× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Hi Cyndi,

It sounds like your NT boxes, Active Server Pages, and socket programs
provide a security layer between the Internet, and your AS/400.  In a sense,
your AS/400 is still connected to the Internet, but your home-grown
"gateway" controls access to it.  You've created your own firewall.

If a good hacker were to break into one of your NT servers, would it be
possible to then use ODBC, or Telnet, or FTP to bypass the socket programs
you've put in place?  If so, then most commercial firewalls (the black box
type) provide more restrictions than what you currently have.

You may actually get better security by enabling the OS/400 HTTP Server, and
using a commercial firewall to filter access to it.  Your NT servers may be
the weakest links in the chain.  Even providing a staging area for future
unauthorized access to your AS/400.

I'd bet that the OS/400 HTTP Server, combined with a commercial firewall,
provides better security than most network configurations that involve NT
servers.  Especially if any of the NT servers are connected to both the
Internet, and to the AS/400 via TCP/IP.

The OS/400 HTTP Server is constrained by a limited protocol (HTTP), by
limited functionality (basic HTTP functions), by running under a user
profile that has limited access to OS/400 resources, and by OS/400 object
level authorities.

So I use IBM's HTTP Server.  But I supplement it with my own message server,
which has it's own protocol, and provides another layer of security.  The
message server enables RPG applications to process Web requests and
dynamically generate HTML responses.  The name of this product is
Relational-Web.  I'm the author of it.  And you can find more information
about it at my Web site.

Nathan M. Andelin
www.relational-data.com


----- Original Message -----
From: "Cyndi Bradberry" <CyndiB@IHFA.ORG>
To: "'MIDRANGE-L@midrange. Com' (E-mail)" <MIDRANGE-L@midrange.com>
Sent: Monday, September 24, 2001 10:37 AM
Subject: Curious about Web deployment


> I'm curious. Currently we have 3 internet sites and 1 intranet site in
place
> all being served from NT boxes with the AS/400 as the backend database.
All
> communication is done via socket programs on the 400 and ASP (VBScript) on
> the NT box.
>
> What other methods are there to serve data without placing the AS/400 onto
> the internet ?  It is preferred that we not use HTTP server on the AS/400.
> We have a project now to convert an existing application structure (413
> programs) originally developed in SYNON converted to RPGLE (OPM model) to
a
> GUI / Web application.  This will be delivered to 40 + users over a
> statewide WAN.
>
> AS/400 is a 730 at V4R4, current on Cume's.
>
> Cyndi B.
> Boise, ID




As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.