Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
OEM security products — EE proxy solutions z/OS Communications Server: SNA Network Implementation Guide SC27-3672-01 |
|
Because EE is based on UDP, firewalls in the underlying network must permit UDP traffic on the EE ports (12000 - 12004). For corporations with policies that absolutely forbid allowing UDP packets through the firewall, it is possible to proxy the UDP traffic onto TCP connections. Although IBM® does not currently provide a TCP proxy for EE, other vendors might provide such a solution. An additional advantage of using an EE proxy is that the EE traffic then becomes eligible for SSL encryption (SSL is a TCP protocol.) The disadvantage of an EE proxy (with or without SSL) is the additional CPU overhead incurred for the TCP transport. |
Copyright IBM Corporation 1990, 2014
|