The IPSec network management interface (NMI) enables network management applications to obtain detailed information for and exercise control over IP filtering and IPSec security associations. Access to this interface can be controlled through an external security manager product, such as RACF®, by defining the SERVAUTH profile names EZB.NETMGMT.sysname.tcpname.IPSEC.DISPLAY and EZB.NETMGMT.sysname.tcpname.IPSEC.CONTROL for display requests and control requests respectively.
Applications can access this interface if the user ID associated with the network management application is permitted (has read access) to the appropriate resource profile.
If the resource profile is not defined, the service allows access to the IPSec NMI only to superusers, or to those permitted to become superusers (that is, those with read access to BPX.SUPERUSER).
For more information about the IPSec NMI, see z/OS Communications Server: IP Programmer's Guide and Reference.