Feed aggregator

IBM i and IBM Storwize Family: A Practical Guide to Usage Scenarios

IBM News Feed - Tue, 04/22/2014 - 13:30
Redbook, published: Tue, 22 Apr 2014

- Explaining VIOS from an IBM i perspective
- Using PowerHA together with IBM Storwize Familyy
- Configuring BRMS in a high available solution

The use of external storage and the benefits of virtualization became a topic of discussion in the IBM® i area during the last several years.

DS8000 Thin Provisioning

IBM News Feed - Wed, 04/16/2014 - 13:30
Draft Redpaper, last updated: Wed, 16 Apr 2014

- Avoid allocating unused capacity
- Read about new ESE repository capability and new controls
- Understand applications and OS implications

Ever-increasing storage demands have a negative impact on an organization's IT budget and complicate the overall storage infrastructure and management.

IBM PowerVC Version 1.2 Introduction and Configuration

IBM News Feed - Wed, 04/16/2014 - 13:30
Draft Redbook, last updated: Wed, 16 Apr 2014

- Just 20 minutes to get a virtual machine up and running
- Deep integration with PowerVM virtualization technologies
- Intelligent virtual machine deployment

IBM PowerVC is an advanced enterprise virtualization management offering for IBM Power Systems based on the OpenStack technology.

Modernize IBM i Applications from the Database up to the User Interface and Everything in Between

IBM News Feed - Wed, 03/26/2014 - 13:30
Draft Redbook, last updated: Wed, 26 Mar 2014

- Learn about best practices for modern development
- Use modern tools for a modern world
- Incorporate data-centric programming for ensured success

This IBM Redbooks publication is focused on melding industry best practices with the unique needs of the IBM i community and providing a holistic view of modernization.

IBM i Reorganize Physical File Member

IBM News Feed - Mon, 03/10/2014 - 13:30
Redpaper, published: Mon, 10 Mar 2014

This IBM® Redpaper™ publication describes the IBM i Reorganize Physical File Member (RGZPFM) command and some of the recent enhancements to this command.

Pushing the Limit: Using Very Large Database Capabilities with DB2 for i

IBM News Feed - Fri, 03/07/2014 - 13:30
Redpaper, published: Fri, 7 Mar 2014

In IBM® i 7.1 with the latest Technology Refresh updates, the maximum size of an SQL index increased to 1.7 TB, allowing users to take advantage of Very Large Database (VLDB) capabilities.

IBM PowerVM Enhancements What is new in 2013

IBM News Feed - Fri, 02/21/2014 - 13:30
Draft Redbook, last updated: Fri, 21 Feb 2014

- PowerVP and mobile CoD activations explained
- Shared Storage Pool enhancements explained
- Power Integrated Facility for Linux discussed

IBM Power Systems servers coupled with PowerVM technology are designed to help clients build a dynamic infrastructure, helping to reduce costs, manage risk, and improve service levels.

IBM i Reorganize Physical File Member

IBM News Feed - Thu, 02/20/2014 - 13:30
Draft Redpaper, last updated: Thu, 20 Feb 2014

This IBM® Redpaper™ publication describes the IBM i Reorganize Physical File Member (RGZPFM) command and some of the recent enhancements to this command.

IBM i Technical Overview with Technology Refresh Redbook

IBM News Feed - Mon, 02/17/2014 - 13:30
Draft Redbook, last updated: Mon, 17 Feb 2014

- Enriched database functionality and enhanced graphical environments for application development
- Boosted efficiency with virtualization and effective utilization of system resources
- Easier deployment of new features with technology refreshes

This IBM Redbooks publication introduces a technical overview of the new features, functions, and enhancements available in IBM i 7.1.

Pushing the Limit: Using Very Large Database Capabilities with DB2 for i

IBM News Feed - Fri, 02/14/2014 - 13:30
Draft Redpaper, last updated: Fri, 14 Feb 2014

In IBM® i 7.1 with the latest Technology Refresh updates, the maximum size of an SQL index increased to 1.7 TB, allowing users to take advantage of Very Large Database (VLDB) capabilities.

IBM i and IBM Storwize Family: A Practical Guide to Usage Scenarios

IBM News Feed - Thu, 02/13/2014 - 13:30
Draft Redbook, last updated: Thu, 13 Feb 2014

- Explaining VIOS from an IBM i perspective
- Using PowerHA together with IBM Storwize Familyy
- Configuring BRMS in a high available solution

The use of external storage and the benefits of virtualization became a topic of discussion in the IBM® i area during the last several years.

IBM DB2 Web Query for i Version 2.1 Implementation Guide

IBM News Feed - Mon, 01/27/2014 - 13:30
Redbook, published: Mon, 27 Jan 2014

- Follow the best practice guides to simplify report development
- Take your reporting to the next level of Business Intelligence
- Learn DB2 Web Query by using the easy-to-follow tutorials

Business Intelligence (BI) is a broad term relating to applications designed to analyze data for purposes of understanding and acting on the key metrics that drive profitability in an enterprise.

Explore New Solutions with IBM PowerVM Enhancements

IBM News Feed - Wed, 01/15/2014 - 13:30
Web Doc, published: Wed, 15 Jan 2014

This IBM® Redbooks® Solution Guide describes a set of highly anticipated features for the IBM PowerVM® Virtual I/O Server V2.2.3, which are applicable to small and medium businesses and to large enterprises alike.

Implementing IBM Power Virtualization Center in Your Data Center

IBM News Feed - Wed, 01/15/2014 - 13:30
Web Doc, published: Wed, 15 Jan 2014

This IBM® Redbooks® Solution Guide describes IBM Power Virtualization Center (PowerVC), the next generation of enterprise virtualization management for IBM Power Systems™.

TA13-051A: Oracle Java Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: February 20, 2013 | Last revised: -- Systems Affected Any system using Oracle Java including JDK and JRE 7 Update 13 and earlier JDK and JRE 6 Update 39 and earlier JDK and JRE 5.0 Update 39 and earlier SDK and JRE 1.4.2_41 and earlier Web browsers using the Java plug-in are at high risk. Overview Multiple vulnerabilities in Java could allow an attacker to execute arbitrary code on a vulnerable system. Description The Oracle Java SE Critical Patch Update Advisory Update for February 2013 addresses multiple vulnerabilities in the Java Runtime Environment (JRE). An additional five fixes that had been previously planned for delivery are in this update. This distribution therefore completes the content for all originally planned fixes to be included in the Java SE Critical Patch Update for February 2013.  Both Java applets delivered via web browsers and stand-alone Java applications are affected, however web browsers using the Java plug-in are at particularly high risk. The Java plug-in, the Java Deployment Toolkit plug-in, and Java Web Start can be used as attack vectors. An attacker could use social engineering techniques to entice a user to visit a link to a website hosting a malicious Java applet. An attacker could also compromise a legitimate website and upload a malicious Java applet (a "drive-by download" attack). Some vulnerabilities affect stand-alone Java applications, depending on how the Java application functions and how it processes untrusted data. Reports indicate that at least one of these vulnerabilities is being actively exploited. Impact By convincing a user to load a malicious Java applet or Java Network Launching Protocol (JNLP) file, an attacker could execute arbitrary code on a vulnerable system with the privileges of the Java plug-in process. Stand-alone java applications may also be affected. Solution Update Java The Oracle Java SE Critical Patch Update Advisory Update for February 2013 states that Java 7 Update 15 and Java 6 Update 41 address these vulnerabilities. Disable Java in web browsers These and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered. To defend against this and future Java vulnerabilities, consider disabling Java in web browsers until adequate updates have been installed. As with any software, unnecessary features should be disabled or removed as appropriate for your environment. Starting with Java 7 Update 10, it is possible to disable Java content in web browsers through the Java control panel applet. From Setting the Security Level of the Java Client: For installations where the highest level of security is required, it is possible to entirely prevent any Java apps (signed or unsigned) from running in a browser by de-selecting Enable Java content in the browser in the Java Control Panel under the Security tab. If you are unable to update to at least Java 7 Update 10, please see the solution section of Vulnerability Note VU#636312 for instructions on how to disable Java on a per-browser basis. Restrict access to Java applets Network administrators unable to disable Java in web browsers may be able to help mitigate these and other Java vulnerabilities by restricting access to Java applets using a web proxy. Most web proxies have features that can be used to block or whitelist requests for .jar and .class files based on network location. Filtering requests that contain a Java User-Agent header may also be effective. For environments where Java is required on the local intranet, the proxy can be configured to allow access to Java applets hosted locally, but block access to Java applets on the internet. References Oracle Java SE Critical Patch Update Advisory Update - February 2013 Setting the Security Level of the Java Client The Security Manager How to disable the Java web plug-in in Safari How to turn off Java applets NoScript Securing Your Web Browser Vulnerability Note VU#636312 Revision History February 20, 2013: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA13-043B: Microsoft Updates for Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: February 12, 2013 | Last revised: -- Systems Affected Microsoft Windows Microsoft Internet Explorer Microsoft Office Microsoft Server Software Microsoft .NET Framework Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for February 2013 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply Updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for February 2013, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References Microsoft Security Bulletin Summary for February 2013 Microsoft Windows Server Update Services Microsoft Update Microsoft Update Overview Turn Automatic Updating On or Off Revision History February 12, 2013: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA13-043A: Adobe Updates for Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: February 12, 2013 | Last revised: -- Systems Affected Adobe Flash Player 11.5.502.149 and earlier versions for Windows and Macintosh Adobe Flash Player 11.2.202.262 and earlier versions for Linux Adobe Flash Player 11.1.115.37 and earlier versions for Android 4.x Adobe Flash Player 11.1.111.32 and earlier versions for Android 3.x and 2.x Adobe AIR 3.5.0.1060 and earlier versions Adobe AIR 3.5.0.1060 SDK and earlier versions Adobe Shockwave Player 11.6.8.638 and earlier versions for Windows and Macintosh Overview Select Adobe software products contain multiple vulnerabilities. Adobe has released updates to address these vulnerabilities. Description Adobe Security Bulletin APSB13-05 and APSB13-06 describe multiple vulnerabilities in Adobe software. Adobe has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply Updates Adobe has provided updates for these vulnerabilities in Adobe Security Bulletin APSB13-05 and APSB13-06. References APSB13-05: Security updates available for Adobe Flash Player APSB13-06: Security updates available for Adobe Shockwave Player Revision History February 12, 2013: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA13-032A: Oracle Java 7 Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: February 01, 2013 | Last revised: -- Systems Affected Any system using Oracle Java 7 (1.7, 1.7.0) including Java Platform Standard Edition 7 (Java SE 7) Java SE Development Kit (JDK 7) Java SE Runtime Environment (JRE 7) All versions of Java 7 before Update 13 are affected. Web browsers using the Java 7 plug-in are at high risk. Overview Multiple vulnerabilities in Java 7 could allow an attacker to execute arbitrary code on a vulnerable system. Description The Oracle Java SE Critical Patch Update Advisory for February 2013 addresses multiple vulnerabilities in the Java Runtime Environment (JRE). Both Java applets delivered via web browsers and stand-alone Java applications are affected, however web browsers using the Java 7 plug-in are at particularly high risk. Java 7 versions below Update 13 are affected. The Java 7 plug-in, the Java Deployment Toolkit plug-in, and Java Web Start can be used as attack vectors. An attacker could use social engineering techniques to entice a user to visit a link to a website hosting a malicious Java applet. An attacker could also compromise a legitimate web site and upload a malicious Java applet (a "drive-by download" attack). Some vulnerabilities affect stand-alone Java applications, depending on how the Java application functions and how it processes untrusted data. Reports indicate that at least one of these vulnerabilities is being actively exploited. Further technical details are available in Vulnerability Note VU#858729. Impact By convincing a user to load a malicious Java applet or Java Network Launching Protocol (JNLP) file, an attacker could execute arbitrary code on a vulnerable system with the privileges of the Java plug-in process. Stand-alone java applications may also be affected. Solution Update Java The Oracle Java SE Critical Patch Update Advisory for February 2013 states that Java 7 Update 13 addresses these vulnerabilities. Disable Java in web browsers These and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered. To defend against this and future Java vulnerabilities, consider disabling Java in web browsers until adequate updates have been installed. As with any software, unnecessary features should be disabled or removed as appropriate for your environment. Starting with Java 7 Update 10, it is possible to disable Java content in web browsers through the Java control panel applet. From Setting the Security Level of the Java Client: For installations where the highest level of security is required, it is possible to entirely prevent any Java apps (signed or unsigned) from running in a browser by de-selecting Enable Java content in the browser in the Java Control Panel under the Security tab. If you are unable to update to at least Java 7 Update 10 please see the solution section of Vulnerability Note VU#636312 for instructions on how to disable Java on a per-browser basis. Restrict access to Java applets Network administrators unable to disable Java in web browsers may be able to help mitigate these and other Java vulnerabilities by restricting access to Java applets using a web proxy. Most web proxies have features that can be used to block or whitelist requests for .jar and .class files based on network location. Filtering requests that contain a Java User-Agent header may also be effective. For environments where Java is required on the local intranet, the proxy can be configured to allow access to Java applets hosted locally, but block access to Java applets on the internet. References Vulnerability Note VU#858729 Oracle Java SE Critical Patch Update Advisory - February 2013 Setting the Security Level of the Java Client The Security Manager How to disable the Java web plug-in in Safari How to turn off Java applets NoScript Securing Your Web Browser Vulnerability Note VU#636312 Java SE Development Kit 7, Update 13 (JDK 7u13) Do Devs Care About Java (In)Security? (Comment about proxy filtering) Revision History February 01, 2013: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA13-015A: Microsoft Releases Update for Internet Explorer Vulnerability CVE-2012-4792

