info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
VSE Security Options
26 views
Skip to first unread message
Fritz, David J , Venture
Oct 11, 2017, 3:11:39 PM10/11/17
to
Team:
We are currently trying to work through/discover security options for increasing security levels on our VSE box.
* We are currently a CSI/BIM-suite centric shop. Users connect directly into BIM-WNDOW from their TN3270 emulators.
* We are currently in transition from SNA to TCP/IP using CSI's TCP/IP for VSE.
* We don't currently have an existing "external security exit" in place, but do have BIM-ALERT installed.
* BIM-ALERT, though installed, is not currently providing any centralized user security management - WNDOWS, EDIT, FAQS all using their own user configurations.
We have need to better manage (potentially consolidate), the WNDOWS, EDIT, FAQS, CICS, etc. user accounts and passwords.
Immediate need is to implement password expiration every x days, as well as password complexity (letters, digits and special characters) similar to most corporate LANs.
If this can be done post TCP/IP (currently passing connections straight through to BIM-WNDOWS), that would be acceptable.
If this can be done up front at TCP/IP connect time (e.g. the Telnet menu), that would also be acceptable.
Not acceptable is the TCP/IP DEFINE USER static table definitions and ongoing repeat manual manipulation of user accounts/passwords.
Also not acceptable is Operator issuance of user management commands on the console - we have a department that manages initial user setups that should not have to (except on rare occasion) deal with user accounts until final user removal.
Already have a research call out to CSI. Initially, there seems to be some basic integration disconnects in their product offerings, but we are hoping to receive some positive feedback/options.
One of the 1st responses was to reach out to this community. And so, here we are.
Thanks for any help, tips or suggestions you may offer.
Regards,
David
_______________________________________________
VSE-L mailing list
VS...@lists.lehigh.edu
https://lists.lehigh.edu/mailman/listinfo/vse-l
We are currently trying to work through/discover security options for increasing security levels on our VSE box.
* We are currently a CSI/BIM-suite centric shop. Users connect directly into BIM-WNDOW from their TN3270 emulators.
* We are currently in transition from SNA to TCP/IP using CSI's TCP/IP for VSE.
* We don't currently have an existing "external security exit" in place, but do have BIM-ALERT installed.
* BIM-ALERT, though installed, is not currently providing any centralized user security management - WNDOWS, EDIT, FAQS all using their own user configurations.
We have need to better manage (potentially consolidate), the WNDOWS, EDIT, FAQS, CICS, etc. user accounts and passwords.
Immediate need is to implement password expiration every x days, as well as password complexity (letters, digits and special characters) similar to most corporate LANs.
If this can be done post TCP/IP (currently passing connections straight through to BIM-WNDOWS), that would be acceptable.
If this can be done up front at TCP/IP connect time (e.g. the Telnet menu), that would also be acceptable.
Not acceptable is the TCP/IP DEFINE USER static table definitions and ongoing repeat manual manipulation of user accounts/passwords.
Also not acceptable is Operator issuance of user management commands on the console - we have a department that manages initial user setups that should not have to (except on rare occasion) deal with user accounts until final user removal.
Already have a research call out to CSI. Initially, there seems to be some basic integration disconnects in their product offerings, but we are hoping to receive some positive feedback/options.
One of the 1st responses was to reach out to this community. And so, here we are.
Thanks for any help, tips or suggestions you may offer.
Regards,
David
_______________________________________________
VSE-L mailing list
VS...@lists.lehigh.edu
https://lists.lehigh.edu/mailman/listinfo/vse-l
Martin Truebner
Oct 12, 2017, 2:08:42 AM10/12/17
to
Hi David,
you might want to check CPW (more details here
http://www.pi-sysprog.de/prod/cpw/indexe.html )
it is certainly not the complete solution to your requirements- but it
enables you to define (and enforce) rules on passwords.
Martin
you might want to check CPW (more details here
http://www.pi-sysprog.de/prod/cpw/indexe.html )
it is certainly not the complete solution to your requirements- but it
enables you to define (and enforce) rules on passwords.
Martin
0 new messages