For more V2R1 new functions, see z/OS V2R1 Communications Server: New Function Summary.
TN3270E Telnet server Express Logon Feature support for Multi-Factor Authentication March 2018
z/OS V2R1 Communications Server, with RACF APAR and IBM MFA for z/OS APARs, extends the TN3270 Telnet server Express Logon Feature (ELF) to support IBM Multi-Factor Authentication (MFA) for z/OS. With this support, TN3270 clients can experience the same single sign-on behavior that is already offered by the PassTicket-based ELF, but now via an MFA token that is assigned by a SAF-compliant external security manager like IBM Security Server RACF.
- IBM Security Server RACP APAR OA53002
- IBM Multi-Factor Authentication for z/OS APARs PI86470 and PI93341
3270 Intrusion Detection Services May 2017
z/OS V2R1 Communications Server enables 3270 data stream intrusion detection services (IDS) that detect and act on violations of the 3270 data stream protocol. The 3270 IDS function monitors 3270 data streams for primary logical units (PLUs) that are connected to the z/OS VTAM instance. The 3270 IDS function monitors any attempt to write past the end of input fields or to modify protected fields. It also writes GTF type F90 records and SMF type 119 (subtype 81) records for each incident.
IBM Health Checker for z/OS application health checks May 2016
IBM Health Checkers for z/OS application health checks are provided to identify whether MVRSHD server is active, whether RSH clients are using RHOSTS.DATA datasets for authentication, whether SMTP server is configured as a mail relay and whether SNMP agent is configured with a community name of public.
IBM Health Checker for z/OS application health check for FTP ANONYMOUS JES May 2016
IBM Health Checker for z/OS application health check is provided to help determine whether your FTP server allows anonymous users to submit jobs. When ANONYMOUS FTP is allowed on the FTP server, it is recommended that ANONYMOUSLEVEL be set to 3 and ANONYMOUSFILETYPEJES be set to FALSE. Otherwise, anonymous users can submit jobs to run on the system.
Otelnetd support for 16 character password March 2016
The otelnetd daemon is enhanced to support a password up to sixteen characters.
Add FTP parameter to pass APPLNAME December 2014
The APPLNAME ftp.data statement for the FTP server is added to allow administrators to specify an application name to use during user verification.
Enhance Centralized Policy Agent to support TLSv1.1 and TLSv1.2 2-byte ciphers January 2014
Centralized Policy Agent is enhanced to support TLSv1.1 and TLSv1.2 2-byte ciphers. In addition, the import services between Policy Agent and IBM Configuration Assistant for z/OS Communications Server allow user-defined AT-TLS policies to create a secure SSL connection.
z/OS UNIX sendmail enhancement to support TLSv1.2 January 2014
z/OS UNIX sendmail is enhanced to support TLSv1.2 with a new set of TLS v1.2 2-byte specific ciphers.
Enhance the Digital Certificate Access Server ( DCAS) to use AT-TLS January 2014
The Digital Certificate Access Server (DCAS) is enhanced to support Application Transparent Transport Layer Security (AT-TLS). To secure the connection using TLS v1.2, users must define policy by using AT-TLS for the DCAS.
Enhancement to support the Advanced Encryption Standard (AES) 128-bit cipher algorithm January 2014
The z/OS Communications Server SNMP Agent, the z/OS UNIX snmp command, and the SNMP manager API are enhanced to support the Advanced Encryption Standard (AES) 128-bit cipher algorithm as an SNMPv3 privacy protocol for encryption.
IBM Health Checker for z/OS migration health checker for TFTP daemon August 2016
IBM Health Checker for z/OS migration health check is provided to determine whether you are using the Trivial File Transfer Protocol daemon (TFTPD). Support for the TFTPD will be removed in a future release of IBM z/OS Communications Server.
IBM Health Checker for z/OS migration health check for additional legacy devices March 2016
IBM Health Checker for z/OS migration health check is provided to determine whether you are using TCP/IP legacy devices. Support for the DEVICE and LINK profile statements for the TCP/IP legacy device types will be removed in a future release of z/OS Communications Server: FDDI and Token Ring (LCS with LINKs FDDI and IBMTR), Token Ring (MPCIPA with LINK IPAQTR), and Ethernet and FDDI (MPCOSA with LINKs OSAENET and OSAFDDI).
IBM Health Checker for z/OS migration health check for legacy devices June 2014
IBM Health Checker for z/OS migration health check is provided to determine whether you are using TCP/IP legacy devices. Support for the DEVICE and LINK profile statements for the following TCP/IP legacy device types will be removed in a future release of z/OS Communications Server: ATM, CDLC, CLAW, HYPERchannel, SNALINK (LU0 and LU6.2), and X.25.
z/OS V2R1 Communications Server: AIMON enhancements February 2017
With the AIMON support enhancements, VTAM will monitor interfaces for overdue adapter interrupts. If an overdue adapter interrupt is detected, VTAM will drive a virtual interrupt in an effort to prevent a stall condition.
Shared Memory Communications over RDMA Enhancements June 2014
The VTAM DISPLAY BFRUSE command output is enhanced to include 64-bit storage usage for the SMC-R function.
