AUDIENCE:   The audience will be comprised of architects and administrators from both customer and business partner organisations. Security personnel may also benefit from this course if they are to be involved with the administration of WebSphereMQ security but they should already be familiar with the concepts of messaging and in particular as it applies to WebSphereMQ. Students should be experienced WebSphereMQ or security personnel who have been identified as requiring the ability to set up and customise the MQ security infrastructure. It is NOT suitable for a novice to attend this course. PREREQUISITES:   The major pre-requisite skill is in-depth knowledge of WebSphereMQ administration. This can be obtained from our WebSphereMQ Administration course. To do the practical exercises knowledge of the Windows environment is necessary. A knowledge of security concepts and RACF administration (optional for z/OS sites) would be helpful. DURATION:   2 days. Hands on. OBJECTIVES:   The purpose of this course is to provide attendees with a detailed understanding of the requirements for creating a secure MQ environment and the techniques for its implementation. It will provide a mix of lecture sessions and lab exercises. It is expected that students will use this techniques to secure their own WebSphereMQ environments. After completing this course you should be able to: · Define the following security concepts: Authentication Non-repudiation Encryption and decryption Data integrity · Describe how Secure Sockets Layer (SSL) works · Implement SSL in WebSphere MQ v5.3 · Identify key issues associated with WebSphereMQ client security · Configure WebSphereMQ for use with firewalls · Secure WebSphereMQ objects using the OAM · Understand context security and the use of alternate user authority · Detail the additional considerations for using WebSphereMQ with RACF on z/OS COURSE CONTENT:   Day 1 Overview of security concepts and facilities in WebSphereMQ Firewalls Secure Sockets Layer (SSL) explained Implementing SSL in WebSphereMQ Exercise 1 – Configuring SSL between queue managers MQSeries Internet Pass Thru Certificate Revocation Lists (CRL) Exercise 2 – MQ Internet Pass-Thru Day 2 Object Authority Manager (OAM) Exercise 3 – Defining object access using the OAM Context security and alternate user authority Client and cluster security issues Exercise 4 – Client configuration Implementing WebSphereMQ security with RACF Security packages WebSphereMQ security review and recommendations KM07/01