The Communications Server uses the System Authorization Facility
(SAF) to protect TCP/IP resources from unauthorized access. These
resources are represented by resource profiles defined in the SERVAUTH
class. When describing resource profile names, the following conventions
are used:
- sysname is the MVS™ system name. Substitute your system name.
- tcpname is the TCP/IP job name. Substitute
your job name.
- ftpdaemonname is the job name of the
FTP daemon. Substitute your FTPD job name. If your FTPD job name contains
fewer than 8 characters, substitute the job name of the process that
is started by FTPD, which is usually the original job name with the
number 1 appended.
- rpcbindname is the job name of rpcbind.
Substitute your rpcbind job name. If your rpcbind job name contains
fewer than 8 characters, substitute the job name of the process that
is started by rpcbind, which is usually the original job name with
the number 1 appended.
The use of SERVAUTH is optional. The installation can choose to
use any combination of the protections provided by SERVAUTH.
In addition to the use of SERVAUTH protection, further resource
protection is provided through such functions as intrusion detection
services (IDS), syslogd isolation, and IP filtering, or through controlling
access to the VARY TCPIP command.