PREFACE

To Praise and thank God always appealed by writer cause only by His permission and blessing, writer could finished this Project fluently and best as we could. The purpose of this ISAS is to give more knowledge for readers especially about IBM server implementation and security system for Cloud Computing, and also this working paper is a proof of making the project. At this good time, we wants to say thanks to: 1. Mr. Riza Muhammad Nurman as a lecturer who gives his guidance and tutorial. 2. For the people who have helped us to finished this project. Our ISAS paper is made for improve our analysis skill and also as a task from our faculty. As a writer, we realize maybe there's some mistake in our paper, and that's why we need some advice from our faculty to improve our Analysis skill. But we hope in our paper, there are benefits and advantages for writer and readers. And may God note it as a part of science which it useful.

Bogor, June 14, 2009

INDEX AND TABLES

PREFACE.............................................................................................................................................................................1 INDEX AND TABLES.........................................................................................................................................................2 I.1 BACKGROUND...........................................................................................................................................................3 ....................................................................................................................................................................................3 I.2 OBJECTIVE................................................................................................................................................................4 I.3 PROBLEM DOMAIN....................................................................................................................................................4 I.4 WRITING STRUCTURE.................................................................................................................................................4 CHAPTER II: BASIC THEORY.......................................................................................................................................5 II.1 ABOUT IBM SERVER ..............................................................................................................................................5 II.2 HISTORY.................................................................................................................................................................6 CHAPTER III: PROBLEM ANALYSIS...........................................................................................................................7 III.1 WHAT IS IBM ESERVER ISERIES?.............................................................................................................................7 III.2 INSTRUCTION SET...................................................................................................................................................7 III.3 SOFTWARE ............................................................................................................................................................8 III.4 PROGRAMMING ......................................................................................................................................................8 III.5 VIRTUALIZATION ....................................................................................................................................................9 III.6 CLOUD COMPUTING .............................................................................................................................................10 III.6.1 Cloud Computing Architecture..................................................................................................................11 III.6.2 Cloud Computing Application...................................................................................................................12 III.6.3 Cloud Computing Key Point.....................................................................................................................12 Picture 4 Cloud Antivirus.....................................................................................................................................13 III.6.4 Cloud Computing Security Issue...............................................................................................................14 PICTURE 5 CLOUD FIREWALL..................................................................................................................................15 CHAPTER IV : SUMMARY............................................................................................................................................16 IV.1. CONCLUSION.......................................................................................................................................................16 IV.2. SUGGESTION........................................................................................................................................................16 BILBILOGRAPHY...........................................................................................................................................................17

CHAPTER 1: INTRODUCTION

I.1 Background Like many organizations, you may have test environment encompassing multiple, diverse IT assets that required significant staff and budget to configure and manage them. This complexity can result in long test cycles that delay the timing of your products launches. IBM implementation Services for cloud computing design and implementation for test environment help you save capital and operating cost, reduce test cycle times, and minimize complexity and risk to simple- touse, self services test platform that combine service request management, automated provisioning and physical and virtualized test resources, including IBM and non IBM components such as operating system, middleware, storage, network, images and data. IBM Implementation Services for cloud computing design and implementation for test environments offers on demand provisioning of dynamically scalable, virtualized test server resources in a security-rich, private cloud environment. A cloud model enables your users to access consumer IT resources in a test center in ways not previously available. Unlike traditional testing methods, this model dramatically decreases the many manual steps and traditional processes of setting up a test environment. With on demand provisioning of virtualized resources, we can help you reduce capital investments while offering the elastic scalability to handle fluctuating business needs. Automated provisioning and configuration help you reduce test cycle times, reduce IT labor costs, minimize configuration errors, streamline the environment and improve solution quality. And, with quick return on investment, our private test cloud provides an excellent opportunity to start transitioning your enterprise IT to a flexible new sourcing model based on cloud computing, without placing your mission-critical applications at risk.

I.2 Objective In this working paper, the writer has a purpose to explain The Intrusion Detection System and describe the concept of Intrusion Detection. We also explain how it works and why we need that. I.3 Problem Domain In this ISAS, discussion about definition, function, how it works, Advantages, and limitations. I.4 Writing Structure This ISAS consist of 4chapter: Chapter I: Introduction Background Objective Problem Domain Writing Structure

Chapter II: Basic Theory of Intrusion Detection System Chapter III: Intrusion Detection System Concept Chapter IV: Summary

CHAPTER II: BASIC THEORY

II.1 About IBM Server A computer system should provide confidentiality, integrity and assurance against denial of service. However, due to increased connectivity (especially on the Internet). In reality, it clear that the security issue is one of the most important aspect. Because always theres possibility that many hackers and crackers can access our private data, in example, like getting our e-mail password. And thats why we need the secure system to protect our data by unwanted access. Companies rely on an efficient IT infrastructure to support business-critical applications. They need to know that their systems and business processes are deployed to meet the highest service levels defined by their business units plus can be adapted to handle every new business opportunity. IBM i running on an IBM Power Systems server offers a highly scalable and virus resistant architecture with a proven reputation for exceptional business resiliency. Running applications based on i has helped companies over many years to focus on innovation and delivering new value to their business, not just on managing their data center operations. Having a more dynamic infrastructure is all about selecting the right systems and software to enable businesses to move with agility and speed. Getting there with IBM i means implementing proven solutions on a platform you can trust. By choosing the latest Power platform, IBM i applications get world class performance plus dynamic infrastructure flexibility, with the opportunity to lower monthly operations costs. IBM i integrates a trusted combination of relational database, security, Web services, networking and storage management capabilities. It provides a broad and highly stable database and middleware foundation for efficiently deploying business processing applications, with support for over 5,000 solutions from over 2,500 ISVs. i solutions are offered through an extensive, highly skilled worldwide network of IBM Business Partners that is backed by IBMs trusted services and support infrastructure.

II.2 History The IBM System i, then known as the AS/400, was the continuation of the System/38 database machine architecture (announced by IBM in October 1978 and delivered in August 1979). The AS/400 removed capability-based addressing. The AS/400 added source compatibility with the System/36 combining the two primary computers manufactured by the IBM Rochester plant. The System/36 was IBM's most successful mini-computer but the architecture had reached its limit. The first AS/400 systems (known by the development code names Silverlake and Olympic) were delivered in 1988, and the product line has been refreshed continually since then. The programmers who worked on OS/400, the operating system of the AS/400, did not have a UNIX background. Dr Frank Soltis, the chief architect, says that this is the main difference between this and any other operating system. In 2000 IBM renamed the AS/400 to iSeries, as part of its e-Server branding initiative. The product line was further extended in 2004 with the introduction of the i5 servers, the first to use the IBM POWER5 processor. The architecture of the system allows for future implementation of 128bit processors when they become available. Existing applications can use the new hardware without modification. Although announced in 1988, the AS/400 remains IBM's most recent major architectural shift that was developed wholly internally. Since the arrival of Lou Gerstner in 1993, IBM has viewed such colossal internal developments as too risky. Instead, IBM now prefers to make key product strides through acquisition -- e.g., the takeovers of Lotus Software and Rational Software -- and to support the development of open standards, particularly Linux. It is noteworthy that after the departure of CEO John Akers in 1993, when IBM looked likely to be split up, Bill Gates commented that the only part of IBM that Microsoft would be interested in was the AS/400 division. (At the time, many of Microsoft's internal systems ran on the AS/400 platform.

CHAPTER III: PROBLEM ANALYSIS

III.1 What is IBM eServer iSeries? The IBM System i is IBM's previous generation of systems designed for IBM i users, and was subsequently replaced by the IBM Power Systems in April 2008. In 2006, the platform was rebranded to System i as part of IBM's Systems branding initiative. Previously it was known as eServer iSeries in 2000 and before that it was introduced as AS/400 in 1988. In April 2008 IBM announced its integration with the System p platform. The unified product line is called IBM Power Systems and features support for the IBM i (previously known as i5/OS or OS/400), AIX and Linux operating systems. Previous hardware ran OS/400 exclusively. IBM server iSeries is compatible for Cloud Computing for easier access and security.

III.2 Instruction Set One feature that contributes to the longevity of the IBM System i platform is its high-level instruction set (called TIMI for "Technology Independent Machine Interface" by IBM), which allows application programs to take advantage of advances in hardware and software without recompilation. TIMI is a virtual instruction set; it is not the instruction set of the underlying CPU. User-mode programs contain both TIMI instructions and the machine instructions of the CPU, thus ensuring hardware independence. This is conceptually somewhat similar to the virtual machine architecture of programming environments such as Smalltalk, Java and .NET. The key difference is that it is embedded so deeply into the AS/400's design as to make applications effectively binarycompatible across different processor families. Note that, unlike some other virtual-machine architectures in which the virtual instructions are interpreted at runtime, TIMI instructions are never interpreted. They constitute an intermediate compile time step and are translated into the processor's instruction set as the final compilation step. The TIMI instructions are stored within the final program object, in addition to the executable machine instructions

