Grant Taylor wrote:
>I'd have to refresh myself on how granular you can target things, but I
>believe you can definitely differentiate between NFS, HTTP, MQ, JDBC,
>ODBC, Enterprise Extender, and any other protocols you're using based on
>the different ports that they operate on.
Perhaps you can..
On 5/9/21 8:11 PM, Timothy Sipples wrote:
z/OS does: IPsec (IKEv2).
The major issue is that one VPN tunnel can be shared. When you operate
this way, there's no security segregation per connection. The TN3270E
traffic rides alongside NFS, HTTP, MQ, JDBC, ODBC, Enterprise Extender,
and any o
Seymour J. Metz wrote:
>What's wrongwith running a 3270 client in an encrypted VPN?
Grant Taylor replied:
>IMHO, nothing.
>I think the problem comes from complications around VPNs, not the least
>of which include:
>1) Complex configurations. -- Does the mainframe support being a VPN
>endpoint i
W dniu 08.05.2021 o 01:21, Ed Jaffe pisze:
On 5/5/2021 3:47 AM, Seymour J Metz wrote:
What's wrongwith running a 3270 client in an encrypted VPN?
A VPN does not encrypt your traffic other than between the VPN endpoints.
In most implementations, VPN is used to cross the public Internet only.
n
Sent: 07 May 2021 20:25
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: 3270 emulator / telnet with encryption
I'm probably the odd one out, but I say "SEE-pack-eff" and "kicks" for CPACF
and CICS and I'm on the east coast of the US.
And, yes, we (ICSF) do exploit the new
On 5/7/21 5:21 PM, Ed Jaffe wrote:
A VPN does not encrypt your traffic other than between the VPN endpoints.
Which is perfectly fine if the VPN endpoints are the client and mainframe.
In most implementations, VPN is used to cross the public Internet only.
With "most (implementations)" being
On 5/5/2021 3:47 AM, Seymour J Metz wrote:
What's wrongwith running a 3270 client in an encrypted VPN?
A VPN does not encrypt your traffic other than between the VPN endpoints.
In most implementations, VPN is used to cross the public Internet only.
Once the traffic hits the edge of the target
On 5/5/21 4:47 AM, Seymour J Metz wrote:
What's wrongwith running a 3270 client in an encrypted VPN?
IMHO, nothing.
I think the problem comes from complications around VPNs, not the least
of which include:
1) Complex configurations. -- Does the mainframe support being a VPN
endpoint its
: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: 3270 emulator / telnet with encryption
Hi Richard,
This reminds me of a story.
Approximately 26 years ago, myself and a colleague were invited to a
multi-vendor meeting at a customer site to help solve a problem.
My colleague had the misfortune of pronouncing &qu
al Message-
From: IBM Mainframe Discussion List On Behalf Of
Radoslaw Skorupka
Sent: Friday, May 7, 2021 4:16 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: 3270 emulator / telnet with encryption
[External Email. Exercise caution when clicking links or opening attachments.]
Poland:
kicks fo
M-I-C-K-E-Y M-O-U-S-E. Who remembers that song?
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of
Radoslaw Skorupka
Sent: Friday, May 7, 2021 4:16 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: 3270 emulator / telnet with encryption
[External Email. Exercise caution
st On
Behalf Of Tom Brennan
Sent: 07 May 2021 16:55
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: 3270 emulator / telnet with encryption
On 5/7/2021 6:19 AM, Phil Smith III wrote:
It's a reasonably safe bet that any machine today has CPACF; that was
not always true, of course.
When IBM or a b
;
> -Original Message-
> From: IBM Mainframe Discussion List On
> Behalf Of Tom Brennan
> Sent: 07 May 2021 16:55
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: 3270 emulator / telnet with encryption
>
> On 5/7/2021 6:19 AM, Phil Smith III wrote:
>
> >
> -Original Message-
> From: IBM Mainframe Discussion List On
> Behalf Of Tom Brennan
> Sent: Friday, May 07, 2021 10:30 AM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: 3270 emulator / telnet with encryption
>
> Ha ha - now you reminded me of a phone ca
On 5/7/2021 9:57 AM, Lennie Dymoke-Bradshaw wrote:
Tom,
CPACF is considered part of weaponry by the US government and so it has to be
capable of being disabled for those countries where exportation of encryption
is restricted by US Govt arms rules. This is why it has to be explicitly
selected
Ha ha - now you reminded me of a phone call years ago with an ISV
programmer in England (I'm in USA). The guy said something like, "What
does that Wah-Toe indicate?" And I'm like, Wah-Toe Oh... it's WTO :)
I say C-I-C-S too.
Oops... this is the stuff David Crayford said drives people a
2021 16:55
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: 3270 emulator / telnet with encryption
On 5/7/2021 6:19 AM, Phil Smith III wrote:
> It's a reasonably safe bet that any machine today has CPACF; that was
> not always true, of course.
When IBM or a business partner configures a
:42 (GMT-05:00) To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: 3270
emulator / telnet with encryption When I moved Eastern to Western US many moons
ago it seemed to me as if in the East I had always heard the acronyms spelled
out: D-O-S, C-I-C-S; but that in the West I heard "doss" and &q
the other hand is always spelled. No one ever says "dub-two."
