Determining the Current TCP/IP End System Security State

The following command can be used to determine the current TCP/IP end system security state:

NW TCPIP SECURITY

One of the following messages is returned:

TCP/IP Security Disabled <filename>
TCP/IP Security Enabled <filename>
TCP/IP Security Running <filename>

TCP/IP End System Security Phases illustrates how end system security is enabled or disabled and how rules files can be loaded, reloaded, or unloaded. The following table briefly describes each TCP/IP security phase.

Phase

Description

Disabled

The TCPIPSUPPORT library is running with TCP/IP end system security disabled. The TCPIPSECURITY library can be SLed or not SLed. TCP/IP requests are not subject to security validation.

Enabled

The TCPIPSUPPORT library is running with the TCPIPSECURITY library SLed and with TCP/IP end system security enabled. End system security remains Enabled if no rules file is loaded or if an error occurs in the active rules file. It is important to note that no incoming or outgoing TCP/IP requests will be honored until TCP/IP end system security is either disabled or it enters the Running state.

Running

The TCPIPSECURITY library is SLed and a rules file has successfully loaded. Every TCP/IP request is evaluated against the applicable set of rules.

Figure 25. TCP/IP End System Security Phases

TCP/IP End System Security Phases


Prev  Up  Next
Initialized Security Environment  Home  Enabling or Disabling TCP/IP End System Security