• Meet IBM’s New Security Architect for IBM i

  June 17, 2019 Alex Woodie

  Security isn’t just a feature of the IBM i operating system. It’s a fundamental concept that all IBM engineers share as they go about their business building and maintaining the system that’s used by over 120,000 organizations around the world. But when it comes to bringing it all together, there’s one person in charge of ensuring the operating system is as protected as it can be: the security architect.

  The security architect job has been held by several folks in the IBM Rochester lab over the years, including Patrick Botz, Carol Woodbury, and Jeff Uehling. Botz and Woodbury now work …

  Read more

• How IBM i 7.4 Improves Security

  May 1, 2019 Alex Woodie

  The unveiling of Db2 Mirror may have gotten the lion’s share of attention with last week’s introduction of IBM i enhancements. But IBM has also given its customer base some significant security upgrades with the new releases of IBM i, including enhancements to the Authority Collection and support for the latest over-the-wire encryption protocol.

  “Our big things are around those two main themes – availability as well as security,” says Alison Butterill, IBM i product offering manager at IBM. “Those are the two main themes. But we have lots of things across the board.”

  IBM gave customers significant new user-focused …

  Read more

• Guru: Serve Web Pages Safely Using A Reverse Proxy

  July 23, 2018 Alan Seiden

  If you are hosting a website or API from your IBM i server, but wish to reduce your worry about allowing access from the Internet, we often recommend a reverse proxy (or “gateway”) server. An industry-standard solution, a reverse proxy server acts as a layer of safety between your production server and your firewall. On IBM i, the IBM HTTP Server (powered by Apache) for i can act as a reverse proxy server, so there’s nothing additional to install.

  While there are several ways to set it up, one approach is to put the reverse proxy or gateway in a …

  Read more

• IBM Patches ‘ROBOT’ Flaw in IBM i Crypto Library

  February 21, 2018 Alex Woodie

  IBM has issued patches to fix a serious security problem in the IBM Global Security Kit, or GSKit, a relatively obscure crypto package that implements SSL/TLS encryption algorithms across a variety of IBM products, including IBM i. An old flaw in the underlying RSA crypto algorithm that could let hackers decrypt data in a “side channel” attack has resurfaced under a new moniker: “ROBOT.”

  GSKit is an IBM toolkit that implements various encryption-related functions, including symmetric and asymmetric ciphers, random number generation, hashing algorithms, and encryption key management capabilities, for products that need over-the-wire encryption, including IBM i, Linux, and …

  Read more

• IBM Teaches ACS New Tricks

  November 8, 2017 Alex Woodie

  Last month’s Technology Refreshes for IBM i 7.2 and 7.3 brought a number of enhancements to the operating system and the database. But one should not overlook the new stuff coming to IBM i Access Client Solutions (ACS), including changes to the 5250 emulator, extensions for database access, and security enhancements.

  ACS, in case you forgot, is the new go-to client interface that administrators, developers, engineers, and power users alike can use for handling a range of IBM i tasks. The Java-based product, which IBM unveiled back in August 2012, bundles a bunch of useful goodies into a single product, …

  Read more

• Top Ten New IBM i RFEs

  May 22, 2017 Alex Woodie

  Should IBM open source its database drivers, or add support for .NET? Should it add the latest SSL ciphers to IBM i 7.1? These are some of the changes that it has received through its new Web-based requests for enhancement (RFE) program on its developerWorks site.

  The new RFE functionality is only a few months old, but it’s already attracting the attention of IBM i professionals who want IBM to change things about the stack. It’s also getting attention from other IBM i pros who get to vote on them.

  Here are the top ten RFEs so far, ranked by …

  Read more

Next Articles