Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
NETSRV security considerations z/OS JES2 Initialization and Tuning Guide SA32-0991-00 |
|
NETSRV can support both secure and non-secure connections.
You must meet the following minimum requirements to establish a secure
connection:
Note: Meeting the previous requirements ensures that
a successful secure connection is established only when started from
the initiating (client/sending) node. See Figure 1 for an example of this configuration.
Figure 1. Secure connection
from client node
The previous configuration, Figure 1, can initiate a secure connection only when started from node NEWYORK1. To enable a secure transmission, the PORT name/number must match between the local socket on the listening side (WASHDC2) and corresponding remote socket on the sending node (NEWYORK1). Using LOCALTLS allows JES2 to automatically utilize the default port for secure transmission. To establish a secure connection from either node,
the following symmetrical configuration of the sockets at both ends
is required:
Figure 2. Secure connection
from either node
The previous configuration, Figure 2, can initiate a secure connection when started from either side. To enable a secure transmission, the PORT name or number must match between the local socket on the listening side (WASHDC2) and corresponding remote socket on the sending node (NEWYORK1). Using LOCALTLS allows JES2 to automatically utilize the default port for secure transmission. You can also define a NETSRV that can tolerate both secure and non-secure connections, depending on which sockets are utilized in starting the NETSRV connection. See Figure 3 for an example of this configuration. Figure 3. Secure and
non-secure connections
In Figure 3, if node NEWYORK1 issues a $SN,SOCKET=WASHDC2A request, a secure connection would be established. However, if node NEWYORK1 issues a $SN,SOCKET=WASHDC2B request, a non-secure connection would be established via conventional secure port 2252. |
Copyright IBM Corporation 1990, 2014
|