Timothy,
To clarify the things:
1. I have *never* said or suggested SE. I was talking about HMC and
"zombie device" connected to it. Physical HMC, not HMA aka virtual HMC
inside SE box.
2. Physical HMC can be rack-mounted or just desktop. I mentioned
rack-mounted HMC.
3. Such HMC is very similar to SE and to rack-mounted TKE.
4. USB is just interface, it can be external (more popular) or internal.
That's quite obvious. Less obvious is what should be reported by HMC. In
my humble opinion there is no big reason to report internal devices like
HDD, LAN NIC, etc. However there is big reason to report external
devices, because there is much bigger chance/risk that someone plugged
something. We know about phony keyboards, pendrive, etc. Interface is
irrelevant here, but the only external interface in HMC is USB - no
external SATA, no FireWire, no external PCIe, no ThunderBolt...
5. As I wrote, three appliances share common hardware base: SE, HMC,
TKE, but each of them have its own software and add-on hardware. TKE has
internal crypto card (the same as inside CryptoExpress), SE has internal
smartcard reader, HMC has no add-on.
Yes, TKE usually (always?) has two external smart card readers, but
that's different story.
--
Radoslaw Skorupka
Lodz, Poland
W dniu 19.08.2022 o 05:57, Timothy Sipples pisze:
Radoslaw,
I think you mentioned in one of your follow-up posts that you're actually
looking at a 1U Support Element, not a Hardware Management Console. If so, now
you know that you have a smart card reader with smart card inside the SE.
IBM TKE Workstations are different, yes. It has externally accessible smart
card readers.
USB stands for Universal Serial Bus. There's no implication that USB-connected
devices must be external, and they often aren't. Otherwise USB might've been
called ESB (External Serial Bus). When a manufacturer wants to embed a smart
card reader inside a piece of equipment the design choices are USB, USB, or
USB. Exaggerating only slightly.
— — — — —
Timothy Sipples
Senior Architect
Digital Assets, Industry Solutions, and Cybersecurity
IBM zSystems/LinuxONE, Asia-Pacific
[email protected]
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
