How secure is the Electronic Service Agent

330 pts.
Tags:
iSeries
iSeries applications
iSeries data center
iSeries networking
iSeries RPG programming
Since data is confidential on every iSeries, how would we know if the data sent to IBM is only about error and performance logs and no data is being sent to IBM servers?

What profile is used to send this logs and does it have authority over data/user libraries?

Thank you

ASKED: December 15, 2011  5:16 AM
UPDATED: March 17, 2012  6:20 AM

Answer Wiki

Thanks. We'll let you know when a new response is added.

Here is a link to an IBM publication that explains ESA.
There is discussion on security and lnks to white papers

http://www-01.ibm.com/support/esa/

Discuss This Question: 2  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • TomLiotta
    You might as well ask if you can protect your data from DB2. Questioning the security of a system function is effectively meaningless. IBM can obviously cause anything to happen that they choose. They can install and run programming that operates in system-state and make any values appear wherever they choose. No matter what you look at, you cannot absolutely guarantee that it represents reality. Consider an analogy. When you look at a standard Windows PC desktop, you often see an icon labelled "My Computer". Does it really make sense that 'the entire computer content' actually exists inside the 'Desktop'? If you drill into 'My Computer', does it make sense to find something inside of it labelled 'Desktop' and showing something in it that's also labelled "My Computer"? Of course not. But Microsoft can cause things to be displayed any way they choose. So, there is no absolutely guaranteed way to show that ESA or any system function isn't snooping through data and sending it off through the VPN that it creates. If IBM didn't want you to know about it, they'd probably cause internal audit programs to ignore the activity. That's going to be generally true no matter what platform is used and who the vendor is. Naturally, if anything like that ever raised a suspicion with any computer security organization, IBM (or any vendor) would quickly be on the hook for some pretty hefty liabilities. Tom
    125,585 pointsBadges:
    report
  • Jedlasquite
    In relation to ESA, is there a way to print the audit logs? I'm using Go Service then option 14 to display audit logs.
    330 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following