We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byAlexandra Bishop
Modified over 3 years ago
Enhancements for DistributedIBM Tivoli Workload Scheduler 8.2
Highlights Tivoli Technical ImperativesNetworking Security and Firewalls Object and Administration Security Execution Deadline Control Return Code Management and Processing Job Events Processing Workload Scheduler for Applications 2 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Tivoli Technical ImperativesInstallation Products are easy to install, compatible with each other Improve the percentage of successful first-time installs Manual steps are eliminated or automated Maintenance is simplified Serviceability Increase satisfaction by empowering customers with built-in troubleshooting techniques Problem resolution is efficient and accurate Data Warehouse Collect historical data from many Tivoli applications in one central place Correlate information from multiple applications when possible Enable enterprise-level reporting Provide out-of-the-box web-based reporting Presentation Consistency Tivoli products should have a similar look-and-feel for familiarity and ease-of-use of our products 3 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Networking and SecuritySSL Encryption and Authentication Network communication between ITWS systems can be configured to use SSL Full Firewall support ITWS will function even if an IP firewall exists between the FTA and its Domain Manager Increased functional security FTAs will share a security key with the Master Domain Manager so that an FTA cannot be linked by an unknown Master 4 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Secure Sockets Layer ProtocolSSL is based on a public-private keys methodology When using SSL, Connections are private. Encryption is used after an initial handshake to define a secret key. Symmetric cryptography is used for data encryption (DES, RC4, etc.) Peer identity can be authenticated using asymmetric, or public key, cryptography (RSA, DSS, etc.) The connection is reliable. Message transports include message integrity checks using a keyed MAC. Secure hash functions (SHA, MD5, etc.) are used for MAC computations 5 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
SSL Authentication and EncryptionSymphony Master Domain AIX Master Domain Manager Unencrypted communication DomainA DomainB SSL Encrypted communication AIX HPUX Domain Manager DMA Domain Manager DMB TWS for z/OS Plan distribution FTA1 FTA2 FTA3 FTA4 AIX Linux Windows 2000 Solaris 6 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
SSL and Workload SchedulerWorkload Scheduler will use SSL 3 Requires all workstations participating in SSL sessions to have X.509 certificate repositories containing certificates to be exchanged for establishing the SSL session to be installed locally Users can define which workstations will use SSL OpenSSL toolkit provides communication protocol and certification management on distributed systems OS/390 Cryptographic Services System SSL provides services between host and distributed platforms in end-to-end environments Complete certificate and PKI key management is outside the scope of this release Note: Export of cryptographic algorithms is restricted by regulation of the US government 7 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Firewall CompatibilityRemote administration commands will be routed through domain hierarchy (instead of Master Domain Manager attempting direct connection to down-level FTA for start, stop, and get stdlist) Workload Scheduler TCP/IP communication can be limited to specific port ranges (can also promote better use of systems with multiple NICs) Communication characteristics for port utilization, binding, connection establishment, etc. will be well documented 8 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Firewall Support After Before Master Domain DomainA DomainB SymphonyAIX Master Domain Manager Plan distribution and event management Before After IP Firewall DomainA DomainB Network management commands and job log retrieval AIX HPUX Domain Manager DMA Domain Manager DMB IP port (31111) TWS Plan distribution FTA1 FTA2 FTA3 FTA4 AIX Linux Windows 2000 Solaris 9 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Enhanced Security DistributionSymphony Master Domain MasterB Windows 2000 AIX Master Domain Manager Administrator creates secret key Makesec command inserts key into Security file Administrator distributes Security file to each TWS node Secret key is inserted into Symphony file by Jnextday Symphony’s key must match Security’s key before any links or commands are allowed Security Authorization Key DomainA DomainB AIX HPUX Domain Manager DMA Domain Manager DMB TWS for z/OS Plan distribution FTA1 FTA2 FTA3 FTA4 AIX Linux Windows 2000 Solaris 10 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Centralized Security Optional feature – current de-centralized security may be continued (for backwards compatibility) Prohibits other systems from connecting into an existing scheduling network Prohibits anyone from reconfiguring existing systems to increase their abilities A new keyed Security mechanism will be employed Security file may only be compiled on Master Domain Manager Security file contains encrypted checksum and is distributed to every FTA Symphony file will contain the same checksum Any link or command attempt will compare Symphony and Security checksums Command is denied if checksums do not match or Security file is removed 11 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Execution Deadline Each job or job stream can have a defined deadlineA job or job stream that has a defined deadline time which has expired before it has terminated will be considered “LATE” If a job has started and is still executing past its deadline, a notification is sent If a job has not started by its deadline, a notification is sent 12 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Enhanced “UNTIL” time Currently a Job or Job Stream with an expired UNTIL time will not be started A late job will have an optional attribute, “ON_UNTIL” with three possible values: SUPPR – Job is not launched, no condition changed (current behavior) CONT – the Job or Job Stream will be started anyway when the dependencies are met CANC – the Job or Job Stream will be cancelled when it has not started and the UNTIL time expires 13 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Return Code ManagementEach job definition will have user-defined criteria defining which return code(s) represent a successful job The “Success Condition” field can be a combination of comparison operators and logical operators Example “RC = 2 OR ((RC >= 6 AND RC < 18) AND (RC != 12))” Each job’s return code will be sent back to the Symphony The return code will be seen on conman “SHOWJOBS” command and in the GUI 14 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Return Code ProcessingThe Return Code for each job is stored in the stdlist, and the Symphony file The jobinfo command will be enhanced to be able to retrieve the return code of any previous job A new environment variable will be sent through JOBMON to recovery jobs representing the return code of the abended job The Return Code will be represented in the “event.log” file (usually processed by Tivoli Enterprise Console) and events passed to Tivoli Business Systems Manager 15 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Example use of Return Code AnalysisJOB1 JOB2 Branch-JOB Dependency on JOB1 & JOB2 Reads return code of JOB1 and JOB2 using “jobinfo” Makes decision to run JOB3 or JOB4 based on status of JOB1 or JOB2 Cancels job not selected Branch-JOB JOB3 JOB4 16 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Job Events Processing EnhancementsNew events regarding job state changes will be sent to the event.log file Currently, events are sent for 101: Job Abend 102: Job Failed 103: Job Launched 104: Job Done 105: Job Suspended (UNTIL) New rules for Enterprise Console will be provided New optional events will be added showing each state change 106: Job Submitted 107: Job Canceled 108: Job Ready 109: Job put on Hold 110: Job Restarted 111: Job Failed 112: Job Successful Pending 113: Job External 114: Job in Intro 115: Job STUCK 116: Job in Wait 117: Job Deferred 118: Job Scheduled 17 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Workload Scheduler for ApplicationsUpdated x-agent for R/3 Support for new releases of R/3 Support for SAP Business Warehouse Show picklists of Infopackage Jobs to schedule Select and/or override attributes of the selected jobs Updated x-agent for PeopleSoft Support for PeopleSoft 8 Supports PeopleSoft report distributions Runs on Windows 2000 and UNIX X-agent for Oracle E-Business Suite Support for 10.x, 11.i 18 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Enhancements for DistributedIBM Tivoli Workload Scheduler 8.2
IBM Software Group © 2004 IBM Corporation MQ Security.
© 2012 IBM Corporation Tivoli Workload Automation Informatica Power Center.
Click to add text SAP XBP 3.0 exploitation TWS Education + Training.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Citrix Secure Gateway v1.1 Technical Presentation August 2002 Technical Presentation August 2002.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
What’s New in Fireware v11.9.5
Hands-On Microsoft Windows Server 2008
Configuring Directory Certificate Services Lesson 13.
© 2012 IBM Corporation Tivoli Workload Scheduler for Applications PeopleSoft Integration Marco Borgianni.
Encrypting Wireless Data with VPN Techniques
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Creating and Managing Digital Certificates Chapter Eleven.
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
Introduction to Secure Sockets Layer (SSL) Protocol Based on: https://developer.mozilla.org/En/Introduction_to_SSL#The_SSL_Protocol.
Maintaining Network Health. Active Directory Certificate Services Public Key Infrastructure (PKI) Provides assurance that you are communicating with the.
Introduction to z/OS Security Lesson 4: There’s more to it than RACF
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Heroix Longitude - multiplatform, automated application performance monitoring and management software.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats – integrity – confidentiality.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
1 Cryptography CSS 329 Lecture 13:SSL. 2 Lecture Outline SSL/TLS.
CSCI 6962: Server-side Design and Programming
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Using Encryption with Microsoft SQL Server 2000 Kevin McDonnell Technical Lead SQL Server Support Microsoft Corporation.
Cryptography and Network Security (SSL)
Java Security CS-328. JDK 1.0 Security Model Sandbox Java Virtual Machine Local Code Remote Code Local Host System Resources (File System, Sockets, Printers…)
BMC Control-M Architecture By Shaikh Ilyas
What’s New in Fireware XTM
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Technical Presentation AIAC Group 11. System Rationale System Architecture Secure Channel Establishment Username/Password Cartão Cidadão Digital.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Unit 2 Personal Cyber Security and Social Engineering Part 2.
What’s New in Fireware XTM v11.3.4
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 13: Administering Web Resources.
TWSd - Security Workshop Part I of III T302 Tuesday, 4/20/2010 TWS Distributed & Mainframe User Education April 18-21, 2010 Carefree Resort Carefree,
1 Guide to Novell NetWare 6.0 Network Administration Chapter 11.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
APACHE Apache is generally recognized as the world's most popular Web server (HTTP server). Originally designed for Unix servers, the Apache Web server.
© 2017 SlidePlayer.com Inc. All rights reserved.