Connection security configuration

The connection security network server configuration (NWSCFG type CNNSEC) object shown in Figure 16 is used to secure the SCSI and virtual Ethernet data flows between i5/OS™ and the iSCSI attached xSeries® or IBM® BladeCenter™ server:

• It identifies a set of IP security (IPSec) rules that are used with the various storage and virtual Ethernet connections.
• You can decide which data flows are secured and which data flows are not secured. You can choose to secure none, some, or all of the storage or virtual Ethernet connections. For example, you can choose to secure just the storage (SCSI) data flows or just one of the virtual Ethernet connections.
• You identify which SCSI and virtual Ethernet data flows are secured by specifying the appropriate security rules on the storage paths and virtual Ethernet paths parameters of the NWSD.
• When using IPSec, the SCSI and virtual Ethernet data flows between i5/OS and the iSCSI attached integrated server are encrypted and have an additional layer of encapsulation (tunneling) within the normal Ethernet network protocols.