friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
14ed2849c6
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzaj4_5.4.0.1/rzaj45asecureway.htm

132 lines
9.6 KiB
HTML
Raw Normal View History

Add readme and dist folders
2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="iSeries and Internet security considerations" />
<meta name="abstract" content="As an iSeries owner exploring options for connecting your systems to the Internet, one of the first questions you will typically ask is, &#34;How do I begin to use the Internet for business purposes?&#34; The second question is, &#34;What should I know about security and the Internet?&#34; The focus of this material is to help you to answer this second question." />
<meta name="description" content="As an iSeries owner exploring options for connecting your systems to the Internet, one of the first questions you will typically ask is, &#34;How do I begin to use the Internet for business purposes?&#34; The second question is, &#34;What should I know about security and the Internet?&#34; The focus of this material is to help you to answer this second question." />
<meta name="DC.Relation" scheme="URI" content="rzaj4secoverview.htm" />
<meta name="DC.Relation" scheme="URI" content="rzaj40j0securitypolco.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1999, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1999, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzaj45asecureway" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>iSeries and
Internet security considerations</title>
</head>
<body id="rzaj45asecureway"><a name="rzaj45asecureway"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">iSeries and
Internet security considerations</h1>
<div><p><span><img src="./delta.gif" alt="Start of change" />As an iSeries™ owner
exploring options for connecting your systems to the Internet, one of the
first questions you will typically ask is, "How do I begin to use the Internet
for business purposes?" The second question is, "What should I know about
security and the Internet?" The focus of this material is to help you to
answer this second question.<img src="./deltaend.gif" alt="End of change" /></span></p>
<p><img src="./delta.gif" alt="Start of change" />The answer to the question, "What should I know about security
and the Internet?" is that it depends on how you want to use the Internet.
Security issues related to the Internet are significant. Which issues you
need to discuss are based on how you plan to use the Internet. Your first
venture into the Internet might be to provide your internal network users
with access to the web and Internet e-mail. You may also want the ability
to transfer sensitive information from one site to another. Eventually, you
may plan to use the Internet for e-commerce or to create an extranet between
your company and your business partners and suppliers.<img src="./deltaend.gif" alt="End of change" /></p>
<p>Before you get involved with the Internet, you
should think through what you want to do and how you want to do it. Making
decisions about both Internet usage and Internet security can be complex.
You may find it helpful to review the page, <a href="rzaj45lbasiccorpusage.htm#rzaj45lbasiccorpusage">Scenario:
JKL Toy Company e-business plans</a>, as you develop your own Internet
usage plan. (Note: If you are unfamiliar with security and Internet-related
terms, you can review common <a href="rzalxsecterms.htm">Security terminology</a> as
you work through this material.)</p>
<p>Once you understand how you want to use the Internet for e-business, as
well as the security issues and the available security tools, functions, and
offerings, you can develop a security policy and objectives. A number of
factors will affect the choices that you make in developing your security
policy. When you extend your organization onto the Internet, your security
policy is the critical cornerstone for ensuring that your systems and resources
are secure.</p>
<div class="section"><h4 class="sectiontitle">iSeries server
system security characteristics</h4><p><img src="./delta.gif" alt="Start of change" />In addition to a number
of specific security offerings for protecting your system on the Internet,
the iSeries server
has very strong system security characteristics, such as the following:<img src="./deltaend.gif" alt="End of change" /></p>
<ul><li>Integrated security which is extremely difficult to circumvent compared
to add-on security software packages offered on other systems.</li>
<li>Object-based architecture which makes it technically difficult to create
and spread a virus. On an iSeries server, a file cannot pretend to be a program,
nor can a program change another program. iSeries integrity features require you
to use system-provided interfaces to access objects. You cannot access an
object directly by its address in the system. You cannot take an offset and
turn it into, or "manufacture," a pointer. Pointer manipulation is a popular
technique for hackers on other system architectures.</li>
<li>Flexibility which lets you set up your system security to meet your specific
requirements. You can use the <img src="eserver.gif" alt="e(logo) server" /> <a href="../icbase/secplanr/securwiz.htm" target="_blank">Security Planner</a><img src="www.gif" alt="Link outside Information Center." /> to
help you determine which security recommendations fit your security needs.</li>
</ul>
</div>
<div class="section"><h4 class="sectiontitle">iSeries advanced
security offerings</h4><p>iSeries also offers several specific security offerings
that you can use to enhance your system security when you connect to the Internet.
Depending on how you use the Internet, you may want to take advantage of one
or more of these offerings: </p>
<ul><li><a href="rzaj45zxaddingvpn.htm#rzaj45zxaddingvpn">Virtual Private
Networks</a> (VPNs) are an extension of an enterprise's private intranet
across a public network, such as the Internet. You can use a VPN to create
a secure private connection, essentially by creating a private "tunnel" over
a public network. VPN is an integrated feature of i5/OS™ available from the iSeries Navigator
interface. </li>
<li><a href="../rzajb/rzajbrzajb0ippacketsecuritysd.htm">Packet rules</a> is an integrated feature of i5/OS available
from iSeries Navigator.
This feature allows you to configure IP packet filter and network address
translation (NAT) rules to control the flow of TCP/IP traffic into and out
of your iSeries server. </li>
<li><a href="../rzain/rzainoverview.htm">Secure
Sockets Layer (SSL) application communications security</a> allows you
to configure applications to use SSL to establish secure connections between
server applications and their clients. SSL was originally developed for secure
web browser and server applications, but other applications can be enabled
to use it. Many iSeries server
applications are now enabled for SSL, including the IBM<sup>®</sup> HTTP Server for iSeries, iSeries Access Express, File Transfer
Protocol (FTP), Telnet, and many others. </li>
</ul>
<p>Once you understand how you want to use the Internet, as well as the
security issues and the available security tools, functions, and offerings,
you are ready to develop a security policy and objectives. A number of factors
will affect the choices that you make in developing your security policy.
When you extend your organization onto the Internet, a security policy provides
a critical cornerstone for making your system secure. </p>
<div class="note"><span class="notetitle">Note:</span> <img src="./delta.gif" alt="Start of change" />To find more detailed information about how to begin using the
Internet for business purposes, review these online <span class="keyword"><img src="./delta.gif" alt="Start of change" />IBM Systems Software Information Center<img src="./deltaend.gif" alt="End of change" /></span> topics and IBM redbooks: <ul><li><a href="../rzai1/rzai1000.htm"><em>Connecting
to the Internet</em></a></li>
<li><a href="http://www.redbooks.ibm.com/pubs/pdfs/redbooks/sg244929.pdf" target="_blank"><em>AS/400<sup>®</sup> Internet Security: Protecting Your AS/400 from
HARM on the Internet</em> (SG24-4929)</a>.<img src="rbpdf.gif" alt="Link to PDF." /></li>
</ul>
<img src="./deltaend.gif" alt="End of change" /></div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzaj4secoverview.htm" title="Accessing the Internet from your LAN is a major step in the evolution of your network that will require you to reassess your security requirements.">iSeries and Internet security</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzaj40j0securitypolco.htm" title="Defining what to protect and what to expect of users.">Security policy and objectives</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue Copy Permalink