IBM Tivoli Monitoring Version 6.1. Firewall Gateway Feature

Similar documents
Migrating Classifications with Migration Manager

Tivoli Access Manager for Enterprise Single Sign-On

iscsi Configuration Manager Version 2.0

Limitations and Workarounds Supplement

Tivoli Access Manager for Enterprise Single Sign-On

IBM Tivoli Directory Server Version 5.2 Client Readme

Networking Bootstrap Protocol

IBM Tivoli Monitoring for Databases. Release Notes. Version SC

Release Notes. IBM Tivoli Identity Manager Universal Provisioning Adapter. Version First Edition (June 14, 2010)

Integrated use of IBM WebSphere Adapter for Siebel and SAP with WPS Relationship Service. Quick Start Scenarios

IBM WebSphere Sample Adapter for Enterprise Information System Simulator Deployment and Testing on WPS 7.0. Quick Start Scenarios

Release Notes. IBM Tivoli Identity Manager Rational ClearQuest Adapter for TDI 7.0. Version First Edition (January 15, 2011)

Tivoli Access Manager for Enterprise Single Sign-On

Limitations and Workarounds Supplement

IBM License Metric Tool Enablement Guide

Release Notes. IBM Security Identity Manager GroupWise Adapter. Version First Edition (September 13, 2013)

Application and Database Protection in a VMware vsphere Environment

A Quick Look at IBM SmartCloud Monitoring. Author: Larry McWilliams, IBM Tivoli Integration of Competency Document Version 1, Update:

Using application properties in IBM Cúram Social Program Management JUnit tests

Platform LSF Version 9 Release 1.1. Migrating on Windows SC

Version 1.2 Tivoli Integrated Portal 2.2. Tivoli Integrated Portal Customization guide

IBM Operational Decision Manager Version 8 Release 5. Configuring Operational Decision Manager on Java SE

IBM emessage Version 8.x and higher. Account Startup Overview

Development tools System i5 Debugger

Tivoli Access Manager for Enterprise Single Sign-On

Build integration overview: Rational Team Concert and IBM UrbanCode Deploy

IBM Maximo for Service Providers Version 7 Release 6. Installation Guide

IBM Maximo for Aviation MRO Version 7 Release 6. Installation Guide IBM

Release Notes. IBM Tivoli Identity Manager Oracle PeopleTools Adapter. Version First Edition (May 29, 2009)

IBM Security QRadar Version Customizing the Right-Click Menu Technical Note

IBM Security QRadar Version Forwarding Logs Using Tail2Syslog Technical Note

Limitations and Workarounds Supplement

IBM Operations Analytics - Log Analysis: Network Manager Insight Pack Version 1 Release 4.1 GI IBM

IBM Directory Integrator 5.1.2: Readme Addendum

Release Notes. IBM Tivoli Identity Manager GroupWise Adapter. Version First Edition (September 13, 2013)

IBM Rational Synergy DCM-GUI

System i. Networking RouteD. Version 5 Release 4

Platform LSF Version 9 Release 1.3. Migrating on Windows SC

Lotus Forms Designer 3. What s New

Chapter 1. Fix Pack 0001 overview

IBM Spectrum LSF Process Manager Version 10 Release 1. Release Notes IBM GI

Proposal for a Tivoli Storage Manager Client system migration from Solaris with VxFS to Linux with GPFS or AIX with GPFS or JFS2

Netcool/Impact Version Release Notes GI

IBM Maximo Calibration Version 7 Release 5. Installation Guide

IBM Netcool/OMNIbus 8.1 Web GUI Event List: sending NodeClickedOn data using Netcool/Impact. Licensed Materials Property of IBM

IBM Endpoint Manager Version 9.1. Patch Management for Ubuntu User's Guide

Installing Watson Content Analytics 3.5 Fix Pack 1 on WebSphere Application Server Network Deployment 8.5.5

Patch Management for Solaris

Best practices. Starting and stopping IBM Platform Symphony Developer Edition on a two-host Microsoft Windows cluster. IBM Platform Symphony

IBM. Networking INETD. IBM i. Version 7.2

Version 9 Release 0. IBM i2 Analyst's Notebook Premium Configuration IBM

IBM Copy Services Manager Version 6 Release 1. Release Notes August 2016 IBM

IBM LoadLeveler Version 5 Release 1. Documentation Update: IBM LoadLeveler Version 5 Release 1 IBM

