Brian Valentine has presented a session at SHARE called "Top Ten Things You Should be Doing on Your HMC but You're Not". It includes security tips. In our case, we come into the company network remotely via VPN, which defines the various applications that we (by userid) are allowed to access. It works like this:
1. No one gets to an HMC directly from the outside. VPN is required to get inside the network before touching an HMC. 2. Each defined userid is either allowed or disallowed 'remote' access, which applies to working from an internal office or from a hotel in Hong Kong. I.e. anything access other than fingers on the keyboard of a real HMC. This control is defined as an attribute on each userid. 3. Each defined userid has appropriate authority for the role to be performed. There was a time years ago when some security folk had a big problem with remote access to HMC. The world has since moved into a different orbit. . . . J.O.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 626-302-7535 Office 323-715-0595 Mobile [email protected] -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Ken Smith Sent: Monday, November 02, 2015 12:02 PM To: [email protected] Subject: (External):Re: 'Secure' 'Remote' access/control of the HMC(s) I'm not an expert but did a search at www.ibm.com for 'hmc security' with a processor type and found a bunch of stuff. Ken On Mon, Nov 2, 2015 at 10:11 AM, Jackson, Robin W. Contractor < [email protected]> wrote: > When dealing with the issue of security, I am looking for a method of > configuring the HMC(s) for 'Secure' 'Remote' access/control ? > > Thanks, > > Rob Jackson ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
