CA VM:Secure allows your site to define rules that control access to virtual machines and minidisks and the transfer of data between virtual machines.
You can specify rules for the following CP commands:
You can specify rules for the following CP Directory statements:
Each time one of these commands is issued, or one of these Directory statements is encountered during LOGON, CP passes the request to CA VM:Secure, which then checks its rules database to find any rule that applies to the request. The rules are examined in the following way:
You can configure CA VM:Secure to send a message after all actions, or after REJECT actions and NORULE actions, or after NORULE actions.
The RULES command allows you to define rules to specify how your virtual machines and minidisks can be accessed by other users. The rules can be overridden by a security group manager or a security administrator.
A product interface is also available for sites running CA VM:Tape and CA VM:Schedule. The product interface allows you to control job scheduling and access to tapes by writing rules for the CA VM:Schedule CANCEL, QUERY, and SCHEDULE commands, and the CA VM:Tape CATALOG, LIST, and MOUNT commands. You can also write rules for the CA VM:Secure GROUP command and the LOGONBY Facility.
Rules for the CA VM:Schedule and CA VM:Tape commands and the LOGONBY Facility are evaluated in the same way as CP commands. However, if no rule is found controlling the command, normal CA VM:Schedule or CA VM:Tape processing continues, or LOGONBY Facility or CP LOGON BY command access is denied.
|
Copyright © 2014 CA.
All rights reserved.
|
|