Re: Local MCS Console Solutions

Sat, 01 Jun 2013 17:21:45 -0700 

W dniu 2013-06-02 01:53, Don Williams pisze:

The OSA-C configuration works well for us as well.

In our case, we have two OSA-C cards for redundancy. Each LPAR has 4
consoles, 0000-0003. Consoles 0000 and 0001 (one on each OSA-C card) are our
"systems programmer" consoles that are usually offline. Consoles 0002 and
0003 are the operator consoles. The OSA-C cards have a configuration that
assigns each TN3270 session to a particular LPAR and address. We have 44
TN3270 sessions for 11 LPARs. Access to the consoles can be controlled via
OSA-C configuration options, normal firewall rules, and SAF logon.
SAF logon depends on CONSOLxx settings, but NIP console provide no means of security (*). The "most funny" thing which can happed is when someone started ICC console, locked his PC and went home. And his console is upper on th NIP console list than yours. Of course the lsit of suspected persons is usually short... 

Another disadvantage: TCP/IP traffic is not encrypted.
(*) Small exception: session definition can contain workstation address, so only the address can connect to the session. A network can be configured in a way where IP "counterfeld" is not working.
BTW: maybe ICC is "functionally stabilized", but not dead or moribound, since there is nothing newer to replace ICC. "Functionally stabilized" could mean "we don't think there is room for improvement and we don't want to create bells and whistles". 

--
Radoslaw Skorupka
Lodz, Poland






--
Tre tej wiadomoci moe zawiera informacje prawnie chronione Banku 
przeznaczone wycznie do uytku subowego adresata. Odbiorc moe by jedynie 
jej adresat z wyczeniem dostpu osób trzecich. Jeeli nie jeste adresatem 
niniejszej wiadomoci lub pracownikiem upowanionym do jej przekazania 
adresatowi, informujemy, e jej rozpowszechnianie, kopiowanie, rozprowadzanie 
lub inne dziaanie o podobnym charakterze jest prawnie zabronione i moe by 
karalne. Jeeli otrzymae t wiadomo omykowo, prosimy niezwocznie 
zawiadomi nadawc wysyajc odpowied oraz trwale usun t wiadomo 
wczajc w to wszelkie jej kopie wydrukowane lub zapisane na dysku.
This e-mail may contain legally privileged information of the Bank and is intended solely for business use of the addressee. This e-mail may only be received by the addressee and may not be disclosed to any third parties. If you are not the intended addressee of this e-mail or the employee authorised to forward it to the addressee, be advised that any dissemination, copying, distribution or any other similar activity is legally prohibited and may be punishable. If you received this e-mail by mistake please advise the sender immediately by using the reply facility in your e-mail software and delete permanently this e-mail including any copies of it either printed or saved to hard drive. 
BRE Bank SA, 00-950 Warszawa, ul. Senatorska 18, tel. +48 (22) 829 00 00, fax 
+48 (22) 829 00 33, www.brebank.pl, e-mail: [email protected]
Sd Rejonowy dla m. st. Warszawy XII Wydzia Gospodarczy Krajowego Rejestru Sdowego, nr rejestru przedsibiorców KRS 0000025237, NIP: 526-021-50-88. Wedug stanu na dzie 01.01.2013 r. kapita zakadowy BRE Banku SA (w caoci wpacony) wynosi 168.555.904 zotych. 


----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN

Reply via email to