CSSMTP storage monitor January 2014
CSSMTP is enhanced to check storage utilization after each completed mail message. If storage is constrained, message EZD1858I is issued and mail processing is automatically suspended. Once the storage constraint is relieved, message EZD1859I is issued and the reading of mail messages from the spool resumes.
GVBKDLY function December 2013
The new GVBKDLY function is implemented to determines whether VTAM internally paces the subcommands generated from a VARY INACT,TYPE=GIVEBACK command. The GVBKDLY start option affects GIVEBACK commands which use wildcard values for the ID operand to deactivate dependent LU requesters (DLURs).
Application, middleware, and workload enablement
Code page enhancements for CSSMTP July 2018
z/OS V2R1 Communications Server, with APAR PI93278, is enhanced to support multi-byte character sets with the Communications Server SMTP (CSSMTP) application. This enhancement allows migration from SMTPD to CSSMTP for customers that use multi-byte character set code pages, and provides improved code page support for characters in the mail subject line.
Dependency: To use CSSMTP MBCS function, you also need Unicode Support APAR OA55727.
Sendmail to CSSMTP bridge May 2017
The z/OS UNIX sendmail application is removed in IBM Communications Server for z/OS Version 2 Release 3. The z/OS sendmail to CSSMTP bridge (sendmail bridge) is a new application. It is a limited function sendmail client that sends mail to the JES spool where it can be processed by CSSMTP. It provides a compatible subset of sendmail functions so that z/OS UNIX users can continue to use the sendmail command to send mail messages. It can be used in this release to prepare for the removal of the z/OS UNIX sendmail application in z/OS Version 2 Release 3.
Improved CSSMTP code page compatibility with target servers March 2017
The Communications Server SMTP (CSSMTP) application is enhanced to send mail messages with special characters, such as the Euro sign (€), embedded in the body of the mail message in the code page expected by the mail server.
A failed ioctl() request for SIOCSVIPA/6 September 2016
The return information on a failed ioctl() request for SIOCSVIPA/6 to create a Dynamic VIPA with affinity is enhanced to distinguish between a retryable and a non-retryable condition. The -a option of the moddvipa utility can be used to create a Dynamic VIPA with affinity as an alternative to programming the ioctl().
Improved CSSMTP TLS compatibility with mail servers September 2016
The Communications Server SMTP (CSSMTP) application is enhanced to send an EHLO command after a successful TLS negotiation with an SMTP server. SMTP servers may require an EHLO SMTP command after a successful TLS negotiation.
CSSMTP customizable ATSIGN character for mail addresses March 2016
The Communications Server SMTP (CSSMTP) application is enhanced to recognize a different character as the industry standard at sign (@) symbol in a mail address. The specified character is recognized as the at sign symbol only in the SMTP commands and headers in mail messages.
IBM Health Checker for z/OS migration health checks for mail November 2015
IBM Health Checker for z/OS migration health checks are provided to determine whether you are using sendmail or SMTPD functions. Support for sendmail and SMTPD will be removed in a future release of z/OS Communications Server.
Economics and platform efficiency
Communications Server support for RoCE Express2 features September 2017
This new function extends the Shared Memory Communications over Remote Direct Memory Access (SMC-R) function to support the next generation IBM 10 GbE RoCE Express2 feature. The IBM 10 GbE RoCE Express2 feature allows TCP/IP stacks on different LPARs within the same central processor complex (CPC) to leverage the power of these state-of-the-art adapters to optimize network connectivity for mission critical workloads by using Shared Memory Communications technology.
VTAM internal trace default changed to disable SMS option June 2016
The VTAM Internal Trace (VIT) default is changed to remove the SMS option. You can explicitly enable the SMS option when required for problem diagnosis. You can use D NET,TRACES to verify which of the (user controlled) VIT options you are currently running.
Fragmentation avoidance July 2015
The ADJUSTDVIPAMSS profile parameter is added to the GLOBALCONFIG statement to allow the automatic adjustment of the TCP MSS value to avoid fragmentation.
CSSMTP terminates connection to mail server July 2015
The ConnectIdle configuration parameter is added to control how long to keep a connection open with a mail server after the last mail message in a JES spool file has been processed and another spool file is not immediately available for processing.
Shared Memory Communications over RDMA adapter virtualization April 2015
The Shared Memory Communications over Remote Direct Memory Access (SMC-R) function is extended to allow TCP/IP stacks on different LPARs within the same central processor complex (CPC) to share the same physical IBM 10GbE RoCE Express feature.
SMC Applicability Tool March 2015
The SMC Applicability Tool provides the capability to evaluate TCP/IP network traffic for potential applicability for exploiting SMC-R without requiring enablement of the SMC-R function on any system or requiring any special hardware.
Scalability and performance
Improved control over default VTAM VIT options December 2016
VTAM provides two levels of operator control including "Full VIT control" and "Base VIT control" for managing the VIT in internal mode. The two levels of VIT control apply to internal mode recording only. External mode recording of VIT records is unchanged regardless of the level of VIT control used for internal mode recording.
If you have any comments or questions about New Function APAR Summary, send an email to email@example.com.