z/OS Communications Server: SNA Programmer's LU 6.2 Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Security management product requirements

z/OS Communications Server: SNA Programmer's LU 6.2 Guide
SC27-3669-00

VTAM® relies on an external security management product equivalent to RACF® 1.9 or later to manage the LU-LU pair profiles, which contain the LU-LU pair session key, and to provide encryption services.

If security management functions are to be used, the following conditions must be true before an application issues OPEN ACB to identify itself to VTAM:
  • The security management product must be installed and active.
  • The resource class APPCLU must be active. The APPCLU class is used by RACF to verify the identity of partner logical units during VTAM session establishment.

If either of the above conditions is not met, the OPEN ACB fails with an ACBERFLAG value of X'72', indicating a security error. Security profiles are normally created using the application's network name, defining partner LUs, session security requirements, and conversations with those partners. A generic resource application can have a security profile defined with its generic resource name. If profiles are defined for both names, only the profile for the application network name is used.

For more information concerning functions provided by the external security management product and the interface between the external security management product and VTAM, refer to z/OS Security Server RACROUTE Macro Reference.

Parent topic: VTAM's LU 6.2 security options

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014