× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. August 2005

RE: Green screen and network security

>> We're having some discussions about what would be the most secure way

>> to provide users traditional green screen access across a network 
>> while protecting the security of the network.

>Protecting the security of the network from what?  Are there other 
>entry points to the network besides the computers that are directly 
>connected to it?
>
>For example, is it connected to the Internet?  or is there wireless
>access?

        Yes, this is a very large network with Internet connections and
many connections totally unrelated to the iSeries.  The users in this
example would be people who do not work for our company and are not at
company sites but need to have some access to a green screen app only.

>> - Telnet to well know ports (23,25,80) is blocked.

>Blocked from where?  Not from the network itself, surely?

        The ports are blocked on the firewalls.

>> - The applications involved can't be changed. (e.g. to make them web 
>> friendly, must be green screen)

>Why would this matter?

        There was a suggestion that the application be WebFaced or
otherwise rewritten so we don't need to give green screen access.

>> - Only network security is at issue, once they sign on, the 
>> iSeries/400 takes over.

>Ummm... it still communicates over the network after the sign-on. 
>I don't understand what the point of this statement is.

        This was added to keep the discussion from veering off into
iSeries internal security issues. 

>> - Would prefer no user side software be installed but, if required,
it 
>> should be minimal.

>I thought you were protecting the network from the outside, but this 
>statement makes me think otherwise. Are you wanting to allow 
>someone from the outside to access your iSeries?  If so, 
>there are really two secure alternatives: SSL telnet and VPN.

>Surely the people on your network already have the software 
>they need to access the iSeries.

        Yes, I am talking about protecting the network from outsiders.
In this installation, the only green screen access is at the console.
Users do not have or need green screen access for existing apps.  This
question came up when someone suggested putting a green screen only app
on the system and giving outsiders access to it.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.