friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahj_5.4.0.1/rzahjappnfilsup.htm

84 lines
4.9 KiB
HTML
Raw Permalink Blame History

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="dc.language" scheme="rfc1766" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<meta name="dc.date" scheme="iso8601" content="2005-10-03" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow"/>
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<title>APPN filtering support</title>
<link rel="stylesheet" type="text/css" href="ibmidwb.css" />
<link rel="stylesheet" type="text/css" href="ic.css" />
</head>
<body>
<a id="Top_Of_Page" name="Top_Of_Page"></a><!-- Java sync-link -->
<script language = "Javascript" src = "../rzahg/synch.js" type="text/javascript"></script>
<a name="appnfilsup"></a>
<h4 id="appnfilsup">APPN filtering support</h4>
<p>Before we discuss APPN filtering support, an explanation of node types
in an APPN network is needed:</p>
<ul>
<li>A <span class="bold">peripheral node</span> is at the edge of a network. It
can participate in the network, but it cannot provide intermediate routing
to other systems in the network. A peripheral node can be an <span class="bold">end node (EN)</span> such as MADISON and PARIS in the figure below. A peripheral
node can be a <span class="bold">low-entry networking node (LEN)</span>, such
as CHICPC1 and CHICPC2. A peripheral node can also be a network node in a
different network (NETID). From CHICAGO's perspective, LONDON is a peripheral
node.</li>
<li>A <span class="bold">network node (NN)</span> provides routing services among
systems in the network. In CHICAGO, and ATLANTA are examples of network nodes.</li>
<li>A <span class="bold">Branch Extender</span> node is an extension to the APPN
network architecture that appears as a network node (NN) to the Local Area
Network (LAN), and as an end node (EN) to the Wide Area Network (WAN). This
reduces topology flows about resources in the LAN from being disconnected
from the WAN.</li></ul>
<p>APPN filtering support provides the ability to create a firewall that is
based on APPC location names. You use two different types of filter lists: </p>
<ul>
<li>A <span class="bold">session-endpoint filter</span> controls access to and
from a location. For example, in the session endpoint filter on the CHICAGO
system in the figure below, it specifies which locations can establish a session
with CHICAGO or with PAYROLL. CHICAGO and PAYROLL are two different locations
on the CHICAGO system.
<p>Similarly, the session endpoint filter on the MADISON
system specifies which locations can establish a session with the MADISON
location.</p>
<a name="appnnetb"></a>
<div class="fignone" id="appnnetb"><span class="figcap">Figure 11. Two connected APPN networks</span>
<img src="rv4n400.gif" alt="Two connected APPN networks" /></div>
<p>On iSeries, you
can use the new QAPPNSSN configuration list, by itself or in conjunction with
the QAPPNRMT configuration list, to create a session endpoint filter.</p></li>
<li>A <span class="bold">directory search filter</span> on a network node determines
the following for its associated peripheral nodes:
<ul>
<li>Access <span class="bold">from </span> the peripheral node (when the peripheral
node is the requester). For example, in you can use the directory search filter
on LONDON to control the possible destinations for users on the PARIS system.
Similarly, you can use the directory search filter on CHICAGO to control the
possible destinations for users on CHICPC1 and CHICPC2.</li>
<li>Access <span class="bold">to</span> the peripheral node (when the peripheral
node is the destination). In for example, you can use the directory search
filter on CHICAGO to determine which locations can access CHICPC1. Because
both CHICAGO and DALLAS provide connections to MADISON, you must set up the
directory search filters on both CHICAGO and DALLAS to restrict connections
to MADISON.
<p>Similarly, you can use the directory search filter on CHICAGO
to specify which USANET locations are permissible destinations for EURONET
users.</p></li></ul>
<p>To create a directory search filter use the QAPPNDIR configuration
list.</p></li></ul>
<a id="Bot_Of_Page" name="Bot_Of_Page"></a>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink