IBM i Security Outgoing Processing

MFT Platform Server can be configured to allow the IBM i security system to determine whether transfer requests should be sent out by a particular user to a certain remote node system.

In the User Profile screen, the MFT Platform Server administrator can specify a certain local user in which gives the user security rights to send a transfer request to a particular remote node system and sign-on with a certain remote user name and password. MFT Platform Server can check the IBM i rights to determine if a transfer request should be allowed for a particular user or remote node name.

This example indicates the checking that might be performed for a transfer request.
  • A transfer request to a file by a user profile is detected and then a transfer request record is then created by the MFT Platform Server for IBM i. MFT Platform Server can determine the target user profile for the transfer request. If there is no user profile record found for the user profile, the transfer request is rejected.
  • The remote node name of the MFT Platform Server system that receives the transfer request is compared against the Node Configuration. If an entry is not defined for this remote node name, the transfer request is rejected.
  • The transfer request remote node IP Address of the MFT Platform Server system that is used to send out the request is invalid a remote network error occurs. Depending on the global parameter file configuration, the transfer request is suspended. Later the transfer request is activated and processed again. If a remote network error occurs again, the transfer request is rejected.
  • MFT Platform Server also utilizes the IBM i Security System to determine if the remote user profile name or password that was sent is invalid, if so the transfer request is rejected.