> -----Original Message----- > From: IBM Mainframe Discussion List On Behalf Of Gibney, Dave > > > > That's a couple of big "ifs" - that's why we can't use it. Our > workstation IP > > addresses, even if fixed (like mine - most are not), cannot be > accessed from > > z/OS. I would think most real-world shops are that way - if not, > well, they > > may need to hire some networking personnel to setup proper security. > > > > I am curious, why do some of the powers that be fear connecting their > mainframe to the network. With proper vpn, there should be no reason to > block z/OS from reaching out to users work stations. I wouldn't even > insist on vpn if WSA would do SSL or SSH tunneling. And presumably much > of this traffic would be on an intranet, not the wild and wooly > Internet. > There is no fear of virii, well maybe an application in java, but > certainly not the system. Properly secured, a user can get anywhere they > don't belong not matter what port or door they come in on. > > I'd truly hate the (IMO unneeded) extra steps to do Shopzseries or CA > MSM without direct connection to IBM and CA's sites. > > Is there a real reason, not PHB paranoia that I'm missing?
"Institutional inertia". -jc- ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html