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: January 15, 2013 | Last revised: -- Systems Affected Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Overview Microsoft has released Security Bulletin MS13-008 to address the CButton use-after-free vulnerability (CVE-2012-4792). Description Microsoft Internet Explorer versions 6, 7, and 8 are susceptible to a use-after-free vulnerability. This vulnerability is being actively exploited in the wild. Microsoft has released Security Bulletin MS13-008 to address this vulnerability. Additional information is available in Vulnerability Note VU#154201. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution US-CERT recommends that Internet Explorer users run Windows Update as soon as possible to apply the MS13-008 update. References Revision History January 15, 2013: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA13-010A: Oracle Java 7 Security Manager Bypass Vulnerability

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: January 10, 2013 | Last revised: -- Systems Affected Any system using Oracle Java 7 (1.7, 1.7.0) including Java Platform Standard Edition 7 (Java SE 7) Java SE Development Kit (JDK 7) Java SE Runtime Environment (JRE 7) All versions of Java 7 through update 10 are affected.  Web browsers using the Java 7 plug-in are at high risk. Overview A vulnerability in the way Java 7 restricts the permissions of Java applets could allow an attacker to execute arbitrary commands on a vulnerable system. Description A vulnerability in the Java Security Manager allows a Java applet to grant itself permission to execute arbitrary code. An attacker could use social engineering techniques to entice a user to visit a link to a website hosting a malicious Java applet. An attacker could also compromise a legitimate web site and upload a malicious Java applet (a "drive-by download" attack). Any web browser using the Java 7 plug-in is affected. The Java Deployment Toolkit plug-in and Java Web Start can also be used as attack vectors. Reports indicate this vulnerability is being actively exploited, and exploit code is publicly available. Further technical details are available in Vulnerability Note VU#625617. Impact By convincing a user to load a malicious Java applet or Java Network Launching Protocol (JNLP) file, an attacker could execute arbitrary code on a vulnerable system with the privileges of the Java plug-in process. Solution Disable Java in web browsers This and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered. To defend against this and future Java vulnerabilities, disable Java in web browsers. Starting with Java 7 Update 10, it is possible to disable Java content in web browsers through the Java control panel applet. From Setting the Security Level of the Java Client: For installations where the highest level of security is required, it is possible to entirely prevent any Java apps (signed or unsigned) from running in a browser by de-selecting Enable Java content in the browser in the Java Control Panel under the Security tab. If you are unable to update to Java 7 Update 10 please see the solution section of Vulnerability Note VU#636312 for instructions on how to disable Java on a per browser basis. References Vulnerability Note VU#625617 Setting the Security Level of the Java Client The Security Manager How to disable the Java web plug-in in Safari How to turn off Java applets NoScript Securing Your Web Browser Vulnerability Note VU#636312 Revision History January 10, 2013: Initial release This product is provided subject to this Notification and this Privacy & Use policy.
Syndicate content