zERT Aggregated Server Sessions workspace
The zERT Aggregated Server Sessions workspace shows z/OS Encryption Readiness Technology (zERT) data recording cryptographic security attributes of IPv4 and IPv6 server sessions protected by TLS/SSL, SSH and IPSec security protocols.
This overview workspace displays an aggregated summarization of all server sessions running on the TCP/IP stack. Analysis of these sessions can help assess the quality of the cryptographic network protection in use across your z/OS workloads.
The data available in this workspace enables you to determine which of your server sessions are encrypted and which are not. It also provides information to determine the amount of data traversing these workloads. This can be helpful in planning your pervasive encryption strategy. The workspace also serves as a launch point to other zERT workspaces which show how the encryption for security sessions has been configured as well as distinguished name information of the associated certificates in use.
The zERT Aggregated Server Sessions workspace is the default workspace displayed by clicking on the zERT Aggregated Sessions navigator item under the TCPIP navigator node. The data available in this workspace is collected by the SYSTCPES NMI service, which must be configured on the monitored TCP/IP stack in order to report zERT security session information.
This workspace displays the following views:
- Top 5 Unprotected Total Server Connection Count by Application: Displays a bar chart showing the 5 unprotected applications with the greatest server connection count. This information might be useful in prioritizing applications for future encryption.
- Total Server Connection Count by Security Protocol: Displays a bar chart showing the number of server connections per security protocol. This graph shows the distribution of your network traffic across each of the security protocols.
- Unprotected Server Sessions table: Displays a table showing data for server
sessions which have not been secured by TLS/SSL, SSH or IPSec security protocols. The
data provided in this workspace can be used to prioritize and validate the
implementation of your communication encryption strategy across the enterprise. The view
shows information defining the session endpoints as well as statistics showing
connection and throughput counts. Click the Link icon in this workspace view to
navigate to:
- Application Details workspace in context of the selected application session.
- Protected Server Sessions table: Displays a table showing data for server
sessions which have been encrypted using TLS/SSL, SSH or IPSec security protocols. The
view shows information defining the session endpoints as well as statistics showing
connection and throughput counts. Click the Link icon in this workspace view to
navigate to:
- Application Details workspace in context of the selected application session.
- zERT Aggregated IPSec Sessions workspace in context of the selected zERT security session. This link is only available for sessions with a security protocol of IPSec.
- zERT Aggregated SSH Sessions workspace in context of the selected zERT security session. This link is only available for sessions with a security protocol of SSH.
- zERT Aggregated TLS Sessions workspace in context of the selected zERT security session. This link is only available for sessions with a security protocol of TLS.
- zERT Distinguished Names workspace in context of the selected zERT security session. This link is only available for sessions with an associated security certificate.