Network security services (NSS) network management NMI
z/OS® Communications Server
network security services (NSS) server provides an AF_UNIX socket
interface through which network management applications can manage
IP filtering and IPSec on remote NSS IPSec clients, or monitor NSS
clients that are connected to the local NSS server. This interface
is available only through the NSS server and should be used by network
management applications that monitor and control multiple systems
through a single point of control. Applications can perform the
following functions using this interface:
- Issue monitoring or control requests through the NSS server to specified NSS IPSec clients. The NSS server routes all monitoring and control requests (described in Local IPSec NMI) to NSS IPSec clients, with the exception of the NMsec_GET_STACKINFO and NMsec_GET_IKENSINFO requests. Routing occurs only if the NSS IPSec client is connected to the NSS server at the time the request is made.
- Request information about one or all of the NSS clients that are currently connected to the NSS server, either for a specified discipline or for all disciplines.
A client network management application requests information and initiates control operations by sending specific requests over an AF_UNIX stream socket connection to the NSS server. If necessary, the request is then redirected to the specified NSS IPSec client, which later responds with the requested data or the results of the requested operation. The response information is then returned to the application directly over the AF_UNIX connection. For most control requests, a successful response indicates that the operation was successfully initiated, but that it is still in progress. You can determine the final status of the control operation later by issuing a subsequent monitoring request for the effected object.