Security and Genie
Posted: Wed Mar 18, 2009 2:22 pm
Question:
I am currently evaluating the software, but concerned about a security issue. Will opening the port leave my system vulnerable to outside intrusion once I start using the system?
Answer:
Setting up Genie to use port 460 (the default) will not make the system vulnerable to outside intrusion. Genie does not (and in fact can not) make iSeries ports available outside the LAN -- this can only be done through the router/firewall by networking personnel at your location. Genie will only be available to users inside the LAN unless the firewall is purposely reconfigured by your networking personnel to allow outside access to the iSeries on port 460.
So, only internal LAN users will be able to access Genie. Those users will need a valid OS/400 profile and password to sign in, and will only have authority to do the things they normally can do under standard OS/400 security.
From a security standpoint, you can think of Genie as just another 5250 emulation package that you are giving to your users. It will not enable them to do anything other than what they can normally do, and it certainly can not effect your existing firewall configuration and/or security procedures -- just as security would not be changed if you introduced another 5250 emulation package such as Rumba, MochaSoft, etc.
I am currently evaluating the software, but concerned about a security issue. Will opening the port leave my system vulnerable to outside intrusion once I start using the system?
Answer:
Setting up Genie to use port 460 (the default) will not make the system vulnerable to outside intrusion. Genie does not (and in fact can not) make iSeries ports available outside the LAN -- this can only be done through the router/firewall by networking personnel at your location. Genie will only be available to users inside the LAN unless the firewall is purposely reconfigured by your networking personnel to allow outside access to the iSeries on port 460.
So, only internal LAN users will be able to access Genie. Those users will need a valid OS/400 profile and password to sign in, and will only have authority to do the things they normally can do under standard OS/400 security.
From a security standpoint, you can think of Genie as just another 5250 emulation package that you are giving to your users. It will not enable them to do anything other than what they can normally do, and it certainly can not effect your existing firewall configuration and/or security procedures -- just as security would not be changed if you introduced another 5250 emulation package such as Rumba, MochaSoft, etc.