Version 9 Release 0. IBM i2 Analyst's Notebook Configuration IBM

IBM Directory Server 4.1 Release Notes

IBM Tivoli Identity Manager Authentication Manager (ACE) Adapter for Solaris

IBM Storage Driver for OpenStack Version Release Notes

IBM Tivoli Access Manager for Enterprise Single Sign-On: Authentication Adapter Version 6.00 September, 2006

IBM Maximo Spatial Asset Management Version 7 Release 6. Installation Guide IBM

Best practices. Reducing concurrent SIM connection requests to SSM for Windows IBM Platform Symphony

Release Notes. IBM Tivoli Identity Manager I5/OS Adapter. Version First Edition (January 9, 2012)

IBM. IBM i2 Enterprise Insight Analysis Understanding the Deployment Patterns. Version 2 Release 1 BA

IBM Tivoli OMEGAMON XE for R/3

Performance Tuning Guide

Tivoli Endpoint Manager for Patch Management - AIX. User s Guide

Getting Started with InfoSphere Streams Quick Start Edition (VMware)

Tivoli Access Manager for Enterprise Single Sign-On

Determining dependencies in Cúram data

IBM Cognos Dynamic Query Analyzer Version Installation and Configuration Guide IBM

Tivoli Access Manager for Enterprise Single Sign-On

Configuring IBM Rational Synergy to use HTTPS Protocol

Version 2 Release 1. IBM i2 Enterprise Insight Analysis Understanding the Deployment Patterns IBM BA

IBM. Release Notes November IBM Copy Services Manager. Version 6 Release 1

IBM Cloud Orchestrator. Content Pack for IBM Endpoint Manager for Software Distribution IBM

IBM Tivoli OMEGAMON DE for Distributed Systems

IBM VisualAge for Java,Version3.5. External Version Control

IBM Storage Management Pack for Microsoft System Center Operations Manager (SCOM) Version Release Notes

Performance Toolbox for AIX Version 3.1

Installation and User s Guide

Printing Systems Division. Infoprint Manager for AIX NLV Release Notes

Tivoli Switch Analyzer

IBM Geographically Dispersed Resiliency for Power Systems. Version Release Notes IBM

Printing Systems Division. Infoprint Manager for Windows NLV Release Notes

IBM. Tivoli Usage and Accounting Manager (ITUAM) Release Notes. Version GI

IBM UrbanCode Cloud Services Security Version 3.0 Revised 12/16/2016. IBM UrbanCode Cloud Services Security

IBM Optim. Compare Introduction. Version7Release3

IBM. Avoiding Inventory Synchronization Issues With UBA Technical Note

IBM Spectrum LSF Version 10 Release 1. Readme IBM

Netcool/OMNIbus Probe for Alcatel 5620 Logfile Version Reference Guide. July 25, 2008 IBM SC

IBM Operational Decision Manager. Version Sample deployment for Operational Decision Manager for z/os artifact migration

Version 4 Release 1. IBM i2 Enterprise Insight Analysis Data Model White Paper IBM

Release 6.2 Installation Guide

IBM FlashSystem V MTM 9846-AC3, 9848-AC3, 9846-AE2, 9848-AE2, F, F. Quick Start Guide IBM GI

Implementing IBM Easy Tier with IBM Real-time Compression IBM Redbooks Solution Guide

IBM Maximo Spatial Asset Management Version 7 Release 5. Installation Guide

IBM Rational Development and Test Environment for System z Version Release Letter GI

CONFIGURING SSO FOR FILENET P8 DOCUMENTS

IBM Integration Designer Version 8 Release 5. Hello World for WebSphere DataPower Appliance IBM

IBM Kenexa LCMS Premier on Cloud. Release Notes. Version 9.3

SMASH Proxy Version 1.0

Transcription:

IBM Tivoli Monitoring Version 6.1 Firewall Gateway Feature Copyright International Business Machines Corporation 2006. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