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Chris Hoelscher
Sent: Friday, May 7, 2021 9:13 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: 3270 emulato
Hi Chris,
My observation: Brits say KIX, Americans C-I-C-S and Germans, Austrians and
Swiss say SIKS.
Best regards,
René
> On 7 May 2021, at 18:13, Chris Hoelscher wrote:
>
> Or, for that matter, is it C - I - C - S or KIX? (I use the former, but I
> know many use the latter)
>
> Chris H
Or, for that matter, is it C - I - C - S or KIX? (I use the former, but I know
many use the latter)
Chris Hoelscher
Lead Sys DBA
IBM Global Technical Services on assignmemt to Humana Inc.
T 502.476.2538 or 502.407.7266
Side subject - so how do you pronounce CPACF? I always say each letter, b
On 5/7/2021 6:19 AM, Phil Smith III wrote:
It's a reasonably safe bet that any machine today has CPACF; that was not
always true, of course.
When IBM or a business partner configures a new machine, there's a
checkmark for CPACF (zero charge), but it defaults to unchecked. So
when ordering a
, 2021 9:19 AM
To: ibm-m...@bama.ua.edu
Subject: Re: 3270 emulator / telnet with encryption
Radoslaw Skorupka wrote:
>I can be wrong, but I read that data portions for telnet traffic are so
>small that there is no interest to call ICSF functions and just built-in
>TCPIP/TN3270 proce
Radoslaw Skorupka wrote:
>I can be wrong, but I read that data portions for telnet traffic are so
>small that there is no interest to call ICSF functions and just built-in
>TCPIP/TN3270 procedures are used. Note: I talk about symmetric key
>crypto, not handshaking. And that part of "software ba
I wrote:
>and I believe Attachment's SSL/TLS support has been around for at
>least 20 years.
I meant Attachmate, not Attachment. :-)
Radoslaw Skorupka wrote:
>I can be wrong, but I read that data portions for telnet traffic are so
>small that there is no interest to call ICSF functions and ju
W dniu 06.05.2021 o 07:42, Timothy Sipples pisze:
Bill Giannelli wrote:
Our network security group (with no mainframe knowledge) is complaining
about the use of telnet for mainframe connections as they say it is not
encrypted.
Your network security group is correct to complain.
We use attachm
Bill Giannelli wrote:
>Our network security group (with no mainframe knowledge) is complaining
>about the use of telnet for mainframe connections as they say it is not
>encrypted.
Your network security group is correct to complain.
>We use attachmate and HOD. Are there any 3270 emulators that als
It's not hard to configure port 23 (or any port you choose) for TLS and 3270
> -Original Message-
> From: IBM Mainframe Discussion List On
> Behalf Of Paul Gilmartin
> Sent: Wednesday, May 05, 2021 8:13 AM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: 3270
I know that QWS (Jolly Giant software) has a QWS 3270 Secure product.
-- Original Message --
From: "Bill Giannelli"
To: IBM-MAIN@listserv.ua.edu
Sent: 5/5/2021 6:14:43 AM
Subject: 3270 emulator / telnet with encryption
Our network security group (with no mainframe knowledge) is complai
On Wed, 5 May 2021 16:20:05 +0200, Radoslaw Skorupka wrote:
>W dniu 05.05.2021 o 12:14, Bill Giannelli pisze:
>> Our network security group (with no mainframe knowledge) ...
>
>TLS encryption is supported by most emulators including PCOMM, Nexus,
>free wc3270, Vista, ZOC, Rumba, QWS...
>Note: TLS
We use AT-TLS with our Bluezone product
On Wed, May 5, 2021 at 9:20 AM Radoslaw Skorupka
wrote:
> W dniu 05.05.2021 o 12:14, Bill Giannelli pisze:
> > Our network security group (with no mainframe knowledge) is complaining
> about the use of telnet for mainframe connections as they say it is not
W dniu 05.05.2021 o 12:14, Bill Giannelli pisze:
Our network security group (with no mainframe knowledge) is complaining about
the use of telnet for mainframe connections as they say it is not encrypted. We
use attachmate and HOD. Are there any 3270 emulators that also do encryption?
thanks
T
On Wed, 5 May 2021 12:42:58 +, Allan Staller wrote:
>
>Afaik, Most 3270 emulators(not all) support TLS encryption. It is merely a
>session setup parameter.
>You will also need to configure the TELNET server to support encryption as
>well,
>
See: https://www.microfocus.com/en-us/products/extr
Michael Babcock
Sent: Wednesday, May 5, 2021 5:29 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: 3270 emulator / telnet with encryption
[CAUTION: This Email is from outside the Organization. Unless you trust the
sender, Don’t click links or open attachments as it may be a Phishing email,
which can
What's wrongwith running a 3270 client in an encrypted VPN?
--
Shmuel (Seymour J.) Metz
http://mason.gmu.edu/~smetz3
From: IBM Mainframe Discussion List [IBM-MAIN@LISTSERV.UA.EDU] on behalf of
Bill Giannelli [billgianne...@gmail.com]
Sent: Wednesday, May
We use Bluezone which does encryption (TLS 1.2)
On 5/5/2021 5:14 AM, Bill Giannelli wrote:
Our network security group (with no mainframe knowledge) is complaining about
the use of telnet for mainframe connections as they say it is not encrypted. We
use attachmate and HOD. Are there any 3270 em
36 matches
Mail list logo