ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahj_5.4.0.1/rzahjrzahjsec.htm

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
      "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="dc.language" scheme="rfc1766" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights                   -->
<!-- Use, duplication or disclosure restricted by            -->
<!-- GSA ADP Schedule Contract with IBM Corp.                -->
<meta name="dc.date" scheme="iso8601" content="2005-10-03" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow"/>
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<title>APPC, APPN, and HPR security</title>
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
<link rel="stylesheet" type="text/css" href="ic.css" />
</head>
<body>
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link --> 
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>


<a name="rzahjsec"></a>
<h2 id="rzahjsec">APPC, APPN, and HPR security</h2>
<p>The following are some aspects of security for iSeries systems communicating
with each other using APPC, APPN, and HPR: </p>
<ul>
<li><span class="bold">General security considerations:</span>
<p>Consider the
following measures when securing your network:</p>
<a name="wq95"></a>
<div class="notetitle" id="wq95">Note:</div>
<div class="notebody">The following
password considerations only apply if password protection is not active.</div>
<ol type="1">
<li>When application program security is used, specify SECURELOC(*VFYENCPWD).
This means that you only get to log on if BOTH your user profile name AND
password are the same on both systems.</li>
<li>The person responsible for network security ensures that each user has
a unique user ID throughout the network.</li>
<li>Have your system administrator set a limit on the number of consecutive
password attempts that are not valid for a given display device. When this
limit is reached, the device is then varied off. Set the limit with the system
value QMAXSIGN. This is only true for Display devices, not for APPC devices.</li>
<li>Users can sign on to more than one iSeries system with the same profile.
To limit the user profile to one sign-on, Set the system value (*SYSVAL) for
LMTDEVSSN parameter on either the Create User Profile (CRTUSRPRF) or Change
User Profile (CHGUSRPRF) command.</li></ol></li>
<li><span class="bold">Physical security considerations:</span>
<p>You are responsible
for the physical security of your system when you specify *NONE for the location
password (LOCPWD) parameter during APPC configuration. In this case, the iSeries system
does not validate the identity of a remote system when a session is being
established. However, you can still use application-level security if the
remote system supports it. For example, if the remote system is an iSeries system
with security level 20 or above. Security needs to be consistent across all
the systems in a network if intersystem access is to be controlled and yet
not unnecessarily restricted.</p></li></ul>
<p><img src="delta.gif" alt="Start of change" />For more Information about security, review the following topics:</p>
<ul>
<li><a href="rzahjrzahjseslev.htm#rzahjseslev">Session-level security for APPN and HPR</a></li>
<li><a href="rzahjrzahjsecpro.htm#rzahjsec-pro">Protect your system in an APPN and HPR environment</a></li></ul><img src="deltaend.gif" alt="End of change" />
<p>For a more complete discussion of security considerations, see <a href="../rzamv/rzamvplansec.htm">Plan and set up iSeries security</a>.</p>
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
</body>
</html>
Add readme and dist folders 2024-04-02 14:02:31 +00:00			`<?xml version="1.0" encoding="utf-8"?>`
			`<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"`
			`"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">`
			`<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">`
			`<head>`
			`<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />`
			`<meta name="dc.language" scheme="rfc1766" content="en-us" />`
			`<!-- All rights reserved. Licensed Materials Property of IBM -->`
			`<!-- US Government Users Restricted Rights -->`
			`<!-- Use, duplication or disclosure restricted by -->`
			`<!-- GSA ADP Schedule Contract with IBM Corp. -->`
			`<meta name="dc.date" scheme="iso8601" content="2005-10-03" />`
			`<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />`
			`<meta name="security" content="public" />`
			`<meta name="Robots" content="index,follow"/>`
			`<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />`
			`<title>APPC, APPN, and HPR security</title>`
			`<link rel="stylesheet" type="text/css" href="ibmidwb.css" />`
			`<link rel="stylesheet" type="text/css" href="ic.css" />`
			`</head>`
			`<body>`
			`<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->`
			`<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>`


			`<a name="rzahjsec"></a>`
			`<h2 id="rzahjsec">APPC, APPN, and HPR security</h2>`
			`<p>The following are some aspects of security for iSeries systems communicating`
			`with each other using APPC, APPN, and HPR: </p>`
			`<ul>`
			`<li><span class="bold">General security considerations:</span>`
			`<p>Consider the`
			`following measures when securing your network:</p>`
			`<a name="wq95"></a>`
			`<div class="notetitle" id="wq95">Note:</div>`
			`<div class="notebody">The following`
			`password considerations only apply if password protection is not active.</div>`
			`<ol type="1">`
			`<li>When application program security is used, specify SECURELOC(*VFYENCPWD).`
			`This means that you only get to log on if BOTH your user profile name AND`
			`password are the same on both systems.</li>`
			`<li>The person responsible for network security ensures that each user has`
			`a unique user ID throughout the network.</li>`
			`<li>Have your system administrator set a limit on the number of consecutive`
			`password attempts that are not valid for a given display device. When this`
			`limit is reached, the device is then varied off. Set the limit with the system`
			`value QMAXSIGN. This is only true for Display devices, not for APPC devices.</li>`
			`<li>Users can sign on to more than one iSeries system with the same profile.`
			`To limit the user profile to one sign-on, Set the system value (*SYSVAL) for`
			`LMTDEVSSN parameter on either the Create User Profile (CRTUSRPRF) or Change`
			`User Profile (CHGUSRPRF) command.</li></ol></li>`
			`<li><span class="bold">Physical security considerations:</span>`
			`<p>You are responsible`
			`for the physical security of your system when you specify *NONE for the location`
			`password (LOCPWD) parameter during APPC configuration. In this case, the iSeries system`
			`does not validate the identity of a remote system when a session is being`
			`established. However, you can still use application-level security if the`
			`remote system supports it. For example, if the remote system is an iSeries system`
			`with security level 20 or above. Security needs to be consistent across all`
			`the systems in a network if intersystem access is to be controlled and yet`
			`not unnecessarily restricted.</p></li></ul>`
			`<p><img src="delta.gif" alt="Start of change" />For more Information about security, review the following topics:</p>`
			`<ul>`
			`<li><a href="rzahjrzahjseslev.htm#rzahjseslev">Session-level security for APPN and HPR</a></li>`
			`<li><a href="rzahjrzahjsecpro.htm#rzahjsec-pro">Protect your system in an APPN and HPR environment</a></li></ul><img src="deltaend.gif" alt="End of change" />`
			`<p>For a more complete discussion of security considerations, see <a href="../rzamv/rzamvplansec.htm">Plan and set up iSeries security</a>.</p>`
			`<a id="Bot_Of_Page" name="Bot_Of_Page"></a>`
			`</body>`
			`</html>`