The subject of computer networking has become extremely familiar to the average person. For that, we can thank the proliferation of PCs and the Internet. What used to be an arcane art has quickly become a common topic of conversation in mainstream society. Now, anyone with a PC and an Internet connection thinks he knows all there is to know about the subject.
That perception isnt necessarily a bad thing, because the networking knowledge that Joe Average gains tends to filter back into the OS/400 community. This is important, because it keeps iSeries professionals apprised of the shortcomings, as well as the benefits, of the iSeries and tells us how the iSeries fits in with other platforms. As iSeries professionals become more knowledgeable about the networking features and services available on other computing platforms such as Sun Solaris, we can use that knowledge to petition IBM to provide the same tools on our beloved iSeries.
IBM is also very much aware of how the iSeries fits into our networked society, and it knows long before the rest of us what the iSeries must haveand in what order it must be deliveredto compete with similar tools and services on other platforms. In V5R1 of OS/400, IBM has added to the iSeries many exciting, new networking features that will position the iSeries as a major player in our networked world. Im going to tell you about just a few of those nifty, new networking nuggets, and over the next few months, MC will cover the rest.
SMTP Virus Scanner
By now, everyoneand I mean everyonehas heard about computer viruses and knows the damage they can do. In the OS/400 world, viruses have not been much of a problem so far. This is attributable to a variety of factors, such as the impenetrable built-in security of the operating system. However, just because the iSeries has never been hit with a virus doesnt mean that it wont ever happen. If you use your iSeries as an Internet email server, client, or gateway, a computer virus could enter your system and act upon objects in the OS/400 IFS or be passed on to other computers in your local network and beyond.
With V5R1, you now have the ability to filter out computer viruses to prevent them from being passed along in email. Using Operations Navigator, you can configure SMTP, POP, and the SNADS Gateway to search for a known virus name in the email titles or file extensions of attachments. This is done by configuring the virus filter to find, for example, the string I LOVE YOU in an email title or the file type .exe in an email attachment. If
the virus filter finds a match, it can automatically isolate or delete the suspect email. Note, however, that this tool is not a full-fledged virus scanner. That is, it will not search the contents of attachments or emails, just titles and file extensions. I should also mention that V4R5 users can also install this tool on their system via a PTF.
For more information on the availability of this feature, check out IBMs TCP/IP for OS/400 Web site: www.iseries.ibm.com/tcpip
.
TCP/IP Servers Enhancements
In addition to the SMTP virus scanner, V5R1 brings several new enhancements to the following TCP/IP servers: Domain Name System, Telnet, FTP, SMTP, and SNTP. Here are the details.
The Domain Name System (DNS) server has been upgraded to BIND Version 8.2.3. This is good news for anyone using DNS on an iSeries box, as the previous version of DNS was several years out of date. BIND 8.2.3 is the industrys most current, stable BIND version. Also available now, as an enhancement to OpsNav, is a DNS configuration wizard, which helps you configure your iSeries to use DNS. One caveat is that this version of DNS runs only in the Portable Application Solutions Environment, so you must have PASE installed.
For more on DNS, see Charting Your Network with Domain Naming Service: A Primer, in the March 2001 issue of MC (Web Edition), available at www.midrangecomputing.com/mc. For more on PASE, see Can Your UNIX Apps Keep Up the PASE? in the May 2000 issue of MC.
The Telnet server has been enhanced to provide client authentication. This means that a mechanism is now in place to authenticate a Telnet client before an AS/400 sign-on screen is displayed. This will help to make it harder for hackers to know theyre seeing OS/400, and adds some additional protection against them trying to log on to your system by guessing user IDs and passwords. Support is also built into the Telnet client with V5R1 to support the new 128-character password, which can make passwords much harder to guess. Check out Security Patrol (page 98) for more on the new password formats.
The FTP server has been enhanced to support Secure Sockets Layer and has performance improvements for transferring long files over high-speed links. Another cool enhancement is the ability, using OpsNav, to limit and control the functionality of FTP clients. For example, you can now use a wizard to control whether or not a specific user profile can perform such actions as putting and getting files, displaying a directory, or performing any other common FTP function. Previously, the only way to gain this level of control was through user-written exit programs.
SNTP Client
Simple Network Time Protocol (SNTP) is a means of providing system time synchronization with other servers. That is, you can use this protocol to sync the system time of the iSeries with another server. This support was added because the Kerberos client-authentication software, also available with V5R1, requires it.
DNS
Telnet
FTP
More to Come...
There are many more V5R1 network enhancements than Ive listed here. Over the next several months, MC will cover most of them, including some Ive mentioned here, in much greater detail, so keep your eyes peeled.
LATEST COMMENTS
MC Press Online