Protecting Resources › JES Resource Protection
JES Resource Protection
When setting up JES security, your security policy should have addressed questions such as:
- What JES resources need protected?
- Is it important to protect SYSIN and SYSOUT?
- Which remote workstations should have access?
- Should other nodes be able to submit jobs?
- To which nodes should my system be able to send data?
- Should the commands an operator can issue be limited?
These questions help you pinpoint which JES resources it is important to control access to at your site. You can use CA Top Secret to control access to these JES resources:
- Input (nodes, RJE, readers, internal readers)
- Output devices (nodes, printers, RJE)
- Spool data sets (SYSIN, SYSOUT)
- Operator commands
The JES2 CA Top Secret Connection
At various points during processing, JES2 passes information to SAF. When SAF receives the request:
- SAF determines if CA Top Secret is active
- If CA Top Secret is active, SAF passes the request to it and JES2 enforces any security decisions SAF returns
- If CA Top Secret is not active, SAF returns to JES2 and JES2 security processing controls the resource
Copyright © 2014 CA Technologies.
All rights reserved.
|
|