Re: Local MCS Console Solutions

Sun, 02 Jun 2013 10:11:41 -0700 

Good points which is why I don't setup them up as NIP consoles and we only
allow access inside our firewall.

> -----Original Message-----
> From: IBM Mainframe Discussion List [mailto:[email protected]]
> On Behalf Of R.S.
> Sent: Saturday, June 01, 2013 8:21 PM
> To: [email protected]
> Subject: Re: Local MCS Console Solutions
> 
> W dniu 2013-06-02 01:53, Don Williams pisze:
> > The OSA-C configuration works well for us as well.
> >
> > In our case, we have two OSA-C cards for redundancy. Each LPAR has 4
> > consoles, 0000-0003. Consoles 0000 and 0001 (one on each OSA-C card) are
> our
> > "systems programmer" consoles that are usually offline. Consoles 0002
and
> > 0003 are the operator consoles. The OSA-C cards have a configuration
that
> > assigns each TN3270 session to a particular LPAR and address. We have 44
> > TN3270 sessions for 11 LPARs. Access to the consoles can be controlled
via
> > OSA-C configuration options, normal firewall rules, and SAF logon.
> 
> SAF logon depends on CONSOLxx settings, but NIP console provide no
> means
> of security (*).
> The "most funny" thing which can happed is when someone started ICC
> console, locked his PC and went home. And his console is upper on th NIP
> console list than yours. Of course the lsit of suspected persons is
> usually short...
> 
> Another disadvantage: TCP/IP traffic is not encrypted.
> 
> (*) Small exception: session definition can contain workstation address,
> so only the address can connect to the session. A network can be
> configured in a way where IP "counterfeld" is not working.
> 
> 
> 
> BTW: maybe ICC is "functionally stabilized", but not dead or moribound,
> since there is nothing newer to replace ICC. "Functionally stabilized"
> could mean "we don't think there is room for improvement and we don't
> want to create bells and whistles".
> 
> --
> Radoslaw Skorupka
> Lodz, Poland
> 
> 
> 
> 
> 
> 
> --
> Tre tej wiadomoci moe zawiera informacje prawnie chronione Banku
> przeznaczone wycznie do uytku subowego adresata. Odbiorc moe
> by jedynie jej adresat z wyczeniem dostpu osób trzecich. Jeeli nie
> jeste adresatem niniejszej wiadomoci lub pracownikiem upowanionym
> do jej przekazania adresatowi, informujemy, e jej rozpowszechnianie,
> kopiowanie, rozprowadzanie lub inne dziaanie o podobnym charakterze
> jest prawnie zabronione i moe by karalne. Jeeli otrzymae t
> wiadomo omykowo, prosimy niezwocznie zawiadomi nadawc
> wysyajc odpowied oraz trwale usun t wiadomo wczajc w to
> wszelkie jej kopie wydrukowane lub zapisane na dysku.
> 
> This e-mail may contain legally privileged information of the Bank and is
> intended solely for business use of the addressee. This e-mail may only be
> received by the addressee and may not be disclosed to any third parties.
If
> you are not the intended addressee of this e-mail or the employee
> authorised to forward it to the addressee, be advised that any
dissemination,
> copying, distribution or any other similar activity is legally prohibited
and may
> be punishable. If you received this e-mail by mistake please advise the
> sender immediately by using the reply facility in your e-mail software and
> delete permanently this e-mail including any copies of it either printed
or
> saved to hard drive.
> 
> BRE Bank SA, 00-950 Warszawa, ul. Senatorska 18, tel. +48 (22) 829 00 00,
fax
> +48 (22) 829 00 33, www.brebank.pl, e-mail: [email protected]
> Sd Rejonowy dla m. st. Warszawy XII Wydzia Gospodarczy Krajowego
> Rejestru Sdowego, nr rejestru przedsibiorców KRS 0000025237, NIP: 526-
> 021-50-88.
> Wedug stanu na dzie 01.01.2013 r. kapita zakadowy BRE Banku SA (w
> caoci wpacony) wynosi 168.555.904 zotych.
> 
> 
> ----------------------------------------------------------------------
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to [email protected] with the message: INFO IBM-MAIN

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN

Reply via email to