III.3 Software The IBM System I capable of supporting multiple instances of Linux, Lotus Domino, Microsoft Windows 2000 and Windows Server 2003. Windows is supported with either singleprocessor internal blade servers (IXS) or externally-linked multiple-processor servers. Windows, Linux, and VMWare are supported on attached servers. LPAR (Logical PARtitioning), a feature introduced from IBM's mainframe computers, facilitates running multiple operating systems simultaneously on one IBM System i unit. A system configured with LPAR can run various operating systems on separate partitions while ensuring that one OS cannot run over the memory or resources of another. Each LPAR is given a portion of system resources (memory, hard disk space, and CPU time) via a system of weights that determines where unused resources are allocated at any given time. The operating systems supported (and commonly used) under the LPAR schemes are Windows and Linux. The IBM System i also supports common client-server-based technologies such as ODBC and JDBC for accessing its database from client software such as Java, Microsoft .NET languages and others.

III.4 Programming Programming languages available for the i system include C, C++, Pascal, Java, EGL, Perl, Smalltalk, COBOL, SQL, BASIC, PHP, PL/I, Python and REXX. The IBM System i fully supports the Java language, including a 32-bit Java Virtual Machine (JVM). Commands in the Control Language (CL) are promptable using the keyboard F4 function key, and most provide cursor-sensitive help to make specifying command parameters simpler. All command names and parameter keywords are based upon uniform standardized and mostly 3-letter abbreviations for verbs and subjects, making for easy rendering and interpretation by the application developer, as opposed to other operating systems with often cryptic or inconsistent command names for related functions or command parameter switches. For instance, the parameter keyword to apply a text description to any object to be created or changed is spelled the same way for all such commands.

III.5 Virtualization Virtualization is a server virtualization method where the kernel of an operating system allows for multiple isolated user-space instances, instead of just one. Such instances may look and feel like a real server, from the point of view of its owner. On Unix systems, this technology can be thought of as an advanced implementation of the standard mechanism. Operating system-level virtualization is commonly used in virtual hosting environments, where it is useful for securely allocating finite hardware resources amongst a large number of mutually-distrusting users. It is also used, to a lesser extent, for consolidating server hardware by moving services on separate hosts into containers on the one server. Other typical scenarios include separating several applications to separate containers for improved security, hardware independence, and added resource management features. OS-level virtualization implementations that are capable of live migration can be used for dynamic load balancing of containers between nodes in a cluster.

Picture 1 Virtualization

III.6 Cloud Computing Cloud computing is a style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet. Users need not have knowledge of, expertise in, or control over the technology infrastructure in the "cloud" that supports them. Cloud computing customers do not generally own the physical infrastructure serving as host to the software platform in question. Instead, they avoid capital expenditure by renting usage from a third-party provider. They consume resources as a service and pay only for resources that they use. Many cloud-computing offerings employ the utility computing model, which is analogous to how traditional utility services (such as electricity) are consumed, while others bill on a subscription basis. Sharing "perishable and intangible" computing power among multiple tenants can improve utilization rates, as servers are not unnecessarily left idle (which can reduce costs significantly while increasing the speed of application development). A side effect of this approach is that overall computer usage rises dramatically, as customers do not have to engineer for peak load limits. Additionally, "increased high-speed bandwidth" makes it possible to receive the same response times from centralized infrastructure at other sites.

Picture 2 How Cloud Computing Works

III.6.1 Cloud Computing Architecture The majority of cloud computing infrastructure, as of 2009, consists of reliable services delivered through data centers and built on servers with different levels of virtualization technologies. The services are accessible anywhere that provides access to networking infrastructure. Clouds often appear as single points of access for all consumers' computing needs. Commercial offerings are generally expected to meet quality of service (QoS) requirements of customers and typically offer SLAs. Open standards are critical to the growth of cloud computing, and open source software has provided the foundation for many cloud computing implementations.