1. Introduction The Firewall Gateway feature in IBM Tivoli Monitoring V6.1 enables additional endto-end connectivity options for use in environments with specific TCP/IP connection management policies. Within this document the term upstream can best be defined in terms of the server and client relationship. Those entities that open a socket to listen for requests are at the upstream or server end. Those entities connecting to the server are at the downstream or client end. Using one or more relay configurations, logical connection requests flow from a listening downstream server proxy interface, and terminate in an outbound connection from an upstream client proxy interface to a listening server. Intermediate relay configurations consist of an upstream relay interface containing at least one downstream relay interface. The Firewall Gateway provides the following functionality: Gateway instances interoperate over a single physical relay connection. Logical connections are multiplexed over the relay. The origination direction of the relay connection is configurable to match enterprise firewall transit requirements. Relay support enables a logical connection to span multiple firewall zones. Each relay instance can optionally provide access to the upstream management network. Multiple relays can be chained to provide seamless hops across multiple zones. Proxy support provides a transparent interface to IBM Tivoli Monitoring V6.1 components. Server proxy components reside downstream and listen for inbound connections. Client proxy components reside upstream and make connections to services on behalf of downstream endpoints. All ports used by gateway instances are configurable. Port pooling is available to constrain client proxy connections to designated port values. Multiple failover addresses can be configured for all gateway connections. 2. Configuration The gateway component is configured through an XML document that specifies a set of zones, each of which contain at least one upstream interface with one or more imbedded downstream interfaces. 2.1. Activation The gateway feature can be activated within any IBM Tivoli Monitoring V6.1 process. However use must be limited to the host computer OS agent to prevent potential resource consumption conflicts with Tivoli Enterprise Monitoring Server (monitoring server) and Tivoli Enterprise Portal Server (portal server) processes.

The configuration variable KDE_GATEWAY is set to the XML configuration file name. A line of the form KDE_GATEWAY=filename must be added to the following configuration files, depending on your environment: On Windows computers, configuration variables for the Windows OS agent are located in the ITMHOME/tmaitm6/KNTENV file. On UNIX computers, configuration variables for the UNIX OS agent are located in the ITMHOME/config/ux.ini and ITMHOME/config/ux.config files. Add the entry to both files for reliable results. On Linux computers, configuration variables for the Linux OS agent are located in the ITMHOME/config/lz.ini and ITMHOME/config/lz.config files. Add the entry to both files for reliable results. After you make these changes, stop and restart the monitoring agents. 2.2. IPv4 Address Data IPv4 (Internet Protocol Version 4) addresses supplied as data to <bind> and <connection> tags can be in absolute dotted decimal or symbolic form. An addressspecific port number override can be specified following a trailing : (colon) character. 2.3. IPv6 Address Data IPv6 (Internet Protocol Version 6) addresses supplied as data to <bind> and <connection> tags can be in absolute uncompressed hexadecimal, absolute compressed hexadecimal, or symbolic form. Absolute hexadecimal expressions must be enclosed within ( and ) (parentheses) with 1-4 digit groups separated by : (colon). Compression of a run of 0 digits can occur at most once, and is indicated by :: (double colon). An address-specific port number override can be specified following a trailing : (colon); this specification is outside the parentheses that wrap an absolute address. 2.4. Configuration XML Document Structure Attributes are described on affected elements; default values for most attributes can be supplied on outer elements with noted exceptions. Document structure relationships between configuration XML elements are illustrated below:

2.4.1. <tepgwml:gateway xmlns:tepgwml= http://xml.schemas.ibm.com/tivoli/tep/kde/ > <zone> <interface> upstream interface <bind> <connection> </connection> </bind> <interface> downstream interface <bind> <connection> </connection </bind> </zone> <portpool> </portpool> </tepgwml:gateway> <gateway> A gateway element in the assigned namespace http://xml.schemas.ibm.com/tivoli/tep/kde/ contains configuration elements described within this document. The gateway XML processor semantically ignores valid XML until the container is opened, allowing for configuration documents to be imbedded in other documents. This element cannot contain data. 2.4.2. Attribute name The name attribute is required, cannot contain imbedded delimiters, and must begin with a non-numeric. This attribute is used to identify a specific gateway instance. This attribute cannot be inherited from an outer element. 2.4.3. Attribute threads The threads attribute specifies the number of worker threads in a general purpose thread pool. The specification must satisfy 1 <= value <= 256, and defaults to 32. Threads in this pool are shared by all defined zones, and are used only by interface startup logic, and to recover from outbound buffer exhaustion conditions. The default value is generally more than adequate. 2.5. <zone> A zone is a container of interfaces sharing communication resources. This element cannot contain data. 2.5.1. Attribute name The name attribute is required, cannot contain imbedded delimiters, and must begin with a non-numeric. This attribute is used to identify a specific zone instance. This attribute cannot be inherited from an outer element.

