Product requirements
This section contains links to the IBM® Workload Scheduler Download Documents, System Requirements, and Release Notes.
Fix Pack readmes
For the latest information about a Fix Pack, see the appropriate Readme File.
Product Library in PDF format
This section contains links to the PDF versions of all the publications provided in IBM Documentation for IBM Workload Automation.
Considerations for GDPR readiness
Overview
Mobile Applications Userʼs Guide
Dynamic Workload Console User's Guide
AI Data Advisor (AIDA) User's Guide
Scheduling Job Integrations with IBM Workload Automation
IBM® Workload Scheduler
Welcome to the IBM® Workload Scheduler documentation, where you can find information about how to install, maintain, and use IBM Workload Scheduler. The documentation has been updated for IBM Workload Scheduler Version 10.1 Fix Pack 6.
IBM® Z Workload Scheduler
Welcome to the IBM® Z Workload Scheduler documentation, where you can find information about how to install, maintain, and use the product.
- Memo to Users
- Program Directory
- Dynamic Workload Console Readmes
  For the latest information about a Dynamic Workload Console fix pack, see the appropriate Readme File.
- Planning and Installation
- Customization and Tuning
- Managing the Workload
  You can plan when and how your workload runs and manage it as part of a plan.
- Scheduling End-to-end with z-centric Capabilities
- Scheduling End-to-end with Fault Tolerance Capabilities
  - About this publication
  - Overview
    An overview of end-to-end scheduling with fault tolerance capabilities.
  - Installing
  - Customizing
    - Defining centralized and non-centralized scripts
      A job can use two kinds of scripts, centralized or non-centralized. A centralized script is a script that resides in IBM Z Workload Scheduler and that is downloaded to the fault-tolerant workstation every time the job is submitted.
    - Setting the security features
      - Setting strong authentication and encryption
        Key SSL concepts
        To authenticate a peer identity, the SSL protocol uses X.509 certificates called digital certificates. Digital certificates are electronic ID cards that are issued by trusted parties and enable a user to verify both the sender and the recipient of the certificate through the use of public-key cryptography.
        SSL connection for communication across the network
        IBM Workload Scheduler provides a secure, authenticated, and encrypted connection mechanism for communication across the network topology. This mechanism is based on the Secure Sockets Layer (SSL) protocol and uses the OpenSSL Toolkit, which is automatically installed with IBM Workload Scheduler.
        Enabling SSL authentication on IBM Z Workload Scheduler server
        Enabling FIPS compliance over IBM Z Workload Scheduler server SSL secured connection
      - Setting for work across firewalls
        Prior to IBM Z Workload Scheduler version 8.2, running the commands to start or stop a workstation or to get the standard list, required opening a direct TCP/IP connection between the originator and the destination nodes. In a firewall environment, this forces users to break the firewall to open a direct communication path between the master and each fault-tolerant agent in the network.
    - Tuning global and local options in distributed network
    - Tuning network timeouts
      Network issues that make the connection to specific agents too slow can impact the performance of overall scheduling. IBM Workload Scheduler provides network timeout settings that you can tune to avoid problems with specific agents that affect the entire system.
    - Selecting end-to-end server messages
  - Managing end-to-end scheduling
  - Changing the topology of the network
- Quick Reference
- Diagnosis Guide and Reference
- Workload Automation Programming Language for z/OS User's Guide and Reference
- Driving IBM Z Workload Scheduler
Messages and Codes
Glossary
Installing IBM® Workload Scheduler
How to monitor your IBM® Workload Scheduler using the Dynamic Workload Console
How to create your scheduling environment using the Dynamic Workload Console
Notices

Enabling FIPS compliance over IBM Z Workload Scheduler server SSL secured connection

Federal Information Processing Standard Security Requirements for Cryptographic Modules, referred to as FIPS 140-2, is a standard published by the National Institute of Standards and Technology (NIST). Organizations can require compliance to the FIPS 140-2 standard to provide protection for sensitive or valuable data to cryptographic-based security systems.

System SSL was designed to meet the Federal Information Processing Standard - FIPS 140-2 Level 1 criteria.

System SSL can run in either "FIPS mode" or "non-FIPS mode". By default, System SSL runs in "non-FIPS" mode.

IBM Z Workload Scheduler uses the System SSL configuration. To run IBM Z Workload Scheduler in "FIPS mode", you must enable FIPS compliance over System SSL connections.

To enable SSL authentication for your end-to-end with fault-tolerance capabilities network, you must perform the following actions:

Ensure that FIPS-compliance over an SSL connection is enabled on the controller as described in http://publib.boulder.ibm.com/infocenter/zos/v1r12/topic/com.ibm.zos.r12.gska100/fipss.htm#fipss.
On the controller, set ENABLEFIPS to YES in the TOPOLOGY statement.
On the distributed agent, ensure that:
- SSL is configured, as described in Using FIPS certificates
- FIPS compliance is enabled as described in Configuring FIPS compliance

Note: IBM Z Workload Scheduler relies upon System TSL to automatically enable the TLSV1_2 protocol. Alternatively, you can export the related environment variable (GSK_PROTOCOL_TLSV1_2) by specifying the following statements in the server started task:

PARM='ENVAR("_CEE_ENVFILE:DD=STDENV")': For details, see Configuring TLS to connect with the IBM Z Workload Scheduler server
//STDENV DD card: For details, see Configuring TLS to connect with the IBM Z Workload Scheduler server

If you enable FIPS, the STDENV DD card settings are ignored.