> -----Original Message----- > From: IBM Mainframe Discussion List [mailto:[email protected]] On > Behalf Of Dick Bond > Sent: Tuesday, April 12, 2011 3:19 PM > To: [email protected] > Subject: Re: Cool Things You Can Do in z/OS > > That's a couple of big "ifs" - that's why we can't use it. Our workstation IP > addresses, even if fixed (like mine - most are not), cannot be accessed from > z/OS. I would think most real-world shops are that way - if not, well, they > may need to hire some networking personnel to setup proper security. >
I am curious, why do some of the powers that be fear connecting their mainframe to the network. With proper vpn, there should be no reason to block z/OS from reaching out to users work stations. I wouldn't even insist on vpn if WSA would do SSL or SSH tunneling. And presumably much of this traffic would be on an intranet, not the wild and wooly Internet. There is no fear of virii, well maybe an application in java, but certainly not the system. Properly secured, a user can get anywhere they don't belong not matter what port or door they come in on. I'd truly hate the (IMO unneeded) extra steps to do Shopzseries or CA MSM without direct connection to IBM and CA's sites. Is there a real reason, not PHB paranoia that I'm missing? Dave Gibney Information Technology Services Washington State University ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
