Network Management & Monitoring

Transcription

1 Network Management & Monitoring Overview CSI International 8120 State Route 138 Williamsport, OH (800) USA (740) Main Operator (740) Facsimile sales@csi-international.com info@csi-international.com support@csi-international.com CSI s software solutions are available worldwide through its international distribution network, and directly in North America from CSI and select Business Partners. Delivering what the competition can only promise.

2 TCP/IP for VSE TCP/IP for VSE provides a complete solution for connecting the mainframe to today's Internet world. Our TCP/IP stack provides a seamless interface with the Internet, allowing z/vse mainframe applications to participate fully in the global business arena Built-in tools make z/vse functions and facilities immediately available to network-attached users Optional and third-party products bring the full power and reliability of mainframe computing to the e-commerce world Standard stack features 99Runs on VSE/ESA 1.4 through the latest z/vse versions 99Supports network connections via OSA, OSA-Express, CTCA, CLAW, and equivalent hardware 99Extensive monitoring and tuning capabilities that can be extended to any level of granularity, including specific destination addresses 99Customizable security features protect both network access and configuration information 99Built-in connection management provides request queuing and automatic detection and clean-up of lost connections 99A complete set of servers, including TN3270, FTP, and LPD 99Client software such as FTP, LPR, , and Telnet 99Additional support software, such as PDF creation Additional optional features distributed with TCP/IP for VSE: 99GPS General Print Server 99NFS Network File System 99SSL Secure Sockets Layer 99SecureFTP SSL-enabled FTP server and client 99See-TCP/IP Performance monitor for z/vse and TCP/IP Complement TCP/IP for VSE with these add-on products: 99Entrée Web-based transaction server 99HFS Hierarchical File System

3 TCP/IP for VSE Standard features of TCP/IP for VSE to consider implementing: 99FTP File Transfer Protocol Easy, direct access to VSAM, BIM-Edit, LIBR, Power, ICCF, and other VSE resident files VSAM KSDS files can be retrieved completely or by key range FTPBATCH for quick, easy, efficient batch FTP transfers Automatically send Power files directly to end users Convert text files to PDF format for easy viewing Allow users on Windows to retrieve or store files directly on z/vse Use a PC/Unix-like Hierarchical File System (HFS) on your z/vse system Securely transfer confidential files with the SecureFTP feature 99Telnet TN3270 server Allow users to log directly onto 3270 VTAM applications such as CICS End users use a TN3270 PC client to directly access the z/vse system LPR client for printing directly to printers on remote hosts Automatic printing of Power LST queue entries to remote printers Send your data as normal print text or as a PDF to an LPR server 99 Batch client to most z/vse-resident files directly to remote users PDF generation of text and embedded graphics is also available 99Web Provide static z/vse data to the browser or write your own CGI (Web) programs 99Easy configuration with standard z/vse library members 99Ping, Traceroute, Discover, and other powerful tools are part of the product so that a site can analyze its TCP/IP network from z/vse 99Advanced diagnostics for detailed problem analysis 99User-defined security processing to limit access or functions to a remote user or group of users 99Control message output, and if you have BIM-FAQS, inspect TCP/IP activities and automate z/vse processing (for example, submit a job when an FTP has completed) Create your own TCP/IP applications with the provided Application Programming Interfaces (APIs): 99SOCKET MACRO interface for Assembler programs 99BSD/C interface useable from C, Cobol, Assembler, or any other language that supports standard linkage 99EZASOCKET calls by all languages are also supported for easier portability 99High-Level Preprocessor Interface for Cobol, PL1, or Assembler 99Cryptographic interfaces for using SSL/TLS with strong encryption algorithms like AES, Triple- DES, RSA, or SHA1, MD5, etc. 99Socket interface for REXX programs 99Many examples are available to speed up program development

4 GPS GPS (General Print Server) restores and augments 328x print functionality in the TN3270 environment. Compatible with a wide variety of network operating systems and network-based printers For printers attached directly to the network, GPS implements the HP Jetdirect Sockets protocol to communicate with the printer For other printers, GPS uses the standard LPR/LPD function within TCP/IP for VSE More flexible than TN3270 printer support GPS allows 328x print output to be sent to any TCP/ IP printer Printing occurs without requiring the user to log on to the mainframe for a printer connection. As long as the printer or the associated Line Printer is available, manual intervention is unnecessary. Preserves VTAM LU name privacy for installation-specific security purposes. TN3270E compromises this security measure by allowing users to specify their own LU name. GPS is an optional product that is included with your TCP/IP for VSE distribution simply obtain a product key code for activation

5 SecureFTP provides user authentication, privacy, and integrity for commands and data transmitted using the FTP protocol. Transmit critical files that can contain vital information, such as 99Product ideas or corporate secrets 99Customer names and addresses 99Credit card or Social Security numbers 99Confidential contracts 99Legally protected medical information 99Source code to computer software 99Physical asset locations SecureFTP Implements both the SSL 3.0 and the TLS 1.0 standards for security Industry standard algorithms assure compatibility with a wide variety of other vendors and platforms that also support secure SSL-enabled FTP servers and clients Implements numerous industry protocols, such as 99RFC2246 (Transport Layer Security) 99RFC1321 (MD5 message-digest algorithm) 99RFC2104 (HMAC) 99RFC2459 (X.509v3 PKI certificates) SecureFTP relies on a number of integrated components, including 99PKI (Public Key Infrastructure) for identification 99RSA for key exchange algorithms 99DES for data encryption 99MD5 and SHA-1 for message hashing 99HMAC for message authentication SecureFTP is an optional product that is included with your TCP/IP for VSE distribution simply obtain a product key code for activation

