SPARTA President’s Corner
contributed by Randy Springs
Well, the year is half over, and vacations are becoming prevalent. One of our group, a member for decades, retired from SAS at the end of June – Ed Webb. We congratulate Ed on his illustrious career. Ed has helped many in our group with various technical issues over the years, and has served on our board of directors for many years (and hopefully, years to come). He has presented to our group too many times to count. We thank him for his service, his friendship, and all that he does for SPARTA and SHARE.
Our speaker this month will again be Chris Meyer, a Senior Technical Staff Member at IBM, with a continuation of his informative presentation on z/OS network security. Join us to learn more about this hot topic as we continue our efforts to keep our data (internal and customer data) secure.
Your SPARTA group still needs a volunteer to replace Pam Tant as treasurer. This position would involve about two hours per month. Please consider serving and talk to me about the position.
Please plan to join your colleagues for subs, networking, and education on Tuesday, July 9, at 6:15 p.m. at our usual LabCorp location in RTP.
(subject to change)
July 9, 2019 - z/OS Network Security (part 2) by Chris Meyers of IBM
August 6, 2019 - TBD
September 10, 2019 - SHARE 2019 Pittsburgh Reports
We need ideas and volunteers for future speakers. Presentations don’t have to be fancy, just informative and interesting. Even a 5 or 10 minute talk can start an interesting interaction. Contact Ron Pimblett by phone as noted below.
Board of Directors
Randy Springs - President
BB&T (919) 745-5241
3200 Beechleaf Court, Suite 300
Raleigh, NC 27604
Ron Pimblett - Vice President
MDI Data Systems
Land line 613 599 6970
Mobile 613 981 6919
190 Guelph Private
Kanata, ON K2T 0J7
Chris Blackshire - Secretary
Retired (Dell, Perot Systems, Nortel) (919) nnn-nnnn
Durham, NC 27713
Randy Springs - (Acting) Treasurer
BB&T (919) 745-5241
Ed Webb - Communications Director
Retired (SAS Institute Inc.) (919) nnn-nnnn
Apex, NC 27523
Mike Lockey - Web Master
Guilford Co. Information Services 336-641-6235
201 N. Eugene St.
Greensboro, NC 27401
Meetings are scheduled for the first Tuesday evening of each month (except no meeting in January), with optional dinner at 6:15 p.m. and the meeting beginning at 7:00 p.m.
These monthly meetings usually are held at LabCorp’s Center for Molecular Biology and Pathology (CMBP) near the Research Triangle Park (see last page). Take I-40 to Miami Boulevard and go north. Turn right onto T.W. Alexander Drive. Go about a mile or so. Then turn right into LabCorp complex and turn Left to the CMBP Building (1912 T.W. Alexander Drive). In the lobby, sign in as a visitor to see Bill Johnson. Bill will escort you to the conference room.
Call for Articles
If you have any ideas for speakers, presentations, newsletter articles, or are interested in taking part in a presentation, PLEASE contact one of the Board of Directors with your suggestions.
The SPARTA policy is to e-mail a monthly notice to our SPARTA-RTP Group. The newsletter is posted to the website about five (5) days before each meeting so you can prepare. The SPARTA-RTP Group is maintained by Chris Blackshire; if you have corrections or problems receiving your meeting notice, contact Chris at firstname.lastname@example.org.
April 2019 “CBT Tape” Shareware Online
The directory and files from the latest CBT tape V497 (dated April 29, 2019) are available from www.cbttape.org.
If you need help obtaining one or more files, contact Ed Webb (see Board of Director’s list for contact info).
Minutes of the June 4, 2019 Meeting
• The meeting was called to order at 7:00 PM by Randy Springs, the SPARTA President.
• The meeting was held at a LabCorp conference room in RTP, N.C.
• Thirteen (13) people were present.
• Everyone introduced themselves, told where they worked, and briefly described their job functions or their job hunting challenges.
• The minutes of the May 7, 2019 meeting as published in the June 2019 Newsletter were approved.
• The May 31, 2019 Treasurer's report was approved as published in the June 2019 Newsletter. As of 05/31/2019, the current balance was $1,170.28.
• Call For Articles: Articles are needed for this newsletter. If you would like to write an article for this newsletter, please contact Ed Webb. Keep in mind that you don't really need to write the article, it can be an article that you read that you would like to share with the membership.
• The SPARTA Web page is available. To access the SPARTA Web page, point your Web browser to this site: http://www.spartanc.org. Please send any comments or suggestions about the Web page to Mike Lockey. Be sure to check the Web page every once in a while to see any new or changed information.
• Randy reminded everyone to leave the LabCorp conference room clean.
• 2019 meeting dates, Future Speakers and Topics (subject to change based on internal politics, budget, the weather):
July 9, 2019
z/OS Network Security Part 2
August 6, 2019
September 10, 2019
SHARE 133 Update
October 1, 2019
November 5, 2019
December 3, 2019
If you have suggestions about speakers and topics, contact Ron Pimblett.
• The next SPARTA monthly meeting will be on Tuesday, July 9,
2019 at Labcorp in RTP.
• Food for the July 9 meeting will be Subs (note meeting change date for the July 4 holiday week).
• The 2019 membership fee is due ($30) starting in February 2019. Please pay Randy Springs.
• Thanks to LabCorp and Bill Johnson for hosting the meeting.
• There are currently 92 people on the SPARTA-RTP e-mail list.
• Send any e-mail address changes to Chris
Blackshire so he can update the SPARTA-RTP Listserv. You will be
added by the moderator (Chris = SPARTA-RTPemail@example.com) sending you an invitation to Join
• No update from Randy Springs on the SPARTA website connection to LinkedIn.
• No update from Chris on the process of putting a package together for Brad Carson, Tommy Thomas, and John Bryan's SPARTA contributions and death information on the web page under a new Emeritus section.
• No update about whether SPARTA needs to change the website to HTTPS access.
• Randy Springs is looking for a new Treasurer volunteer. He projects about 2 hours per month is needed.
- The treasurer position duties are:
- - Collect dues and pay expenses at each monthly meeting.
- - Deposit income at the BB&T bank monthly.
- - Make an updated monthly excel income-expense list for the monthly newsletter.
- - Give a Treasurer report at each meeting.
- - One Time: Be added to the checking account authorization.
- Contact Randy Springs if you are interested.
• LabCorp Meeting Place Update from Bill Johnson: move dates are undetermined.
• The Business portion of the meeting ended about 7:38 PM.
Presentation Topic: z/OS Network Security
By Chris Meyer, CISSP, z/OS Network Security Architect at IBM
- Roles and objectives
- Deployment trends and requirements
• Policy-based Network Security
- Application Transparent TLS
- IP security (IP packet filtering and IPSec)
- Intrusion Detection Services (IDS)
• z/OS Encryption Readiness Technology (zERT)
• SAF Protection of TCP/IP Resources – SERVAUTH class
• Network security trends and requirements
- More “defense in depth”
- - Security is no longer perimeter-based
- - Server is the last layer of defense
- Regulatory compliance and tighter IT security policies
- - Corporate, industry and government standards (PCI-DSS, HIPAA, GDPR, etc.)
- - Driving many enterprises to adopt new security practices and understand existing security posture
- - Data privacy is a common theme – drives end-to-end crypto
- Increasing adoption of network security at the endpoint
- - TLS/SSL and IPSec deployments steadily increasing on z/OS
- - “Self-protect” features like IP packet filtering and IDS
- Focus on minimizing security deployment costs
- - Application transparent network security features and policy-based configuration reduce deployment costs
- - GUI-based policy administration for ease of use and faster deployment
• Role of network security on z/OS
- Protect system resources FROM the network
- - System availability and integrity
- - - Protect the system against unwanted access, denial of service attacks, and other unwanted intrusion attempts from the network
- - Identification and authentication
- - - Verify identity of network users
- - Access control
- Protect data and other system resources from unauthorized access
- - Protect data IN the network (cryptographically)
- - Data End Point Authentication
- - - Verify who the secure end point claims to be
- - Data Origin Authentication
- - - Verify that data was originated by claimed sender
- - Message Integrity
- - - Verify contents were unchanged in transit
- - Data Privacy
- - - Conceal cleartext using encryption
- Self protection:
- - z/OS itself is the last line of defense in an often hostile network environment
- z/OS CS security focus areas:
- - Self protection
- - Provide secure access to both TCP/IP and SNA applications
- - Exploit the strengths of System z hardware and software
- - Provide audit trails for security functions
- - Complement network-based security measures (firewalls, IDS/IPS, etc.)