2.5.2. Attribute maxconn The maxconn attribute imposes an upper limit on the number of concurrent gateway connections within the zone. Each proxy physical connection and each logical connection crossing a relay interface consume this value. The specification must satisfy 8 <= value <= 4096, and defaults to 256. 2.5.3. Attribute bufsize The bufsize attribute sets the data buffer size within the zone. The specification must satisfy 256 <= value <= 16384, and defaults to 2048. 2.5.4. Attribute minbufs The minbufs attribute sets the minimum number of buffers in the zone buffer pool that are reserved for inbound traffic. The specification must satisfy 4 <= value <= 1024, and defaults to 64. 2.5.5. Attribute maxbufs The maxbufs attribute sets the maximum number of buffers in the zone buffer pool that are reserved for inbound traffic. The specification must satisfy minbufs <= value <- 2048, and defaults to 128. 2.6. <interface> An interface describes a set of network bindings that exhibit a fixed behavior according to a specified role, and based on whether it is defined as upstream, which means that the enclosing element is <zone>, or downstream where the enclosing element is <interface>. In all roles, logical connections arrive through one or more downstream interfaces, and are forwarded through the upstream interface. After a logical connection has been established end to end, data flow is full duplex. A valid configuration requires an upstream interface to contain at least one downstream interface. This element cannot contain data. 2.6.1. Attribute name The name attribute is required, cannot contain imbedded delimiters, and must begin with a non-numeric. This attribute is used to identify a specific interface instance. This attribute cannot be inherited from an outer element. 2.6.2. Attribute role The role attribute is required, and describes the behavior of network bindings contained within. The role attribute must be specified as proxy, listen, or connect. Downstream proxy interfaces represent local listening endpoints, and function as a server proxy. Upstream proxy interfaces represent local connecting endpoints, and function as a client proxy. Relay interfaces are assigned either listen or connect. No configuration restriction is made on the relay connection role other than peer relay connections must specify the opposite role. Relay connections are considered persistent, are initiated at gateway startup, and automatically restarted in the event of a network disruption.

2.7. <bind> A bind element represents connection resources on one or more local interfaces. When specified within interfaces that listen (downstream proxy, relay listen), they represent listening ports on local interfaces. For connect interfaces (upstream proxy, relay connect), they represent the local binding to be used for the outbound connection. Specific local interface addresses can be supplied as data; the default interface is any. 2.7.1. Attribute localport The localport attribute is required within listen interfaces, and is optional within connect interfaces. The value supplied can be either a number that satisfies 1 <= value <= 65535, or for connect based roles, can only contain the name of a portpool element defined within the gateway. 2.7.2. Attribute ipversion The ipversion attribute declares the address family to be used for activity within the tag scope. Valid values are 4 or 6, with a default of 4. 2.7.3. Attribute ssl The ssl attribute controls SSL (Secure Sockets Layer) negotiation for connections within the scope of this binding. When specified as yes, a successful negotiation is required before a connection is allowed on the gateway. The default value is no, meaning no SSL negotiation occurs on behalf of the gateway connection. Note that this does not restrict the conveyance of SSL streams across a gateway, only whether or not the gateway acts as one end of the SSL negotiation. When this operand is specified on a relay binding, it can be used to secure relay traffic, and must be specified on both ends of the relay connection. 2.7.4. Attribute service The service attribute is a character string used to represent a logical connection between client and server proxy interfaces. Each connection accepted by a server proxy must find an upstream client proxy connection with a matching service string. No value restrictions are imposed. 2.8. <connection> The connection tag is used to supply remote network interfaces as data. When applied to a listen mode binding, the connection tag represents the list of remote interface addresses that are allowed to make a connection, and is optional. This tag is required for connect mode bindings, and describes the remote end of the connection. Multiple addresses can be supplied for failover purposes. 2.8.1. Attribute remoteport The remoteport attribute supplies the default port number of remote interfaces described within this tag. The value supplied must satisfy 1 <= value <= 65535.

2.9. <portpool> The portpool tag is used to create a list of local port numbers to be used for outbound connections. Port numbers are supplied as data, and can be specified discretely or as a range expression separated by - (hyphen). Range expressions are limited to 1024 bytes to prevent syntax errors from resulting in larger ranges than expected. Multiple specifications of either form are allowed. 2.9.1. Attribute name The name attribute is required, cannot contain imbedded delimiters, and must begin with a non-numeric. This attribute is used to identify a specific portpool instance. This attribute cannot be inherited from an outer element, and is referenced by a localport attribute on a bind element. 3. Recommended Warehouse Proxy Configuration In order to ensure that the Warehouse Proxy listens at a fixed port number across the monitoring enterprise, please append the following configuration text to the KDC_FAMILIES configuration variable for the Warehouse Proxy. IP.PIPE SKIP:15 COUNT:1 The effect of this configuration change is to force the WHP to listen at the TEMS well known port number (default 1918) plus the quantity 4096 multiplied by 15. For example purposes, if the TEMS port is defaulted to 1918, this causes the WHP to listen at 63358. The following examples assume this recommendation has been implemented.

