Skip to main content

Software  >  Networking  >  Communications Server  >  

Securing an SNA environment for the 21st century
 White paper
 
Abstract
In today's ever expanding business environment, securing an IT Enterprise takes center stage in an overall business strategy. However, over the past 10 years as the IT industry has enhanced security defenses and best practices for IP networks, configuring secure SNA environments has not been pursued with the same zeal for some organizations.
 
 
Content
In the past, SNA system programmers were able to rely on a hierarchical architecture, strong physical controls, and a limited amount of access to protect their critical business services. As the IT industry developed larger networks with increased availability, these assumptions no longer held true. Introduction of new technologies enhanced the availability of SNA with more dynamic network recovery. Although the use of faster IP infrastructure has "opened” the SNA networking environment, this loss of physical security can be replaced by a mix of other strong security options that are integrated into the different layers of SNA.

SNA at its core was designed with the ability to wrap different layers of connections with a blanket of security. This paper describes how you establish a session within an SNA environment by connecting to a node, then establishing and maintaining a link connection into the network. You then negotiate a proper session and handle the flows within the session itself. At each level, SNA provides different security controls that can govern the connections and protect different session information.

From network border searching controls, tuning options and the use of encryption ciphers you can harden the walls of your SNA network from the inside out. Even the data transactions themselves are wrapped within several layers of connections that can contain multiple security checks.

SNA has even been enhanced to take advantage of IP networking technology. In order to protect the transactions that flow over an IP network you can deploy a mix of SNA and IP security. Using these controls, you can authenticate the traffic flow and protect the data from prying eyes using advanced key management and cipher algorithms.

This paper will educate the SNA-skilled reader on network security concepts and includes recommendations for evaluating and configuring their APPN and Subarea SNA environment to enhance security.
 
SNA_Security_20080812.pdf
 
 

Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.
Rate this page
Please take a moment to complete this form to help us better serve you.
This material provides me with the information I need.




This material is clear and easy to understand.




Did the information help you to achieve your goal?
What updates, improvements, or related information would you like to see in this document?
Your response will be used to improve our document content. Requests for assistance, if applicable, should be submitted through your normal support channel as we cannot respond from this site.
Input the verification number to submit feedback:
Document information
 Product categories:
 Software
 Networking
 Enterprise Connectivity
 z/OS Communications Server
 Operating system(s):
  z/OS
 Software version:
  1.8, 1.9, 1.10
 Reference #:
  7013237
 IBM Group:
 Software Group
 Modified date:
 2008-08-13

Translate My Page
 
 

Rate this page

Help us improve this page. Your response will be used to improve our document content. Requests for assistance, if applicable, should be submitted through your normal support channel as we cannot respond from this site.