We run a number of scenarios depending on the needs of the customer. Many insist on one or more PC's in the path running expensive software (and then presumably relay the data in the open to the end point). But we prefer to originate FTP's from the host and 'push' to customers. That way our scheduler can manage the process to include exception monitoring and alarms. In fairness to your policy issues: most of any company network is PC's. And PC's require extraordinary levels and levels of protection so their frame of reference is a bit skewed.
A tactic that seems to be effective is insisting that data never flow in the open and never reside in the open anywhere on the network except at the two end points. That is an audit mantra and almost impossible to do with servers. Another point is that native TLS FTP is free. Any intervening server is going to cost some serious dollars (TCO, not just hardware). Also in fairness, MS and other PC ISV's that have done a good job in simplifying the processes. -----Original Message----- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Patrick O'Keefe Sent: Monday, January 14, 2008 10:25 AM To: [email protected] Subject: Encrypted transfers to/from vendors 2nd attempt to send a posting that went into the bit bucket. I assume there are some shops with policies that forbid transfers across the web between z/OS mainframes and external sites unless the data is encrypted. How do such shops send data to/from MVS (and other vendors)? ..snip Pat O'Keefe NOTICE: This electronic mail message and any files transmitted with it are intended exclusively for the individual or entity to which it is addressed. The message, together with any attachment, may contain confidential and/or privileged information. Any unauthorized review, use, printing, saving, copying, disclosure or distribution is strictly prohibited. If you have received this message in error, please immediately advise the sender by reply email and delete all copies. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
