Process D2000 SAS is a client process of D2000 system. Basically, it is a gate to application
server (computer with running process
D2000 Server) for defined types of processes. It may be used to
ensure the maximum data network security and prevent the application server from "possible attacks".
Practically, it is performed either by means of computer containing two network interfaces and corresponding
software that routes the communication between the interfaces or by using a specialized device - router.
Example:
There are two separated networks A and B.
Network A is technological and is accessible for limited number of users. We can call it "secure network".
Network B is enterprise network and comprises all computers in the enterprise and often directly or indirectly
accesses Internet.
During implementation of D2000 system, ordinary processes are included in the technological network (A) and
user's consoles (e.g.
D2000 HI) are included in the enterprise network (B). And this poses a
problem - connecting user's consoles to the application server of D2000 system.
The problem may be solved by means of process D2000 SAS, that is running on the computer with two
network cards. One card is connected to network A and the other to network B.
The operating system facilities or appropriate software allows users to disable all services (TCP/IP ports)
accessible from network B except for the port 3119 - which allows network B clients to be connected
via process D2000 SAS. The port can be changed by using the parameter /LISTEN:<portNr>
directly in the command line of process D2000 SAS. Then it is necessary to run all the client
processes that connect to process D2000 SAS with the start parameter
/P) and corresponding number of port.
Process D2000 SAS represents a server for client processes.
Note: For D2000 systems on the OpenVMS platform, the TaskPool parameter - Sas.TaskPoolClientUser - must be specified.
Related pages:
Pridať komentár