Options for Connecting 2 AS/400

5 pts.
Tags:
DDM
iSeries networking
TCP
We currently have two iSeries connected via TCP in our network. One of the iSeries belongs to a division we no longer own and we are investigating removing them from our network. They will continue to perform services for us and are located close by. We currently have a number of DDM files setup and send spool files between systems. We don't want to go through a lot of programming to make this change. We are considering using dual ethernet cards in thr AS/400s. One card in each system would connect to that system's network; the 2nd card would be connected to the other AS/400. I have two questions on this scenario. 1, will this plan work? 2, What are the security considerations for this plan? We don't want company #2 to be able to access anything diectly, only to have DDM and spool files continue to function. Thanks, CFrey

Answer Wiki

Thanks. We'll let you know when a new response is added.

Hi,

I think your basic idea is sound, but you need to think what you’re going to use for the connection between the 2 machines. Are you thinking of using an internet/broadband connection? Then you’ll probably need to look at getting a firewall setup on each end, with a VPN connection between the machines (maybe this infrastructure is already in place at your site?). You shouldn’t really need to have dual ethernet cards in the machines, as long as your network is setup correctly with routes between the 2 machines.

If you setup the firewalls correctly you should be able to close down everything apart from DDM and whatever transport mechanism you use for spooled files (SNADS, remote writers, etc).

In any case, I suggest you talk to someone with knowledge of setting up networks and firewalls for more detailed advice for your particular situation.

Regards,

Martin Gilbert.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • mcl
    Basically, it will come down to what your security people will let you do. You can use an extra NIC in each machine and set up specific routing to send traffic through one NIC or the other depending on destination. But, security folks consider that a "dual-hosted" machine and as such a big security risk. Whether it is a risk or not is up to you to prove. The only advantages to having two NICS is that you control bandwidth (should not even be an issue) and you have a completely seperate physical connection. As Martin suggested, you'll need firewalls on each end no matter what you do - which you likely already have. Your firewalls can be set up to pass traffic to and from specific IP's and over specific ports so you can limit the traffic to just the DDM and SPLF. And that will work with one NIC or two NICs. Regards Mike
    2,740 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following