WebSphereMQ SSL Security

AUDIENCE: The audience will be comprised of architects and administrators from both customer and business partner organisations. Security personnel may also benefit from this course if they are to be involved with the administration of WebSphere MQ security but they should already be familiar with the concepts of messaging and in particular as it applies to WebSphere MQ. It is NOT suitable for a novice to attend this course. Students should be experienced WebSphereMQ or security personnel who have been identified as requiring the ability to set up and customise the MQ security infrastructure.
PREREQUISITES: The major pre-requisite skill is in-depth knowledge of WebSphereMQ administration. To do the practical exercises knowledge of the Windows environment is necessary. The following additional skills will be very helpful:
· Knowledge of security concepts
· RACF administration (optional)

DURATION: 1 day.
OBJECTIVES: The purpose of this course is to provide attendees with a detailed understanding of the requirements for creating a secure MQ environment using SSL. It will provide a mix of lecture sessions and lab exercises. It is expected that students will use these techniques to secure their own WebSphere MQ environments. After completing this course you should be able to:
· Define the following security concepts:
Authentication
Non-repudiation
Encryption and decryption
Data integrity
· Describe how Secure Sockets Layer (SSL) works
· Implement SSL in WebSphere MQ v5.3
· Identify key issues associated with WebSphere MQ client security
· Detail the additional considerations for using WebSphere MQ and SSL with RACF on zOS

COURSE CONTENT:
Secure Sockets Layer (SSL) explained
Implementing SSL in WebSphere MQ
Exercise 1 - Configuring SSL between queue managers
Certificate Revocation Lists (CRL)
Client and cluster security with SSL
Exercise 4 - Client configuration
Implementing WebSphere MQ security with RACF
Summary