Connection settings for Legacy Protocols

Use the Legacy Protocols page to enable or disable the use of any of the specified network protocols in your IT environment. The Legacy Protocols page displays a list of network protocols that are used by TSA to discover legacy device types. These protocols might not be secure enough.
Note: By default, all the legacy protocols are enabled. You can enable or disable these protocols for particular device types that may be excluded from a discovery. For more information in determining the device types and their respective protocols, refer to the section Firewall Considerations in IBM Technical Support Appliance Configuration Assistant Guide.
Table 1. Legacy Protocols

Summary for complex table
Protocol Description
Telnet (Port 23): Most of the devices that support SSH (port 22), also support using Telnet (port 23). Discovery of such devices attempts to connect using SSH. If the SSH connection fails, the discovery process retries with Telnet.
  • Enabled: Devices are discovered by using SSH and Telnet.
  • Disabled: Devices are discovered by using SSH only.
    Note: If disabled, TSA prevents discovery of any IBM TotalStorage Tape Libraries (IBM 3494 or 3953).
Windows SMB (port 445) : Windows devices can be discovered either by using WINRM (port 5986 that uses HTTPS) or SMB (port 445). Discovery using SMB is considered less secure than WINRM. While discovering Windows devices, TSA first attempts to connect using port 5986. If the WINRM connection fails, TSA retries the discovery process on port 445.
  • Enabled: Windows devices are discovered by using port 5986 and 445.
  • Disabled: Windows devices are discovered on port 5986 only.
IBM DS6000, DS8000 (port 1750): The DS6000, DS8000 storage devices can be discovered by using either port 1751 or 1750. The port 1751 is compliant with NIST security recommendations while Port 1750 uses a less secure method of communications. Discovery of IBM DS6000, DS8000 storage devices first attempts to connect using port 1751. If the connection fails, the discovery process retries with port 1750.
  • Enabled: IBM DS6000, DS8000 storage devices are discovered by using port 1751 and 1750.
  • Disabled: IBM DS6000, DS8000 storage devices are discovered on port 1751 only.
IBM DS3000 / DS4000 / DS5000: The DS3000, DS4000, and DS5000 storage devices can be configured to allow access with or without user authentication. Older versions of the device firmware do not provide access with secured user authentication. Discovery of these devices uses user authentication, if credentials are provided. Else, TSA retries the connection without credentials.
  • Enabled: Devices are discovered with or without user authentication.
  • Disabled: Devices are discovered with user authentication only.
HTTP (port 80) / HTTPS TLS (port 443): Some device types can be discovered using HTTPS or HTTP. HTTPS is considered more secure than HTTP. TSA first attempts to connect using HTTPS for discovery. If it fails, the discovery process retries with HTTP.

HTTPS uses one of the supported TLS (Transport Layer Security) versions for communications. The discovery process attempts to use TLS 1.3 first. If it fails, TSA retries the discovery process with older versions of TLS (starting with TLS 1.2).

 HTTP (port 80)
  • Enabled: Enable discovery via HTTP.
  • Disabled: Disable discovery via HTTP.
    Note: This prevents discovery of IBM TS3100, TS3200, and TS3310 tape devices.
HTTPS TLS 1.0
  • Enabled: Enables discovery via HTTPS using TLS 1.0.
  • Disabled: Disables discovery via HTTPS using TLS 1.0.
HTTPS TLS 1.1
  • Enabled: Enables discovery via HTTPS using TLS 1.1.
  • Disabled: Disables discovery via HTTPS using TLS 1.1.
HTTPS TLS 1.2
  • Enabled: Enables discovery via HTTPS using TLS 1.2.
  • Disabled: Disables discovery via HTTPS using TLS 1.2.
HTTPS TLS 1.3
  • Enabled: Enables discovery via HTTPS using TLS 1.3.
  • Disabled: Disables discovery via HTTPS using TLS 1.3.
IBM TS3500: These tape libraries can be configured to allow access using SSL and non-SSL connections. Discovery of IBM TS3500 tape libraries first attempts to connect using SSL. If this is not successful, the discovery process retries with a non-SSL connection. IBM TS3500
  • Enabled: Enable discovery using both SSL and non-SSL connections.
  • Disabled: Discovery only attempts connections using SSL.
IBM TS4500: These tape libraries can be configured to allow access using SSL and non-SSL connections. Discovery of IBM TS4500 tape libraries first attempts to connect using SSL. If this is not successful, the discovery process retries with a non-SSL connection. IBM TS4500
  • Enabled: Enable discovery using both SSL and non-SSL connections.
  • Disabled: Discovery only attempts connections using SSL.

Click Save to save the connection settings for legacy protocols.