4. Example Firewall Scenario Assumptions Connections can only cross a firewall from the more trusted side to the less trusted side. Relay data crossing a zone will enter and leave on separate ports. The effects of NAT on cross zone addresses are not shown for clarity. NAT connections are fully supported, dynamic NAT connections may require that inbound connection verification be removed. This is accomplished by removal of the <connection> tag under the listening <bind>.

ITM 6.1 Three Hop Firewall Scenario Public Network DMZ2 Network DMZ1 Network Trusted Network 10.3.1/24 10.2.2/24 10.2.1/24 10.1.1/24 Relay TEMAG3 10.3.1.1 Proxy Firewall Relay TEMAG22 10.2.2.1 Proxy Firewall Relay TEMAG21 10.2.1.1 Proxy Firewall Relay TEMAG1 10.1.1.1 Proxy TEMS RMT3 10.3.1.2 IP.PIPE 1918 TEMS RMT22 10.2.2.2 IP.PIPE 1918 TEMS RMT21 10.2.1.2 IP.PIPE 1918 TEMS HUB 10.1.1.1 IP.PIPE 1918 TEMA3A 10.3.1.2 TEMA22A 10.2.2.2 TEMA21A 10.2.1.2 TEMA3B 10.3.1.3 TEMA22B 10.2.2.3 TEMA21B 10.2.1.3 TEMA1A 10.1.1.3 TEMA3C 10.3.1.4 TEMA3D 10.3.1.5 TEMA22C 10.2.2.4 TEMA22D 10.2.2.5 TEMA21C 10.2.1.4 TEMA21D 10.2.1.5 TEMA1B 10.1.1.4 TEMA1C 10.1.1.5 WHP 10.1.1.1 IP.PIPE 6014 Legend: IP.PIPE RELAY PROXY

Public Network Assumptions Gateway service configured as part of OS agent TEMAG3 on 10.3.1.1. TEMAG3 accepts a relay connection on port 10030 only from TEMAG22, port 10030. ITM components within this zone will contact the HUB and WHP server proxy ports 1918 and 6014 via the TEMAG3 interface address. Remote TEMS to reside on machine other than TEMAG3 to prevent port 1918 conflict.

TEMAG3 Gateway Configuration <tep:gateway xmlns:tep= http://xml.schemas.ibm.com/tivoli/tep/kde/ name= temag3 > <zone name= trusted > <interface name= uprelay ipversion= 4 role= listen > <bind localport= 10030 >10.3.1.1 <connection remoteport= 10030 >10.2.2.2</connection</bind> <interface name= serverproxy ipversion= 4 role= proxy > <bind localport= 1918 service= tems /> <bind localport= 6014 service= whp /> </zone> </tep:gateway> DMZ2 Network Assumptions Gateway service configured as part of OS agent TEMAG22 on 10.2.2.1. TEMAG22 originates a relay connection to TEMAG3 port 10030 using local port 10030. TEMAG22 accepts a relay connection on port 10022 only from TEMAG21, port 10022. ITM components within this zone will contact the HUB and WHP server proxy ports 1918 and 6014 via the TEMAG22 interface address. Remote TEMS to reside on machine other than TEMAG22 to prevent port 1918 conflict.

TEMAG22 Gateway Configuration <tep:gateway xmlns:tep= http://xml.schemas.ibm.com/tivoli/tep/kde/ name= temag22 > <zone name= dmz2 > <interface name= uprelay ipversion= 4 role= listen > <bind localport= 10022 >10.2.2.1 <connection remoteport= 10022 >10.2.1.2</connection </bind> <interface name= downrelay ipversion= 4 role= connect > <bind localport= 10030 >10.2.2.1 <connection remoteport= 10030 >10.3.1.1</connection> </bind> <interface name= serverproxy ipversion= 4 role= proxy > <bind localport= 1918 service= tems /> <bind localport= 6014 service= whp /> </zone> </tep:gateway> DMZ1 Network Assumptions Gateway service configured as part of OS agent TEMAG21 on 10.2.1.1. TEMAG21 originates a relay connection to TEMAG22 port 10022 using local port 10022. TEMAG21 accepts a relay connection on port 10021 only from TEMAG1, port 10021. ITM components within this zone will contact the HUB and WHP server proxy ports 1918 and 6014 via the TEMAG21 interface address. Remote TEMS to reside on machine other than TEMAG21 to prevent port 1918 conflict.

