CICS segment information; OMVS segment information; Defining a new User; Prepare to create the user profile; Create the User Profile; Give user access to any RACF-protected areas; User-related commands; User attributes; Classifying users and data; Security categories and levels; Security labels.Defining Data Sets to RACF
Data set related commands; Data set protection; Discrete profiles; Generic profiles; Rules for defining data set profiles; Naming Convention; Data set profile ownership; Defining Generic Profiles; Access authority for data sets; Adding data set profiles - ADDSD; Permitting access (PERMIT command).Defining General Resources
General Resource related commands; Class Descriptor Table (CDT); IBM-defined Resource Classes; Steps for defining General Resource profiles; Granting access to a General Resource; Global Access Table (GAT).Maintenance & Housekeeping
Maintenance and housekeeping activities; SETROPTS command options; Options for initial setup; In-storage profiles; SETROPTS REFRESH Option; Maintaining the RACF database(s); Maintenance utilities; Maintaining the Started Task Table; Data Security Monitor (DSMON).