[prev in list] [next in list] [prev in thread] [next in thread] 

List:       racf-l
Subject:    Re: AWS servers
From:       Joel Tilton <jtilton012 () GMAIL ! COM>
Date:       2020-08-20 15:31:57
Message-ID: CABZrbHYyjt2r7dyQ-37gtO+0o1iJCBugP6Ar57nHz9bX+g-9Nw () mail ! gmail ! com
[Download RAW message or body]

I have done it.
And it's wise from a secuirty perspective.

Just exactly the whole purpose of netaccess profiles.
To assign identity to inbound and outbound IP connections so that racf has
final control over who can send and receive data over that IP interface.

It takes updating of netaccess statements in sys1.tcpip.profile
That's where a Saf name is coded

And then you will need to build out the web.netaccess.*.*.safname profile
with an appropriate acces list

Hope that helps
Joel

On Thu, Aug 20, 2020 at 11:22 Doug Fann <
00000aa5365e2c1c-dmarc-request@listserv.uga.edu> wrote:

> Hello,
>
> Are any of you whitelisting AWS servers in your servauth class? We want to
> do it but our network team thinks they are out scope. Your opinions.
>
>
>
>
>
> Thanks,
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> ----------------------------------------------------------------------
>
>
>
>
>
> ----------------------------------------- This message, and any
> attachments to it, may contain information that is privileged,
> confidential, and exempt from disclosure under applicable law. If the
> reader of this message is not the intended recipient, you are notified that
> any use, dissemination, distribution, copying, or communication of this
> message is strictly prohibited. If you have received this message in error,
> please notify the sender immediately by return e-mail and delete the
> message and any attachments. Thank you.
>
> --
Joel Tilton Sent from Gmail Mobile Please excuse any typos. This e-mail is
confidential and the information contained in it is privileged. It should
not be read, copied or used by anyone other than the intended recipient. If
you have received it in error, please contact the sender immediately by
return email, and delete the e-mail and do not disclose its contents to any
person.
[prev in list] [next in list] [prev in thread] [next in thread]