- - Minimize security deployment costs
• Communications Server security features by layer
- Protect system from the network - Application layer, API layer, TCP/UDP transport layer, IP Networking layer
- Protect data in the network - Application layer, API layer, TCP/UDP transport layer, IP Networking layer
• Policy-based network security on z/OS
- Policy is created through Network Configuration Assistant for z/OS Communications Server
- - GUI-based tool
- - Configures each security discipline (AT-TLS, IP security and IDS) using consistent model
- - Generates and uploads policy files and related content to z/OS
- Policy Agent processes and installs policies into TCP/IP stack
- - Policies are defined per TCP/IP stack
- - Separate policies for each discipline
- - Policy agent also monitors and manages the other daemons and processes needed to enforce the policies (IKED, syslogd, trmd, etc.)
- Provides network security without requiring changes to your applications
- - Security policies are enforced by TCP/IP stack
- - Different security disciplines are enforced independent of each other
• z/OSMF Network Configuration Assistant for z/OS Communications Server
- z/OSMF-based web interface
- Configures all policy disciplines and TCP/IP profile
- Separate perspectives but consistent model for each discipline
- Focus on concepts, not syntax
- - what traffic to protect
- - how to protect it
- - De-emphasize low-level details (though they are accessible through advanced panels)
- Builds and maintains
- - TCP/IP profile
- - Policy files
- - Related configuration files
- - JCL procs and RACF directives
- Supports import of existing profiles and policy files
- Supports current z/OS release plus past two
- Actively imports certain configuration information
• AT-TLS: Traditional TLS/SSL
- Transport Layer Security (TLS) is an IETF standard based on Netscape’s old proprietary Secure Sockets Layer (SSL) protocol
- - All new development of the protocol is under the IETF’s domain and defined as new TLS versions.
- - The newest protocol version is TLSv1.3 – just approved in August, 2018 (RFC 8446)
- TLS traditionally provides security services as a socket layer service. Applications must be modified to call these services
- TLS requires a reliable transport protocol
- - Typically TCP
- - UDP applications cannot be enabled with TLS
- z/OS supports two complete TLS/SSL implementations:
- - z/OS Cryptographic Services System SSL provides an API library for C and C++ applications
- - Java Secure Sockets Extension (JSSE) provides classes for Java applications
- However, there is an easier way…
… Application Transparent TLS (AT-TLS)!
• AT-TLS: AT-TLS overview
- Policy-based TLS in the TCP/IP stack
- - TLS process performed in TCP layer (via System SSL) without requiring any application change (transparent)
- - AT-TLS policy specifies which TCP traffic is to be TLS protected based on a variety of criteria
- - - Local address, port
- - - Remote address, port
- - - Connection direction
- - - z/OS userid, jobname
- - - Time, day, week, month
- Application transparency
- - Can be fully transparent to application
- - An optional API allows applications to inspect or control certain aspects of AT-TLS processing – “application-aware” and “application-controlled” AT-TLS, respectively
- Available to TCP applications
- - Includes CICS Sockets
- - Supports all programming languages except PASCAL
- Supports all standard configurations
- - z/OS as a client or as a server
- - Server authentication (server identifies self to client)
- - Client authentication (both ends identify selves to other)
- Relies on System SSL for TLS protocol processing
- - Remote endpoint sees an RFC-compliant implementation
- - Interoperates with other compliant implementations
• AT-TLS: Common workloads
- Communications Server applications
- - TN3270E Telnet server
- - FTP client and server
- - CSSMTP
- - Load Balancing Advisor
- - IKED (when operating as an NSS client)
- - NSS server
- - Policy Agent
- - DCAS server
- DB2 for z/OS
- IMS Connect
- InfoSphere Guardium S-TAP
- CICS Transaction Server 5.3+ (when operating as a server)
- IBM Multi-Site Workload Lifeline
- JES2 Network Job Entry
- RACF Remote Resource Sharing Facility
- z/OS CIM server
- IBM Security zSecure
- IBM Tivoli NetView applications
- - MultiSystem Manager
- - NetView Management Console
- IBM Tivoli Monitoring applications
- - Tivoli Enterprise Portal Server
- - Tivoli Enterprise Monitoring Server
- CICS Sockets applications
- 3rd Party applications
- Customer-written applications
• AT-TLS: Advantages
- Reduce costs
- - Application development
- - Cost of System SSL integration
- - Cost of application’s TLS-related configuration support
- - Consistent TLS administration across z/OS applications
- - Gain access to new features with little or no incremental development cost
- Complete and up-to-date exploitation of System SSL features
- - AT-TLS makes the vast majority of System SSL features available to applications
- - AT-TLS keeps up with System SSL enhancements – as new features are added, your applications can use them by changing AT-TLS policy, not code
- - Focus on efficiency in use of System SSL
- Great choice if you haven’t already invested in System SSL integration
- - … and even if you have, consider the long-term cost of keeping up vs. short term cost of conversion
• IP Security: Capabilities
- A complete IP filtering, IPsec and IKE implementation
- - IP filtering controls which packets can enter or leave the system
- - Authentication Header (AH) and Encapsulating Security Payload (ESP) Security Associations (SAs)
- - Transport and Tunnel Mode
- - Supports host and gateway roles (optimized for host role)
- - IKE version 1 and version 2 (RFC 5996)
- - Filter-directed logging of security actions to syslogd
- Wide range of modern cryptographic algorithms including AES (multiple modes), SHA2, SHA1, RSA, ECDSA, etc.
- Complies with U.S. Government IPv6 profiles for IPsec, ESP and IKEv2
- zIIP assisted
- - Moves IPSec processing from general CPs to zIIPs
- - All inbound traffic and a good portion of outbound
- Supports NAT Traversal and NAPT for IPv4
- Sysplex-wide Security Associations allow IPsec SAs to be shared across the sysplex
- IP Security monitoring interface: IBM Tivoli OMEGAMON XE for Mainframe Networks
• IP Security: IP packet filtering
- IP filtering at the z/OS IP Layer
- - Filter rules defined based on relevant attributes :
- - - IPv4 or IPv6 source/destination address
- - - Protocol (TCP, UDP, ICMP, etc.)
- - - Source/destination Port
- - - Direction of flow
- - Used to control
- - - Traffic being routed
- - - Access at destination host (local)
- - Possible actions when a filter rule is matched:
- - - Permit - - Permit with IPSec protection
- - - Deny - - Log (in combination with above actions)
- IP filter rules are defined within IPSecurity policy
- - This policy also controls IPSec if you choose to use it
- - Rudimentary “default rules” can also be defined in TCPIP profile to provide protection before policy agent initializes
- Benefits for local traffic (self-protection)
- - Early discard of potentially malicious packets
- - Avoid wasting CPU cycles on packets for applications that are not supported on this system
- - Prevent data leakage for outbound traffic
• IP Security: The IPsec protocol
- Implemented at the IP (network) layer
- - Completely transparent to application
- - Supports all IP traffic, regardless of higher-layer protocols
- Node-to-node protection via “Security Associations” (SAs)
- Data protection:
- - Authentication Header (AH) provides data authentication and integrity protection
- - Encapsulating Security Payload (ESP) provides data authentication, integrity and encryption
- Management of crypto keys and security associations:
- - Dynamic through Internet Key Exchange (IKE) protocol based on IPSecurity policy
- - Manual
- Partner authentication via digital certificates using IKE protocol
• IP Security: IPsec scenarios and z/OS roles (diagrams not copied)
• IP Security: Common IPsec use cases (diagrams not copied)
• IDS: z/OS TCP/IP IDS overview (diagrams not copied)
• IDS: z/OS TCP/IP IDS features
- z/OS in-context IDS broadens overall intrusion detection coverage:
- - In-context means as the communications end point, not as an intermediary
- - Ability to evaluate inbound encrypted data - IDS applied after decryption on the target system
- - Avoids overhead of per packet evaluation against table of known attacks - IDS policy checked after attack probe fires
- - Detects statistical anomalies realtime - target system has stateful data / internal thresholds that generally are unavailable to external IDSs
- Policy can control prevention methods on the target, such as connection limiting and packet discard IDS Events
• IDS: Defensive filtering with the Defense Manager Daemon (DMD)
- Defensive filters enable dynamic defensive actions in case of attack
- NOT policy-based, but created, managed and controlled through the ipsec command
- NOT part of IDS, but can be used within automation for IDS event processing
- DENY only (but also “simulate mode”)
- Installed “in front of” all other IP filters
- Maintained on DASD to protect restarted stacks from the time they come up
- Limited lifetime (~2 weeks max)
- Selectable scope:
- - Local – applies to a specific stack
- - Global – applies to all stacks on LPAR
- One Defense Manager Daemon per LPAR
• zERT: Cryptographic network protection on z/OS
- z/OS provides 4* main mechanisms to protect TCP/IP traffic:
-1- TLS/SSL direct usage
- - - Application is explicitly coded to use these
- - - Configuration and auditing is unique to each application
- - - Per-session protection
- - - TCP only
-2- Application Transparent TLS (AT-TLS)
- - - TLS/SSL applied in TCP layer as defined by policy
- - - Configured in AT-TLS policy via Configuration Assistant
- - - Auditing through SMF 119 records
- - - Typically transparent to application
- - - TCP/IP stack is user of System SSL services
-3- Virtual Private Networks using IPSec and IKE
- - - “Platform to platform” encryption
- - - IPSec implemented in IP layer as defined by policy
- - - Auditing through SMF 119 records – tunnel level only
- - - Completely transparent to application
- - - Wide variety (any to all) of traffic is protected
- - - Various topologies supported (host to host, host to gateway, etc.)
- - - IKE negotiates IPSec tunnels dynamically
-4- Secure Shell using z/OS OpenSSH
- - - Mainly used for sftp on z/OS, but also offers secure terminal access and TCP port forwarding
- - - Configured in ssh configuration file and on command line
- - - Auditing via SMF 119 records
- - - TCP only
• zERT: Why zERT?
- Given all of the workloads, crypto protocols, and variation in configuration and auditing on z/OS, how can you tell…
- - Which traffic is being protected (and which is not)?
- - How is that traffic being protected?
- - Who the traffic belongs to?
- - Whether existing and new configurations adhere to my company’s security policies?
- zERT is design specifically to answer the above questions
- - Positions the TCP/IP stack as a central collection point and repository for cryptographic protection attributes of all:
- - - TCP connections that are protected by TLS, SSL, SSH, IPsec or are unprotected
- - - Enterprise Extender connections that are protected by IPsec or are unprotected
- - Two methods for discovering the security sessions and their attributes:
- - - TCP stream observation (for TLS, SSL and SSH) for all TCP connections
- - - Advice of the cryptographic protocol provider (System SSL, ZERTJSSE, OpenSSH, z/OS IPsec support)
- - Reported through new SMF 119 records (through SMF or real-time services)
- - Provides a web-based UI (the zERT Network Analyzer) to analyze those records
- - Several IBM and ISV products have integrated support for zERT SMF data
• zERT: Functions
- zERT Discovery
- - SMF 119 subtype 11 “zERT Connection Detail” records
- - These records describe the complete cryptographic protection history of each TCP and EE connection
- - Writes at least one zERT Connection Detail record for every local TCP and EE connection
- - Covers all recognized cryptographic protocols in one record
- - Depending on your z/OS network traffic, these could be generated in very high volumes
- zERT Aggregation – available via V2R3 new function APAR PI83362
- - SMF 119 subtype 12 “zERT Summary” records
- - These records describe the repeated use of security sessions over time
- - Since the focus is a security session, each record is focused on a single cryptographic protocol
- - Writes one zERT Summary record at the end of each SMF interval for each security session that was active during the SMF interval
- - Can greatly reduce the volume of SMF records (over Discovery) while providing the same level of cryptographic detail
- zERT Network Analyzer - available via V2R3 new function APAR PH03137
- - Web-based (z/OSMF) UI to query and analyze zERT Summary (subtype 12) records
- - - Intended for z/OS network security administrators (typically systems programmers)
• zERT: What data is collected?
- Attributes of the connection and its security sessions
- - Significant attributes
- - - Identifying attributes like IP addresses, ports, jobname, userid, etc.
- - - Protection attributes like protocol version, cryptographic algorithms, key lengths, etc.
- - - Changes in these cause a protection state change record to be written if they change
- - Informational attributes like protocol session identifiers, session or certificate expiry data
- - - and certificate serial numbers are recorded for informational purposes only. When recorded,
- - - the values of such attributes are taken at the time the SMF record is written. Changes in
- - - these attributes do not constitute a significant change and will not result in the creation of a
- - - change event record
- zERT does not collect, store or record the values of secret keys, initialization vectors, or
- - any other secret values that are negotiated or derived during cryptographic protocol handshakes
* * * See the z/OS Communications Server IP Programmer’s Guide for all the details * * *
• zERT: Network Analyzer overview
- A new z/OSMF plugin:
- Web UI makes zERT data consumable for z/OS network security administrators (typically systems programmers)
- Access to UI controlled through SAF resource IZUDFLT.ZOSMF.ZERT_NETWORK_ANALYZER in the ZMFAPLA class
- Used primarily to investigate specific network encryption questions (but could also be used for periodic report generation)
- The IBM zERT Network Analyzer is available via new function APAR PH03137
• zERT: Network Analyzer – what data is available? (TLS and SSH)
(options diagrams not copied)
• zERT: Network Analyzer – what data is available? (IPsec and unprotected*)
(options diagrams not copied)
CBB - The Presentation to be continued next month if other presenters scheduling allows a re-schedule.
Ron Pimblett and Chris Meyers to work out the details.
• Presentation Access - See the SPARTA webpage for the complete presentation.
• Contact Info:
Chris Meyer, CISSP
Senior Technical Staff Member, z/OS Network Security Architect
3039 Cornwallis Road
Research Triangle Park, NC 27709
Phone: (919) 254-5179
• The June 4, 2019 monthly meeting ended about 9:20 P.M.
Treasurer’s Report for June 2019
contributed by Randy Springs
The balance in the account is $1371.92 as of June 30, 2019.
SPARTA Financial Report
06/01/2019 through 06/30/2019
Opening Balance 6/1/2019
Food money donated
Bank Service Charges
PETTY CASH on hand
Items of Interest
SPARTA Schedule and Menu for 2019
contributed by Chris Blackshire
July 9, 2019 - Subs (changed because of July 4 holiday in previous week)
August 6, 2019 - BarBQ
September 10, 2019 - Pizza (changed because of Labor Day holiday in previous week)
October 1, 2019 - Chicken
November 5, 2019 - Subs
December 3, 2019 - BarBQ
SHARE App Updated and Ready for Pittsburgh
Contributed By Ed Webb
The SHARE App for iOS and Android has been updated and is ready with agenda and details about SHARE in Pittsburgh in just a few weeks. Search your mobile store for "SHARE Association".
Registration, Agenda and Hotels are still available for SHARE Summer 2019 in Pittsburgh, PA on August 4-9.
And be prepared to participate at SHARE in 2020 at one of these announced venues:
SHARE Winter 2020: Ft. Worth, Texas February 23-28
SHARE Summer 2020: Boston, MA August 2-7
You can always see the future SHARE schedule here.
IBM Z is Moving to the New IBM Support Site
Contributed By Ed Webb
IBM is adding Z products to its year-old SalesForce-based Support Site.
"IBM is introducing the new IBM Support site to replace the IBM Service Request Tool. IBM Z software products and offerings will be migrated to the new IBM Support site in the summer of 2019. IBM Z Hardware will migrate at a later date.
What will happen:
Migration will occur over one weekend
Existing SR IDs will automatically be moved to the new IBM Support site
Existing SRs/PMRs will be converted to Cases
You will have access to your cases and the case creation system during the migration. "
Learn more and find links to training and a preview at this page.
A New Podcast for "Mainframe, Performance, Topics"
Contributed By Ed Webb
In the most recent post to Marna's Musings, Marna describes a new Podcast in the series MPT (mainframe, performance, topics).
"It has been a while since Martin and I were able to be available at the same time in our offices, but we recently were able to get another episode out. I hope that some of the information is useful to those of you with earbuds."
Read the full post and use link to the new podcast episode here.
Wit and Wisdom continued
Contributed by Ed Webb
• We can't all be heroes: Someone has to sit on the curb and clap as they go by.
• Anyone driving slower than you is an idiot; anyone driving faster is a maniac.
• When you don't know what to do, walk fast and look worried.
• People who are late are usually much jollier than the people who have to wait for them.
• Friends come and go, but enemies accumulate.
• Procrastination is the art of keeping up with yesterday.
Don’t Forget the Next SPARTA Meeting
Tuesday, July 9, 2019
Location: LabCorp in RTP
Use 1912 TW Alexander Drive, Durham, NC 27703 in your map app.
Take I-40 to Miami Boulevard and go north. Turn right onto 1912 T.W. Alexander Drive. Go about a mile or so. Then turn right into LabCorp complex and turn left to the CMBP Building. In the lobby, sign in as a visitor to see Bill Johnson. Bill will escort you to the conference room.
Free Food before meeting: Subs, Sodas and Tea, Dessert
z/OS Network Security (part 2)
Speaker: Chris Meyers of IBM
P.O. Box 13194
Research Triangle Park, NC 27709-3194
First Class Postage
SPARTA Corporate Sponsors: