Security Requirements of Trading Partners

Security planning is a collaborative effort between you and your trading partners. You must know the expectations of your trading partners and plan your security implementation to meet these requirements. Consider the following guidelines for configuring communications sessions using the SSL or TLS protocol:

  • You must acquire the certificates before you configure Connect:Direct® Secure Plus.
  • Determine whether you and your trading partner will use self-signed certificates or certificates signed by a Certificate Authority.
  • Determine whether to use client authentication.
  • Using the External Authentication Server application in conjunction with Connect:Direct Secure Plus to validate the other node's certificate for a secure session requires the following:
    • Using the TLS or SSL protocol for connections to the External Authentication Server
    • Enabling client authentication in remote node records so that the SNODE can validate the PNODE certificate
    • Exchanging certificates between Connect:Direct Secure Plus for z/OS® and the External Authentication Server node