Filter
Top Products
When confi gured at 1 Gbps, the 1000BASE-T Ethernet fea-
ture operates in full duplex mode only and supports jumbo
frames when in QDIO mode (CHPID type OSD).
OSA-Express QDIO data connection isolation for the z/VM
environment
Multi-tier security zones are fast becoming the network
confi guration standard for new workloads. Therefore, it is
essential for workloads (servers and clients) hosted in a
virtualized environment (shared resources) to be protected
from intrusion or exposure of data and processes from
other workloads.
With Queued Direct Input/Output (QDIO) data connection
isolation you:
• Have the ability to adhere to security and HIPAA-security
guidelines and regulations for network isolation between
the operating system instances sharing physical network
connectivity
• Can establish security zone boundaries that have been
defi ned by your network administrators
• Have a mechanism to isolate a QDIO data connec-
tion (on an OSA port), ensuring all internal OSA routing
between the isolated QDIO data connections and all
other sharing QDIO data connections is disabled. In this
state, only external communications to and from the iso-
lated QDIO data connection are allowed. If you choose
to deploy an external fi rewall to control the access
between hosts on an isolated virtual switch and sharing
LPARs then an external fi rewall needs to be confi gured
and each individual host and or LPAR must have a route
added to their TCP/IP stack to forward local traffi c to the
fi rewall.
Internal “routing” can be disabled on a per QDIO connec-
tion basis. This support does not affect the ability to share
an OSA-Express port. Sharing occurs as it does today, but
the ability to communicate between sharing QDIO data
connections may be restricted through the use of this sup-
port. You decide whether an operating system’s or z/VM’s
Virtual Switch OSA-Express QDIO connection is to be non-
isolated (default) or isolated.
QDIO data connection isolation applies to the device
statement defi ned at the operating system level. While
an OSA-Express CHPID may be shared by an operating
system, the data device is not shared.
QDIO data connection isolation applies to the z/VM 5.3 and
5.4 with PTFs environment and to all of the OSA-Express3
and OSA-Express2 features (CHPID type OSD) on System
z10 and to the OSA-Express2 features on System z9.
Network Traffi c Analyzer
With the large volume and complexity of today’s network
traffi c, the z10 EC offers systems programmers and
network administrators the ability to more easily solve
network problems. With the introduction of the OSA-
Express Network Traffi c Analyzer and QDIO Diagnostic
Synchronization on the System z and available on the z10
EC, customers will have the ability to capture trace/trap
data and forward it to z/OS 1.8 tools for easier problem
determination and resolution.
This function is designed to allow the operating system
to control the sniffer trace for the LAN and capture the
records into host memory and storage (fi le systems), using
existing host operating system tools to format, edit, and
process the sniffer records.
OSA-Express Network Traffi c Analyzer is exclusive to the
z10 EC, z10 BC, z9 EC and z9 BC, and is applicable to the
OSA-Express3 and OSA-Express2 features when confi gured
as CHPID type OSD (QDIO), and is supported by z/OS.
Dynamic LAN idle for z/OS
Dynamic LAN idle is designed to reduce latency and
improve network performance by dynamically adjusting
the inbound blocking algorithm. When enabled, the z/OS
TCP/IP stack is designed to adjust the inbound blocking
algorithm to best match the application requirements.
28