6 See-TCP/IP See-TCP/IP allows you to analyze the activity and performance of your z/vse and TCP/IP systems from an easy-to-use PC graphical user interface. See-TCP/IP answers questions like 99What is the current CPU usage of my z/vse system? 99What was CPU usage yesterday at 3:00 pm? 99What was the CPU trend for the last two months? 99Which partitions are using the most resources? See-TCP/IP collects 99VSE Turbo Dispatcher Statistics CPU waiting-for-work time CPU non-parallel busy time CPU parallel busy time CPU overhead from other LPARs or VM 99VSE System Statistics Start subchannel requests I/O interrupts Phase loads SVC usage Program checks External interrupts 99VSE Partition Statistics Jobname, stepname Start I/O counts CPU usage 99TCP/IP Statistics Graphical display of overall IP activity Detailed information on active connections IP addresses Local and foreign ports Bytes sent and received Retransmits SWS silly window Current and maximum window sizes Historical Reporting Stored in SQL database With graphical display Provides trend analysis

7 See-TCP/IP See-TCP/IP can be used to 99 Graph overall IP datagram activity real-time 99 Show IP datagram activity by Telnet, FTP, HTTP, and any other local IP applications running on z/vse 99 Identify which foreign IP addresses are connected to z/vse See-TCP/IP Screens 99 See-TCP/IP creates graphical and tabular reports on a Windows/XP PC with network access to the z/vse system. 99 See-TCP/IP generates graphical reports of various kinds; for example, line graphs and bar graphs.

8 See-TCP/IP 99 See-TCP/IP collects IP datagrams and sends them to Wireshark, which then displays the information. 99 See-TCP/IP can create tabular reports that show IP connections into z/vse. System Requirements 99 CSI s TCP/IP for VSE (does not run on other TCP/IP stacks) 99 PC running Windows 2000 or above on a network that can access the z/vse system See-TCP/IP is an optional product that is included with your TCP/IP for VSE distribution simply obtain a product key code for activation

9 SSL/TLS SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are integrated with Secure Telnet (TN3270), SecureFTP, and Entrée (CSI s Web-enabled transaction server), providing a complete set of services to secure e-business transactions. Uses data encryption, digital signatures, PKI certificates, and secure hash functions to prevent messages from being camouflaged, passwords from being hacked, and transactions from being denied Implements industry-standard security protocols in the z/vse environment Includes secure versions of TCP/IP applications, such as FTP, TN3270, and the Web server Provides Application Programming Interfaces to enable SSL security in other z/vse TCP/IP applications Exploits hardware-assisted cryptography for block ciphers such as DES and AES, as well as Crypto- Express2 for RSA operations SSL/TLS is an optional product that is included with your TCP/IP for VSE distribution simply obtain a product key code for activation

10 PC/Transfer PC/Transfer is a PC-Host File Transfer System that allows data to be transferred between any PC that is running a 3270 emulator or using a TCP/IP connection, and a host computer running CSI s TCP/IP for VSE and either CICS or Entrée. All transfers can be secured on the host, using sign-on authorization, and an extensive set of security options is available to limit access to host datasets, reports, and members to appropriate PC users The Host Initiated Automatic File Transfer feature (HOSTAFT) allows transfers to be initiated by the host through a batch jobstream or a CICS application program Types of data that can be transferred to and from the PC: 99BIM-EDIT members 99z/VSE Librarian (LIBR) members 99POWER jobs and reports in the RDR, PUN, or LST queues 99VSAM datasets 99VSAM-managed-SAM datasets 99SAM datasets 99BIM-EPIC managed SAM datasets 99CICS transient data (uploads to CICS only) 99CICS temporary storage queues 99Files contained in the z/vse host transfer file (IND$) 99ICCF members (download to PC support only) The host side of PC/Transfer can either run under CICS or Entrée (Entrée is a VTAM/TCP/IP application platform available separately from CSI) The PC-to-host connection can be LU2 or TCP/IP

11 PC/Transfer An online transaction (FTRM) is provided to define to the host the types of transfers that are to be supported and which PC users are allowed to perform them A Transfer Activity Log can be maintained by the host side of PC/Transfer in a VSAM RRDS dataset. An online transaction (FTRL) is provided for viewing this log, which can also be maintained at each PC. Transfers are initiated and controlled by the PC. In this mode, the host side acts as a server, responding to the requests from the PC. Transfers can be performed by request or can be automated Data can be transferred in either EBCDIC or ASCII, with or without CRLF separation A script language is provided for both the PC and the host for use during all downloads. Scripts can be used for record selection and data format conversions, and the PC script can also be used for other file conversions. A PC upload script can be used to concatenate PC files and/or wrap host JCL around files during uploads