Chapter 9. Network File System Security Considerations

You can use the Network File System to create a seamless, transparent namespace where all users have access to the right information at any given time. However, NFS also has special security considerations. These considerations deal mainly with user, group, and supplemental user identi®cations. This chapter discusses these concerns along with certain parameters and options of the CHGNFSEXP command.

This section describes a number of NFS security issues while explaining how to best avoid security problems and breaches while maintaining a secure namespace.

For more information about OS/400 security, see:

vSecurity - Basic, SC41-4301

vSecurity Reference, SC41-4302

The Trusted Community

The trusted community is made up of only the ªapprovedº NFS servers and clients that represent a trusted network of users. Inside this group, users export and mount ®le systems based on a system of individual responsibility to keep the namespace secure from outside, non-trusted users.

The other de®ning feature of a trusted community is that no special data encryption of any sort occurs in client/server relationships. The transmissions between the NFS clients and servers are not encoded. Only the applications running on the client will minimally encrypt and send data between client and server. This is why it is important to pay attention to how you export ®les from an NFS server. If the client and server transmissions are not encrypted, and you export to ªthe world,º then anybody can access your exported ®le systems. For more information on exporting securely, see ªSecurely Exporting File Systemsº on page 87.

For a detailed discussion of export options, see ªExport Optionsº on page 88.

© Copyright IBM Corp. 1997, 1999

81

Page 98 Page 100
Page 99
Image 99
IBM AS/400E manual Network File System Security Considerations, Trusted Community
Page 98 Page 100

AS/400E specifications

The IBM AS/400E, now more commonly known as IBM i, is a robust and versatile midrange server that has been designed to provide a comprehensive computing solution for businesses of all sizes. First introduced in the late 1980s, the AS/400 series has undergone multiple enhancements and rebranding, with the AS/400E being one of the notable iterations. This powerful platform is closely associated with IBM's commitment to reliability, scalability, and integrated business solutions.

One of the main features of the AS/400E is its highly integrated architecture that combines hardware and software into a cohesive system. This integration allows for seamless operations, reducing the complexity typically associated with managing disparate systems. The system is powered by IBM's proprietary OS/400 operating system, which has evolved into IBM i, featuring advanced capabilities like object-oriented programming, integrated database management, and security features that are essential for enterprise environments.

A key characteristic of the AS/400E is its robust database support, primarily through the use of DB2 for i. This integrated database management system enables efficient data handling and retrieval, facilitating real-time business analytics and reporting. Furthermore, the platform supports a variety of programming languages, including RPG, COBOL, and Java, making it flexible for developers who require diverse tools for application development.

The AS/400E is also known for its exceptional reliability and uptime, making it a preferred choice for critical business applications in industries such as finance, healthcare, and manufacturing. This reliability is backed by advanced error detection and correction mechanisms, as well as redundancy features that help prevent data loss and minimize downtime.

In terms of scalability, the AS/400E can effortlessly expand to accommodate growing business demands. Organizations can increase processing power by adding more resources without significant disruption. This scalability, combined with the system’s built-in virtualization capabilities, allows businesses to optimize resource usage and streamline operations.

Security is another defining feature of the AS/400E. The platform incorporates various layers of security measures, including user authentication, encryption, and comprehensive auditing capabilities, ensuring that sensitive business data is protected against unauthorized access.

Overall, the IBM AS/400E remains a powerful tool in the enterprise computing landscape, providing businesses with an integrated, reliable, and secure solution for their technological needs. Its enduring popularity is a testament to its capability to evolve with changing business requirements while maintaining its core attributes of high performance and stability.
Top Page Image Contents