Subject: Re: osa & tcpip security
industrynews@winwholesale.com
Date: Fri Nov 13 2009 - 14:49:33 EST
owner-vse-l@Lehigh.EDU wrote on 11/13/2009 02:02:36 PM:
> Someone recently mentioned that they would prefer a new tcpip machine
> communicate with the network via ctca rather than on the osa for
> security reasons.
Seems somebody might have a misconception as to what the OSA
actually is. Is your local network behind a firewall? If so, there is no
difference between connecting the mainframe to your local network via OSA
or via physical CTCA. Also if you're talking about a virtual CTC
connection between VM TCP/IP and it's guests, or an IOCP cross-LPAR CTC
from one Escon port to another Escon port, then I say this is even LESS
secure because you have one TCP/IP stack on the mainframe having to relay
traffic to another TCP/IP stack on the same mainframe over these CTC
connections. Thus, now you have twice the exposure of the same data
within a single operating environment (VM or LPAR).
Sincerely,
Dave Clark
WinWholesale Group Services
3110 Kettering Boulevard
Dayton, Ohio 45439 USA
(937) 294-5331
This email message and any attachments is for use only by the named
addressee(s) and may contain confidential, privileged and/or proprietary
information. If you have received this message in error, please
immediately notify the sender and delete and destroy the message and all
copies. All unauthorized direct or indirect use or disclosure of this
message is strictly prohibited. No right to confidentiality or privilege
is waived or lost by any error in transmission.
This archive was generated by hypermail 2b25 : Sun Nov 22 2009 - 16:20:07 EST