TCP/IP OSAENTA trace service access control

The TCP/IP OSAENTA trace service is an interface that enables network management applications to obtain packet trace data. You should protect the information that is provided by this service. You can control access to this information through an external security manager product, such as RACF®, by defining the SERVAUTH profile name EZB.NETMGMT.sysname.tcpname.SYSTCPOT.

Access to this information is allowed if the user ID associated with the network management application is permitted to (has read access to) to this resource profile. To use this service, ensure that it has been enabled on the stack using the NTATRCService parameter on the NETMONITOR statement in PROFILE.TCPIP. For details about the NETMONITOR statement, see z/OS Communications Server: IP Configuration Reference.

If you do not define this resource profile, the service allows access to the packet trace information only to a superuser, or to those permitted to become a superuser (those with read access to BPX.SUPERUSER).