System Requirements
For the PC Client Module to operate
correctly, the appropriate level of PTF for the HTTP server must be
installed, depending on your version of OS/400.
|
PTF |
OS/400 Release |
Comments |
|
SF62464
for Licensed Program 5769DG1. |
V4R3 |
Later
versions of OS/400 have this support built-in. |
|
SF54852
for Licensed Program 5769DG1. |
V4R4 |
Later
versions of OS/400 have this support built-in. |
|
SF99502
group level 17 |
V5R2 |
Not
always required. Only install these PTFs, if the message MCH3601 is returned from
module SQLTR when using the Bsafe GUI or if you experience the list of users
not appearing in the GUI main screen. |
|
5722SS1 - SI17551 with any co/prerequisites. |
V5R3 |
|
If after installing the appropriate
PTF there appears to be a problem with the operation of the GUI client module,
please contact support, support@bsafesolutions.com
It is important that all PC's using IBM Client Access have the latest PTFs installed otherwise various problems may occur. One common example is the RMTCMD server request being made by Client Access when logging on to Telnet.
The following page on the IBM website contains reference to the latest PTFs.
www.ibm.com/servers/eserver/iseries/access/casp.html
1.
iSeries or AS/400 computer running
OS/400 Release 4.3, or higher.
2.
TCP/IP communication.
3.
Active HTTP server (OS/400 or Apache)
4.
A user with SECOFR authority.
Library Space Following Installation
RMTOBJ
about 60Mb
RMTFIL
about 25Mb (contains the
Application Audit log)
RMTSMP
about
42Mb
Total about 127Mb
Following
is a short discussion of the disk space used and the growth you can expect from
using the Bsafe/Enterprise Security product.
The
disk space required to set up your definitions like user groups, IP address
groups and permissions is negligible. A few Mb will suffice for even the
wildest definitions!
The
'real' usage is in the Application Audit log. This is the part of the Bsafe
database which records network activity. Each 1000 network transactions will
add around 1 Mb to the size of the log, data and access paths included.
A
network transaction is a single access operation. It would include ftp logon,
ftp get, ftp put, telnet login, telnet logoff, ODBC read, ODBC connect, DDM read
from another iSeries, passthrough connection from another iSeries and the
multitude of other accesses that might come from the network.
It
doesn’t include native (non-networked) file access, native running of programs
or most system related activity. There are some native actions which are logged
too but most are not.
The
full list of access control functions which are covered by the product can be
seen by looking at the product main screen, then drilling down to view the
sub-functions. This is covered in depth in the product help.
The
degree of logging done can be controlled in several different ways. Each of the
above applications can be set to log all access or rejections alone.
Additionally, each application can be set to log the first time access for a
user, or every single access. This flexibility allows you to find the balance
between maximum auditing on the one hand and minimum overhead on the other.
It
should be remembered too that whatever the degree of network access to your
iSeries and whatever degree of logging you choose to define, the log file can
be purged at any time in accordance with parameters you define and can even set
to automatic purging using the iSeries scheduler.
As
a final consideration, normal interactive network access doesn’t generally
result in a rapid growth rate of the log file. What would cause this to
increase substantially is a very large number of client / server users
simultaneously querying or updating the database through ODBC / Websphere or
any kind of batch operation. In these cases, it would be more of a necessity to
define a reduced level of logging as described above.
The
other areas of disk expansion which need to be considered are the system
journal and the iSeries file journals. These can be nicely managed from Bsafe/Enterprise
Security but the underlying mechanism is OS/400 or i5/OS objects. This means the
journal size will be the same whether managed through Bsafe or iSeries native
screens.
·
PC workstation - Pentium 2 or
higher.
·
Operating system - Windows 98, NT4, 2000, 2003
or XP
·
Minimum 64 MB RAM
·
TCP/IP communication to the iSeries or AS/400.
About 50 Mb