Networking with z/OS - Boot Camp
This comprehensive ten-day 'Boot Camp' course provides attendees with an accelerated learning approach to networks in a z/OS environment. The course is ideal for anyone new to mainframe networks.
The course comprehensively covers SNA/ VTAM, APPN, TCP/IP and also provides vital information on mainframe network security.
This course is available for exclusive, one-companyThis course is available for exclusive, one-company presentations either on-site at your location or live over the Internet, via RSM's Virtual Classroom Environment service.
What you will learn
On successful completion of this course you will be able to:
- list the characteristics of APPC communication
- identify the major SNA components and their role within the architecture
- identify and use the various address structures used in SNA
- describe the purpose and data flow characteristics of each session type
- explain how chaining, bracketing and pacing operate
- identify the major SNA commands and command flows
- characterise SNA requests and responses
- interpret SNA message structures at each level
- describe the operation of path control and its components
- list the characteristics of APPC communication
- define and configure the Enterprize Extender
- describe the importance and use of APPC verbs
- identify the APPN node types and explain their function
- explain the principles of APPN routing and addressing
- define startup and session establishment procedures to VTAM
- reinforce understanding of SNA architecture implementation
- define network resources (major/minor nodes) to VTAM
- avoid the most common mistakes made by new users
- identify and code routing requirements for a VTAM network
- code the definitions to support cross-domain communication
- understand uses of VTAM console commands
- describe various backup/recovery facilities
- understand the use of VTAM generics and Multi Node Persistent sessions in a Parallel Sysplex
- define these components in a Parallel Sysplex
- describe the main objectives of the TCP/IP protocols
- explain the structure and use of IP addresses
- distinguish between an application and a protocol
- identify TCP/IP message formats
- explain what port numbers are and why some are well known
- explain how IP routing operates and how messages are delivered to the right node
- understand the function, purpose, and use of subnetting, and be able to specify suitable subnet masks for given implementations
- describe how the FTP application operates and how it can be used
- explain how the Telnet and TN3270 applications operate and how they can be used
- explain how the world wide web application operates
- describe how TCP operates and how connections are established, used, and terminated
- explain retransmission, sliding windows, and out of band data
- describe how UDP operates
- explain fragmentation and reassembly
- explain the purpose of CIDR and describe how it operates
- describe the purpose and function of the ICMP protocols and give examples of their use
- describe the purpose and function of the ARP protocol and state why it is required
- describe the purpose and use of the RARP protocol and its relationship to the BootP and DHCP protocols
- explain how a TCP/IP network can be installed, configured, tested, and managed
- explain how public/private key encryption techniques work
- describe the contents and use of a Digital Certificate
- state the purpose of the Secure Sockets Layer
- describe the principles of Firewalls
- describe the structure, operation and the addressing mechanisms used in a TCP/IP network
- list the major configuration steps involved in customising TCP/IP for z/OS and explain the Security Server customisation required in z/OS
- explain the purpose and use of Virtual IP addressing (VIPA) and explain how to code for both a static and dynamic VIPA configuration
- describe how to define devices to TCP/IP for z/OS and explain how to define the TCP/IP for z/OS host IP address(es)
- describe the purpose and customisation of the DATA data set
- define the host name, domain name and DNS information
- describe the purpose and use of the HOSTS file and the SERVICES data set
- explain the configuration of the TN3270 server and the SNA gateway and explain the VTAM configuration required to support the gateway
- implement a VTAM USS table for TN3270 users
- describe the operation and customisation of the FTP server and its major security features
- explain how to implement the TLS and SSL protocol technology to protect data exchanges between client and server applications.
- explain the operation and customisation of the SMTP server and the Routed server
- describe the purpose and use of the major MVS, TSO and USS commands
- explain how to start, stop and interpret a TCP/IP packet trace and a component trace
- describe in overview how SNMP is implemented on z/OS and list the steps involved in customising SNMP under z/OS
- describe how Digital Certificates can be implemented and used within z/OS and how various clients and servers use the certificates.
- explain how Digital Certificates are used in a policy-based z/OS environment
- explain the rules and policies used in the Policy Agent ( PAGENT) to dictate how users, applications and organizations access and use their IT resources
- understand how the PAGENT can be configued as a Central Policy Server
- explain how to implement IP Security
Who Should Attend
Systems Programmers and Network Administrators working in a z/OS environment.
Prerequisites
An understanding of the z/OS environment.
Duration
10 days
Fee (per attendee)
P.O.A.
This includes free online 24/7 access to course notes.
Hard copy course notes are available on request from rsmshop@rsm.co.uk
at £50.00 plus carriage per set.
Course Code
SNBC
Contents
SNA Introduction
What is SNA?; Pre-SNA networks; SNA hardware and software; SNA elements; Sessions; SNA layers; SNA message units; Session establishment sequence; Why APPN?; APPN node types; Resource registration; Resource location; LU-LU session activation; Locating resources.
Network Accessible Units
SNA Network Addressable Units (NAUs); SSCP/CP functions; PU types; Message flow; Address awareness; Subarea network addresses; APPN network address; Local addresses; Address conversion.
APPN/HPR in Detail
Introduction to APPN; APPN protocol; Base and Towers; SNA layer model; Why APPC?; APPC LU differences; Route calculation; APPN Class Of Service; APPN COS definition in VTAM; Transmission groups; Channel to Channel Adapters; Cross domain logon processing; PU Type 2.1; The Address Space Manager; APPN and the Boundary Function; Link Stations; APPN Node Services; Topology Database; Learning of Topology; Garbage Collection; HPR overview; The High Performance pouting principle; Rapid Transport Protocol; RTP Route Recovery; APPN/HPR options; Adaptive rate based pacing; ISTRTPNM; HPR only links.
Network Installation & Definition
Network planning; Network installation; MVS installation considerations; VM installation considerations; Network related datasets; VTAM start procedure; Structure of SYS1.VTAMLST; The ATCSTR00 member of SYS1.VTAMLST; The ATCCON00 member of SYS1.VTAMLST; Network definition - major & minor nodes.
SNA Sessions
Sessions and half-sessions; half session layers; session types; setup flows; initiation sequences; logon request processing; LU-LU session types.
APPN Message Structures
Message format and flow; RU categories; BIU structures; request header format; response header format; transmission header formats; additional TH fields; FID conversion.
Session Data Flow
The NAU layers; session profiles; session level pacing; adaptive session level pacing; request chaining; bracketing; Send/Receive modes; function management headers; BIND command.
Console Commands
The START command; The DISPLAY command; The VARY command; The MODIFY command; The HALT command.
Applications and Local Terminals
Applications and local terminals; Application programs; Local terminals; VTAM and application programs; The Application Major Node; TSO session establishment; VTAM and Local SNA terminals; The Local SNA Major Node; VTAM and Local non-SNA terminals; The Local non-SNA Major Node; VTAM and TCP/IP; The Application Major Node for TCP/IP; TN3270; Transport Resource List for MPC + TCPIP resources; Dynamic Models; Switched Major Nodes.
User-Coded Tables
Assembled Tables; Unformatted System Services (USS) logon procedure; Mode Tables; USS Tables; USSCMD macro format; USSPARM macro format; SNA/SCS message 10 example; SNA character set; Non-SNA/3270 message 10 example; 3270 commands and orders.
Path Control
Path control functions; boundary node path control; intermediate node path control; transmission groups; explicit routes; virtual routes; VR activation; route selection; virtual route pacing; FID4 TH header format; segmentation and PIU blocking.
Multi-Systems Networking Facility
MSNF terminology; Path control; Transmission groups; Explicit and virtual routes; The PATH statement; The Class of Service table (COS); Channel to Channel Adapters; Cross domain logon processing; Cross Domain Resource Managers; Dynamic CDRSC definitions; Cross Domain Resources; Adjacent SSCP Table.
Advanced Program to Program Communication
SAA: APPC and SAA; LU6.2 sessions; conversations and sessions; required information; mapped and basic conversations; APPC verbs; Generalised data stream; GDS variables. APPC Application Definitions in VTAMLST.
APPN
Why APPN?; APPN node types; Resource registration; Resource location; LU-LU session activation; Locating resources; Route calculation; APPN Class Of Service; APPN COS definition in VTAM; APPN route setup; APPN routing; High Performance Routing; APPN/HPR and SNA; APPN/HPR message formats; ANR operation; RTP features; RTP path switching; APPN and Subarea SNA; APPN definitions in ATCSTR00.
Using VTAM Generics and Multi Node Persistent Sessions
What is sysplex?; Not a new concept; So what's new?; 'Before' and 'after' sysplex; XCF sysplex requirements; Components of the XCF sysplex; Server Time Protocol; Clock synchronization techniques; XCF sysplex definitions; XCF sysplex services; Signalling and Status Monitoring services; Group services; The parallel sysplex; The parallel sysplex concept; Couple Data Sets; Planning CFRM - identification and structure size; VTAM generic resources; TSO generic resources.
Introduction to TCP/IP
What is TCP/IP?; why TCP/IP?; the growth of the Internet; internetworking principles; IP addressing: example, IP address and physical address; Internet domain names; Internet domain name hierarchy; TCP/IP protocols; common user applications; common system applications; the next generation.
TCP/IP Architecture
Protocol boundaries; port numbers; message formats; transport & network protocols; 'A Tale of Two Transports'; principles of IP routing; the structure of the Internet.
TCP/IP Applications
Client/Server applications; addressing the server; Berkeley sockets; a TCP communication; a UDP communication; the File Transfer Protocol application; using FTP; the Telnet application; using Telnet; the World Wide Web application; using the Web.
Transport Level Protocols
TCP and UDP compared; Transport Level Message formats; UDP datagram format; UDP checksum pseudo-header; UDP in action; TCP segment format; TCP checksum pseudo-header; connection setup and release; sequence numbers; segment acknowledgement; TCP reliability; TCP Sliding Windows; Sliding Windows in action; TCP Control Flags; TCP Segment Format; TCP Finite State Machine; establishing a TCP connection; TCP data transfer; TCP connection release.
Network Level Protocols
Resolving Internet domain names; the Network Level Protocols; IP services; IP address classes; subnetting principles; subnetting mechanism; subnetting in action; IP datagram format; fragmentation and reassembly; type of service; Time To Live; IP datagram format review; IP address space exhaustion; Classless Inter-Domain Routing: CIDR in action; Internet Control Message Protocol: ICMP message format, example ICMP messages; Address Resolution Protocol: ARP message format, ARP in action; Reverse Address Resolution Protocol: RARP in action, RARP message format; the Bootstrap Protocol: BootP message format, BootP in action, the problem with BootP; Dynamic Host Configuration Protocol: DHCP message format.
Networking Considerations
Setting up a TCP/IP host; network infrastructure; interconnection devices; TCP/IP addressing and naming; choosing names and addresses; security and privacy; firewalls and encryption; public key encryption: principles, capabilities; Digital Certificates; Secure Sockets Layer; Firewalls
Overview of TCP/IP on z/OS
TCP/IP for z/OS; TCP/IP access to SNA applications; How the gateway works; SNA access to TCP/IP applications; Communications Storage Manager; Device connectivity; Device attachments; Direct vs indirect attachment; Direct attachment problem; Virtual IP addressing - the solution; Sharing attachments across LPARs; UNIX Systems Services considerations.
TCP/IP for z/OS Installation
UNIX Systems Services prerequisites; Security Server prerequisites; Customisation procedure (Steps 1 through 8); z/OS customisation procedures; 'Must Have' reference manuals; 'Nice to Have' reference manuals.
TCP/IP for z/OS - Command Overview
Starting and stopping TCP/IP; commands: MODIFY, VARY, OBEYFILE, NETSTAT.
Profile Definitions
Required host information; customising the PROFILE dataset; PROFILE data set syntax; device interface properties; Statements that define an interface; DEVICE statement; LINK statement; defining LCS,defining CLAW devices; OSAs, Hipersockets and Channel Attached Routes; OSA diagnostic device; QDIO and non-QDIO; OSA Express CHPID definitions; Adding an OSA Control Unit and device; Adding OSAD device; Hipersockets ;Hipersockets definition; CHPID Type IQD;MTU sizes; Channel Attached Routers and Servers; Defining MPCPTP devices; Defining MPCIPA devices; HOME statement; INTERFACE - IPAQENET OSA-Express QDIO interfaces statement; Syntax for INTERFACE - IPAQENET OSA-Express QDIO; Syntax for INTERFACE -- IPAQIDIO HiperSockets interfaces statement; Virtual IP addressing - a reminder; defining VIPA devices using the VIRTUAL statement; Specifying the Source IP Address; Syntax for INTERFACE -- VIRTUAL interfaces statement; Examples of the INTERFACE statement for VIPA; The START statement; The routing statements; Subnetting - a reminder; Routing statements: GATEWAY, BEGINROUTES, BSDROUTINGPARMS; variable subnets and GATEWAY; variable subnets and BEGINROUTES; statements: VIPAs; Static VIPA; Dynamic VIPA; Dynamic VIPA - introduction; Dynamic VIPA takeover; Stack-managed DVIPA; Non-disruptive dynamic VIPA takeback; Application-specific DVIPA; IOCTL or Command-Activated DVIPA; Dynamic VIPA statements; MODDVIPA (EZBXFDVP) utility; TCPIP commands for Dynamic VIPAS in a Sysplex;Dynamic VIPA usage; When does the DVIPA move?; Distributed VIPA - introduction;Distributed VIPA statements; TCPIP commands for Distributed VIPAS in a Sysplex; Communication Paths in a Sysplex; DynamicXCF transport choices; IUTSAMEH; XCF Groups and their usage; Display XCF groups; Load balancing and availability; Sysplex Distributor; Sysplex Distributor and MNLB; Connection Optimizing DNS; Information flow overview; DNS/WLM registration; Single system IP perspective of the sysplex; TCPSTACKSOURCEVIPA / SYSPLEXPORTS; CFRM policy example; Enterprise Extender; z/OS services for SNA traffic; APPN parameters in startup options; Implementation considerations; TCP/IP implementation; IUTSAMEH; DYNAMICXCF; DYNAMICXCF & HiperSockets; Modifications to TCP/IP profile; Modifications to OSPF interface; Proof of initialisation of IUTSAMEH; VTAM implementation; Defining the XCA HPRIP major node; Defining model Major Nodes for EE connections and RTP pipes; Defining switched Pus for EE connections; operational statements.
Other Datasets Needed
Customising the DATA dataset; a ssociation with the TCP/IP stack; specifying the host name and domain name; specifying the name server parameters; A typical DATA dataset ; RESOLVER;RESOLVER procedure; RESOLVER files ;Resolver other statements; CINET GLOBALTCPIPDATA; TCPIP.DATA Search Order; The SITE dataset; The SERVICES file.
Server Customisation
Configurable servers;TN3270 customisation steps; updating the TN3270 started task JCL; TelnetGlobals statement;Reducing demand for ECSA storage; TELNETPARMS statement; updating the PORT statement; BEGINVTAM statement; VTAM application major node; defining a USS table; Identifying the USS table in the PROFILE dataset; other TN3270 profile statements; UNIX Telnet server operation; customising the INETD server; starting Inetd and Telnet; SSHD UNIX files; SSHD - Using ICSF and /dev/random);SSHD - Creating configuration files; SSHD - Creating SSHD server keys; SSHD - Set up SSHD server userids; SSHD - Create SSHD server started task; SSHD - TCP configuration; SSHD - Verify z/OS DNS / Resolver operation; FTP server in operation; FTPS and SFTP; Pros and cons of FTPS and SFTP; customising the FTP.DATA dataset; customising the PROFILE and SERVICES datasets for FTP; Starting FTP; SYSLOGD ;SYSLOGD -/dev/console and /dev/log ; SYSLOGD Create the syslog daemon configuration file; SYSLOGD Create empty syslog output file; SYSLOGD - Port and Services assignments ; SYSLOGD Started Task JCL; OMVS startup ;SYSLOGD RACF Definitions; operation and customisation of the ROUTED server; OMPROUTE; OMPROUTE - Configuration file; OMPROUTE Reserve the ports; OMPROUTE - Update the Resolver Configuration File; OMPROUTE - Started Task JCL; OMPROUTE Services Port Numbers; OMPROUTE - RACF defintions; OMPROUTE - SYSLOGD; OMPROUTE - Static Routes; OMPROUTE - Configure OSPF authentication; operation and customisation of the SMTP server; customising other servers.
RACF & Digital Certificates
Cryptography in Internet applications; Public key cryptography overview; What is a digital certificate?; Public key & certificate; Uses for certificates in applications; Secure Sockets Layer (SSL); Digital certificates and RACF; How RACF uses digital certificates; RACF classes & commands; RACF certification generation; RACDCERT command; Creating a certificate; Gencert examples; Key rings; Certification installation; RACDCERT ADD examples; Certification installation; Certificate management.
TCP/IP Security
Why secure the TCP/IP Network; Tasks that need protection with SERVAUTH Class; Policy Based Networking; SERVAUTH Resource Class responsibilities; SERVAUTH Resource Class; Protecting the TCPIP Stack; Protecting your Network Access; Application considerations when using NETACCESS; Using the NETSTAT and PING commands to check protection; Protecting your network ports; RACF definitions for protecting Network Ports; Using the NETSTAT command to check PORT access; Protecting the use of Socket Options; What are network commands; Protecting Network commands: z/OS TCPIP commands, Netstat and Onetstat commands, EZACMD REXX program; Protecting FTP access; Other FTP Profiles; Protecting TN3270 Secure Telnet Port; Protecting the MODDVIPA command; Introduction to Policy Based Networking; The Policy Agent; RACF and PAGENT; Other address spaces that will need RACF Profiles; Central Policy Server; SERVAUTH authorisation for Policy Client; Quality of Service; IP Filtering; IP Security; IKE protocols; CSFSERV resource class; Network Address Translation; Intrusion Detection Services; Application Transparent Transport Layer Security; TN3270 security; Secure FTP.
Problem Determination Considerations
Problem determination tools; The PING and OPING commands; The TRACERTE and the OTRACERT commands; TCP/IP SYSLOG output ; TCP/IP packet trace overview; Starting a packet trace; The external writer procedure; Stopping a packet trace; Analysing a packet trace with IPCS; Analysing a packet trace; Non-z/OS packet traces; TCP/IP component trace overview; Starting and stopping a component trace; Analysing a component trace via IPCS; Analysing a component trace; Other available traces; Packet trace.
Network Management Considerations
SNMP overview; SNMP in operation; The ASN 1 protocol; SNMP on z/OS; Basic SNMP Components; SNMP on z/OS; SNMP support on z/OS; Configuring SNMP on z/OS; Configuring the SNMP v1 & v2 agent; Configuring the SNMP v3 agent; The OSNMPD.DATA data set; Configuring the SNMP query engine; Configuring the SNMP manager.
Sample Definitions
Sample TCPIP.PROFILE data set; Sample TCPIP.DATA data set; Sample TCPIP.SERVICES data set; Sample Inted Configuration file; Sample FTP Configuration file; Sample ROUTED Configuration file; Sample SMPT Configuration file.