Picture 3 Cloud Computing Architecture

III.6.2 Cloud Computing Application A cloud application leverages the Cloud in software architecture, often eliminating the need to install and run the application on the customer's own computer, thus alleviating the burden of software maintenance, ongoing operation, and support. For example: Peer-to-peer / volunteer computing (Bittorrent, BOINC Projects, Skype) Web application (Facebook) Software as a service (Google Apps, SAP and Salesforce) Software plus services (Microsoft Online Services)

III.6.3 Cloud Computing Key Point Device and location independence enable users to access systems using a web browser regardless of their location or what device they are using, e.g., PC, mobile. As infrastructure is off-site (typically provided by a third-party) and accessed via the Internet the users can connect from anywhere. Multi-tenancy enables sharing of resources and costs among a large pool of users, allowing for: Centralization of infrastructure in areas with lower costs (such as real estate, electricity, etc.) Peak-load capacity increases (users need not engineer for highest possible load-levels) Utilisation and efficiency improvements for systems that are often only 10-20% utilised. Reliability improves through the use of multiple redundant sites, which makes it suitable for business continuity and disaster recovery. Nonetheless, most major cloud computing services have suffered outages and IT and business managers are able to do little when they are affected. Scalability via dynamic ("on-demand") provisioning of resources on a fine-grained, selfservice basis near real-time, without users having to engineer for peak loads. Performance is monitored and consistent and loosely-coupled architectures are constructed using web services as the system interface. Security typically improves due to centralization of data, increased security-focused

resources, etc., but raises concerns about loss of control over certain sensitive data. Security is often as good as or better than traditional systems, in part because providers are able to devote resources to solving security issues that many customers cannot afford. Providers typically log accesses, but accessing the audit logs themselves can be difficult or impossible. Sustainability comes about through improved resource utilization, more efficient systems, and carbon neutrality. Nonetheless, computers and associated infrastructure are major consumers of energy.

Picture 4 Cloud Antivirus

III.6.4 Cloud Computing Security Issue Privileged user access. Sensitive data processed outside the enterprise brings with it an inherent level of risk, because outsourced services bypass the "physical, logical and personnel controls" IT shops exert over in-house programs. Get as much information as you can about the people who manage your data. "Ask providers to supply specific information on the hiring and oversight of privileged administrators, and the controls over their access," Gartner says. Regulatory compliance. Customers are ultimately responsible for the security and integrity of their own data, even when it is held by a service provider. Traditional service providers are subjected to external audits and security certifications. Cloud computing providers who refuse to undergo this scrutiny are "signaling that customers can only use them for the most trivial functions," according to Gartner. Data location. When you use the cloud, you probably won't know exactly where your data is hosted. In fact, you might not even know what country it will be stored in. Ask providers if they will commit to storing and processing data in specific jurisdictions, and whether they will make a contractual commitment to obey local privacy requirements on behalf of their customers, Gartner advises. Data segregation. Data in the cloud is typically in a shared environment alongside data from other customers. Encryption is effective but isn't a cure-all. "Find out what is done to segregate data at rest," Gartner advises. The cloud provider should provide evidence that encryption schemes were designed and tested by experienced specialists. "Encryption accidents can make data totally unusable, and even normal encryption can complicate availability," Gartner says. Recovery. Even if you don't know where your data is, a cloud provider should tell you what will happen to your data and service in case of a disaster. "Any offering that does not replicate the data and application infrastructure across multiple sites is vulnerable to a total failure," Gartner says. Ask your provider if it has "the ability to do a complete restoration, and how long it will take."

Picture 5 Cloud Firewall

CHAPTER IV : SUMMARY

IV.1. Conclusion The IBM System I capable of supporting multiple instances of Linux, Lotus Domino, Microsoft Windows 2000 and Windows Server 2003. Windows is supported with either singleprocessor internal blade servers or externally-linked multiple-processor servers. Windows, Linux, and VMWare are supported on attached servers.

IV.2. Suggestion Companies rely on an efficient IT infrastructure to support business-critical applications. They need to know that their systems and business processes are deployed to meet the highest service levels defined by their business units plus can be adapted to handle every new business opportunity.

BILBILOGRAPHY

Reference from site : 1. http://finance.yahoo.com/news/IBM-Launches-New-Cloud-iw-13659540.html 2. http://www.ibmsystemsmag.com/ibmnewsupdates/23382p1.aspx 3. http://www-935.ibm.com/services/us/index.wss/offering/midware/a1030965 4. http://search.techrepublic.com.com/search/cloud+computing+and+ibm+corp.+and+servers.html 5. http://www.vector1media.com/top-stories/corporate-news/ibm-launches-new-cloud-computingconsulting-and-implementation-services/

6. http://www-03.ibm.com/press/us/en/pressrelease/26168.wss 7. http://cloudcomputing.sys-con.com/node/977411 8. http://www.managingautomation.com/maonline/news/read/IBM_Unveils_Cloud_Computing_Co

nsulting_Services_32373

9. http://resources.bnet.com/topic/cloud+computing+and+ibm+corp..html 10. http://www.techcrunchit.com/2009/02/09/ibm-and-juniper-networks-hoping-to-gain-cloudcomputing-marketshare/