We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byAlexandra Bishop
Modified over 4 years ago
Enhancements for DistributedIBM Tivoli Workload Scheduler 8.2
Highlights Tivoli Technical ImperativesNetworking Security and Firewalls Object and Administration Security Execution Deadline Control Return Code Management and Processing Job Events Processing Workload Scheduler for Applications 2 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Tivoli Technical ImperativesInstallation Products are easy to install, compatible with each other Improve the percentage of successful first-time installs Manual steps are eliminated or automated Maintenance is simplified Serviceability Increase satisfaction by empowering customers with built-in troubleshooting techniques Problem resolution is efficient and accurate Data Warehouse Collect historical data from many Tivoli applications in one central place Correlate information from multiple applications when possible Enable enterprise-level reporting Provide out-of-the-box web-based reporting Presentation Consistency Tivoli products should have a similar look-and-feel for familiarity and ease-of-use of our products 3 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Networking and SecuritySSL Encryption and Authentication Network communication between ITWS systems can be configured to use SSL Full Firewall support ITWS will function even if an IP firewall exists between the FTA and its Domain Manager Increased functional security FTAs will share a security key with the Master Domain Manager so that an FTA cannot be linked by an unknown Master 4 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Secure Sockets Layer ProtocolSSL is based on a public-private keys methodology When using SSL, Connections are private. Encryption is used after an initial handshake to define a secret key. Symmetric cryptography is used for data encryption (DES, RC4, etc.) Peer identity can be authenticated using asymmetric, or public key, cryptography (RSA, DSS, etc.) The connection is reliable. Message transports include message integrity checks using a keyed MAC. Secure hash functions (SHA, MD5, etc.) are used for MAC computations 5 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
SSL Authentication and EncryptionSymphony Master Domain AIX Master Domain Manager Unencrypted communication DomainA DomainB SSL Encrypted communication AIX HPUX Domain Manager DMA Domain Manager DMB TWS for z/OS Plan distribution FTA1 FTA2 FTA3 FTA4 AIX Linux Windows 2000 Solaris 6 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
SSL and Workload SchedulerWorkload Scheduler will use SSL 3 Requires all workstations participating in SSL sessions to have X.509 certificate repositories containing certificates to be exchanged for establishing the SSL session to be installed locally Users can define which workstations will use SSL OpenSSL toolkit provides communication protocol and certification management on distributed systems OS/390 Cryptographic Services System SSL provides services between host and distributed platforms in end-to-end environments Complete certificate and PKI key management is outside the scope of this release Note: Export of cryptographic algorithms is restricted by regulation of the US government 7 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Firewall CompatibilityRemote administration commands will be routed through domain hierarchy (instead of Master Domain Manager attempting direct connection to down-level FTA for start, stop, and get stdlist) Workload Scheduler TCP/IP communication can be limited to specific port ranges (can also promote better use of systems with multiple NICs) Communication characteristics for port utilization, binding, connection establishment, etc. will be well documented 8 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Firewall Support After Before Master Domain DomainA DomainB SymphonyAIX Master Domain Manager Plan distribution and event management Before After IP Firewall DomainA DomainB Network management commands and job log retrieval AIX HPUX Domain Manager DMA Domain Manager DMB IP port (31111) TWS Plan distribution FTA1 FTA2 FTA3 FTA4 AIX Linux Windows 2000 Solaris 9 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Enhanced Security DistributionSymphony Master Domain MasterB Windows 2000 AIX Master Domain Manager Administrator creates secret key Makesec command inserts key into Security file Administrator distributes Security file to each TWS node Secret key is inserted into Symphony file by Jnextday Symphony’s key must match Security’s key before any links or commands are allowed Security Authorization Key DomainA DomainB AIX HPUX Domain Manager DMA Domain Manager DMB TWS for z/OS Plan distribution FTA1 FTA2 FTA3 FTA4 AIX Linux Windows 2000 Solaris 10 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Centralized Security Optional feature – current de-centralized security may be continued (for backwards compatibility) Prohibits other systems from connecting into an existing scheduling network Prohibits anyone from reconfiguring existing systems to increase their abilities A new keyed Security mechanism will be employed Security file may only be compiled on Master Domain Manager Security file contains encrypted checksum and is distributed to every FTA Symphony file will contain the same checksum Any link or command attempt will compare Symphony and Security checksums Command is denied if checksums do not match or Security file is removed 11 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Execution Deadline Each job or job stream can have a defined deadlineA job or job stream that has a defined deadline time which has expired before it has terminated will be considered “LATE” If a job has started and is still executing past its deadline, a notification is sent If a job has not started by its deadline, a notification is sent 12 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Enhanced “UNTIL” time Currently a Job or Job Stream with an expired UNTIL time will not be started A late job will have an optional attribute, “ON_UNTIL” with three possible values: SUPPR – Job is not launched, no condition changed (current behavior) CONT – the Job or Job Stream will be started anyway when the dependencies are met CANC – the Job or Job Stream will be cancelled when it has not started and the UNTIL time expires 13 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Return Code ManagementEach job definition will have user-defined criteria defining which return code(s) represent a successful job The “Success Condition” field can be a combination of comparison operators and logical operators Example “RC = 2 OR ((RC >= 6 AND RC < 18) AND (RC != 12))” Each job’s return code will be sent back to the Symphony The return code will be seen on conman “SHOWJOBS” command and in the GUI 14 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Return Code ProcessingThe Return Code for each job is stored in the stdlist, and the Symphony file The jobinfo command will be enhanced to be able to retrieve the return code of any previous job A new environment variable will be sent through JOBMON to recovery jobs representing the return code of the abended job The Return Code will be represented in the “event.log” file (usually processed by Tivoli Enterprise Console) and events passed to Tivoli Business Systems Manager 15 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Example use of Return Code AnalysisJOB1 JOB2 Branch-JOB Dependency on JOB1 & JOB2 Reads return code of JOB1 and JOB2 using “jobinfo” Makes decision to run JOB3 or JOB4 based on status of JOB1 or JOB2 Cancels job not selected Branch-JOB JOB3 JOB4 16 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Job Events Processing EnhancementsNew events regarding job state changes will be sent to the event.log file Currently, events are sent for 101: Job Abend 102: Job Failed 103: Job Launched 104: Job Done 105: Job Suspended (UNTIL) New rules for Enterprise Console will be provided New optional events will be added showing each state change 106: Job Submitted 107: Job Canceled 108: Job Ready 109: Job put on Hold 110: Job Restarted 111: Job Failed 112: Job Successful Pending 113: Job External 114: Job in Intro 115: Job STUCK 116: Job in Wait 117: Job Deferred 118: Job Scheduled 17 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Workload Scheduler for ApplicationsUpdated x-agent for R/3 Support for new releases of R/3 Support for SAP Business Warehouse Show picklists of Infopackage Jobs to schedule Select and/or override attributes of the selected jobs Updated x-agent for PeopleSoft Support for PeopleSoft 8 Supports PeopleSoft report distributions Runs on Windows 2000 and UNIX X-agent for Oracle E-Business Suite Support for 10.x, 11.i 18 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002
Enhancements for DistributedIBM Tivoli Workload Scheduler 8.2
What’s New in Fireware XTM
What’s New in Fireware XTM v11.3.4
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Encrypting Wireless Data with VPN Techniques
Technical Presentation AIAC Group 11. System Rationale System Architecture Secure Channel Establishment Username/Password Cartão Cidadão Digital.
Heroix Longitude - multiplatform, automated application performance monitoring and management software.
Copyright © Open Text Corporation. All rights reserved. Slide 1 Automatic Routing With Captaris FaxPress and FaxPress Premier Darin McGinnes Sales Engineer.
Citrix Secure Gateway v1.1 Technical Presentation August 2002 Technical Presentation August 2002.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
IBM Software Group © 2004 IBM Corporation MQ Security.
Introduction to z/OS Security Lesson 4: There’s more to it than RACF
Chapter 17: WEB COMPONENTS
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Secure Socket Layer.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Java Security CS-328. JDK 1.0 Security Model Sandbox Java Virtual Machine Local Code Remote Code Local Host System Resources (File System, Sockets, Printers…)
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 13: Administering Web Resources.
® IBM Software Group © 2010 IBM Corporation Marco Borgianni May 9-12, 2006 IBM Tivoli Workload Scheduler for Applications.
© 2018 SlidePlayer.com Inc. All rights reserved.