ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

ICSF security requirements for CA XCOM for z/OS

book

Article ID: 8564

calendar_today

Updated On:

Products

XCOM Data Transport XCOM Data Transport - Windows XCOM Data Transport - Linux PC XCOM Data Transport - z/OS

Issue/Introduction

Can you please advise what ICSF services are used by CA XCOM?

Specifically, I am looking into implementing ICSF security and need to know what resources in resource class "CSFSERV" need to be permitted to -

1) The accessor ID associated with the CA XCOM address space ; and

2) Any accessor ID initiating a CA XCOM file transfer request.

Environment

XCOM r12.0 z/OS 2.1

Resolution

CA XCOM Data Transport will make use of ICSF when performing SSL transfers only.

You will definitely need to provide/permit/define access to the "CSFSERV" resource class to the following:

1) The accessor ID associated with the CA XCOM address space ; and

2) Any accessor ID initiating a CA XCOM file transfer request

When IBM System SSL is configured for SSL transfers, you will need to determine what ciphers you will be using and based on that you will reference/follow the IBM documentation to determine which of the ICSF resources defined will need to be permitted for the XCOM ID's

If using OpenSSL, CA XCOM uses the ICSF CSNBSYE/CSNBSYD encryption functions.

 

 

 

 

 

Additional Information

Please note that IBM System SSL must be implemented/configured to be used with XCOM r12.0.