z86VM Security Summary

Secure by Design

The security of any infrastructure requires a proper balance of People, Process and Technology. The more People and Process, however, the greater the risk to the overall environment, due to errors of omission or sabotage. The base IBM Z technology includes a number of built in technological features that reduce or mitigate risks.

IBM Z server – PR/SM LPAR

  • The IBM Z server has achieved the Common Criteria’s EAL5 rating for the design and implementation of its logical partitioning capability.
  • running multiple operating systems within a single server and ensuring that one virtual server cannot detrimentally affect the actions of another virtual server.
  • the server can run at 100% utilization at all times.
  • Service Level Agreements can be established to provide priority service to specific partitions.
  • Partitions do not have to dedicate processors, memory or storage to them

z/VM Hypervisor

  • This is a second level of virtualization that can run within one logical partition of the IBM Z.
  • Evaluated for the Common Criteria and has achieved an EAL4+ rating.
  • IBM Z has a processor facility that will enable z/VM to have direct control of underlying processors and memory
  • z/VM is capable of running 10’s of thousands of virtual guest images in a single partition.
  • z/VM can run at 100% utilization without fear of fail over.
  • Virtual guests cannot compromise the security of other virtual guests.

For both PR/SM LPAR and z/VM, new processors can be brought online or removed from the server non-disruptively to provide the greatest scaling on demand. This simplifies security as no new security definitions or domains need to be created to allow for the capacity changes.

z86VM

  • another level of virtualization running within the z/VM environment.
  • Each x86 guest runs as a separate virtual machine under z/VM
  • Each x86 operating system image is protected from other guest images by the compartmentalization inherent within z/VM
  • Security servers, such as Active Directory or LDAP servers should be running as independent x86 virtual machines within IBM Z.
  • leverages internal hardware communications between guests to reduce the network topology necessary for the x86 operating systems.

How this compares to native x86 server virtualization

Security evaluation of the x86 hardware

Not all hardware architectures are created equal.

  • the Intel Itanium processor contains more basic security technology within its architecture than the x86 varieties
  • Both Itanium and x86 processors have far less security functionality and capabilities in their architectures than the System z server
  • x86 servers do not have the granularity of compartmentalization that IBM Z has.
  • x86 may need to dedicate processors, memory, network connections and storage to an individual virtual machine to ensure compartmentalization or isolation of workloads.
  • the processor utilization is typically less than 60% for fear of taking an outage when the server runs short on storage.

Security evaluation of x86 hypervisors

  • There are a variety of proprietary and open source hypervisors in the market today.
  • When those vendors have their code evaluated, the target of evaluation is typically to a specific hardware product.
  • Because the combination of hardware server and software hypervisor is required to provide full compartmentalization, it is never to the scale possible with a IBM Z server.

Additional products or features necessary for x86 hypervisors

  • the opportunity to fully embrace and design the security from the ground up is less likely to occur.
  • for many x86 servers and hypervisors, additional priced products are required to achieve a greater level of security.
  • those priced offerings may not have the capabilities that come with the basic IBM Z server and z/VM hypervisor from IBM.

Scaling of solutions adds complexity to x86 operations

  • Anytime more than one server box is required to achieve scale, there are additional controls necessary for clustering and managing security.
  • people and processes may lead to either unintentional or intentional errors that may compromise security.
  • IBM Z provides an ability to host more work with less effort than alternative architectures.
  • IBM Z can run at a lower cost than alternatives as there are far few parts and environmental costs

Collaboration vs. Compartmentalization

No server is an island.

  • No single server is ever going to satisfy the needs of an end user or business, whether it is an x86 system, UNIX or mainframe computer.
  • those servers are accessed by PC’s or Smartphones.
  • the security of the end users’ devices is also going to dictate how good the security of the backend servers are.
  • There have been many known hacks where an end user’s device has been compromised and is then used to attack other server infrastructure.
  • IT Security compartmentalization has led to breaches in retail, finance and public sector businesses.

How many copies are enough?

  • Anytime that data and applications are copied or moved to another system, security policies need to be inherited
  • When separate IT organizations lack in communication, mistakes are often made.
  • the fewer organizations and control points involved, the lower the opportunity to make mistakes and compromise the overall security of an end to end workflow.
  • IBM Z, with its ability to run both the z architecture and now x86 32-bit architecture, can greatly simplify the operational environment

IBM Z, a safe and secure home for multiple workloads and multiple architectures

All IT budgets have expenses associated with hardware, software and environmental components. When using IBM Z, including z86VM, as part of an end to end solution, any business should be able to:

  • Reduce initial acquisition costs by taking some costs out of the solution
  • Reduce operational costs and deployment risks
  • Leverage existing investments wherever possible
  • Provide investment protection and continued cost benefits through future technology deployment
  • Improve the security and resilience of the deployed solution