|
Mark, I'm not picking on you, it's just your post, after all the others, that I decided to jump in on the discussion. IMHO, this becomes one of the "it depends" kind of situations. Let's say that you have an indeterminate number of casual users accessing your AS/400 via Telnet to look up information. I say let them look. They become a QP* user. Now you may have a finite number of users who actually -change- information. In this case the Telnet client must provide a named device and only they may pass muster to execute certain command/program calls. It does not have to be a case of either/or it can be both. Named devices can do some things, virtual devices can do less. As far as turning off virtual device creation, let the system create as many devices as performance will allow then turn it off. If your system can only handle x number of users, why let it create and allow 2x? With the appropriate exit programs in place a security admin only needs to concern themselves with the named devices. It depends on the purpose of the system and the applications being run. BTW, keeping track of who gets in is the system admin.'s job. In some cases it's a big job. Oh, I almost forgot, it is their decision. "M. Lazarus" wrote: > > Chuck, > > At 10/18/00 04:12 PM -0500, you wrote: > >WHY would you have a need for 100 virtual devices (rather than named > >devices that > >you can keep an eye on) ? > > I was using an arbitrarily low number to make the point, but in reality > there can easily be 1,000 or more users, each w/ 2 or 3 sessions. What > real advantage is there to assign the system administrator another > task? Unless you're in a high security environment I think that named > devices provide little advantage in the way of security and much in the way > of administrative overhead. > +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.