TEMAG21 Gateway Configuration <tep:gateway xmlns:tep= http://xml.schemas.ibm.com/tivoli/tep/kde/ name= temag21 > <zone name= dmz1 > <interface name= uprelay ipversion= 4 role= listen > <bind localport= 10021 >10.2.1.1 <connection remoteport= 10021 >10.1.1.1</connection </bind> <interface name= downrelay ipversion= 4 role= connect > <bind localport= 10022 >10.2.2.1 <connection remoteport= 10022 >10.2.2.1</connection> </bind> <interface name= serverproxy ipversion= 4 role= proxy > <bind localport= 1918 service= tems /> <bind localport= 6014 service= whp /> </zone> </tep:gateway>

Trusted Network Assumptions Gateway service configured as part of OS agent TEMAG1 on 10.1.1.1. TEMAG1 originates a relay connection to TEMAG21 port 10021 using local port 10021. TEMAG1 will make client proxy connections to HUB using ports in the range 20000-20099 TEMAG1 will make client proxy connections to WHP using ports in the range 20100-20199

TEMAG1 Gateway Configuration <tep:gateway xmlns:tep= http://xml.schemas.ibm.com/tivoli/tep/kde/ name= temag1 > <zone name= trusted > <interface name= clientproxy ipversion= 4 role= proxy > <bind localport= poolhub service= tems > <connection remoteport= 1918 >10.1.1.1</connection> </bind> <bind localport= poolwhp service= whp > <connection remoteport= 6014 >10.1.1.1</connection> </bind> <interface name= downrelay ipversion= 4 role= connect > <bind localport= 10021 >10.1.1.1 <connection remoteport= 10021 >10.2.1.1</connection> </bind> </zone> <portpool name= poolhub >20000-20099</portpool> <portpool name= poolwhp >20100-20199</portpool> </tep:gateway>

Notices This information was developed for products and services offered in the U.S.A. IBM cannot offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service can be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right can be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-ibm product, program, or service. IBM can have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not give you any license to these patents. You can send license inquiries, in writing, to: IBM Director of Licensing IBM Corporation North Castle Drive Armonk, NY 10504-1785 U.S.A. For license inquiries regarding double-byte (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to: IBM World Trade Asia Corporation Licensing 2-31 Roppongi 3-chome, Minato-ku Tokyo 106, Japan The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement might not apply to you. This information could include technical inaccuracies or typographical errors.

Changes are periodically made to the information herein; these changes is incorporated in new editions of the publication. IBM can make improvements and/or changes in the products and/or the programs described in this publication at any time without notice. Any references in this information to non-ibm Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk. IBM can use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you. Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should contact: IBM Corporation 2Z4A/101 11400 Burnet Road Austin, TX 78758 U.S.A. Such information can be available, subject to appropriate terms and conditions, including in some cases payment of a fee. The licensed program described in this document and all licensed material available for it are provided by IBM International Program License Agreement or any equivalent agreement between us. This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental. COPYRIGHT LICENSE: This information contains sample application programs in source language, which illustrate programming techniques on various operating systems. You can copy, modify, and distribute these sample programs in any form without payment to IBM, for the purposes of developing, using, marketing or distributing application programs conforming to the application programming interface for the operating system for which the sample programs are written. These examples have not been thoroughly tested under all conditions. IBM, therefore, cannot guarantee or imply reliability, serviceability, or function of these programs. You can copy, modify, and distribute these sample programs in any form without payment to IBM for the purposes of developing, using, marketing, or

distributing application programs conforming to IBM's application programming interfaces. If you are viewing this information in softcopy form, the photographs and color illustrations might not Web. Trademarks IBM, the IBM logo, Tivoli, and the Tivoli logo are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. Linux is a trademark of Linus Torvalds in the United States, other countries, or both. Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both. UNIX is a registered trademark of The Open Group in the United States and other countries. Other company, product, and service names may be trademarks or service marks of others.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback