As an alternative to a VPN connection through the Internet, the
HMC can be set up to use the file transfer protocol (FTP) for sending
error data to IBM. It is the customer's responsibility to provide
a secure path from the HMC to the destination server (testcase.software.ibm.com)
on the Internet. Usually this involves some kind of FTP proxy or relay
firewall. The HMC supports different types of FTP firewalls:
- type 1: Connect to firewall host, but send USER user
real host name.
- type 2: Connect to firewall, log in with USER fwuser and PASS
fwpassword, and then USER user real host name.
- type 3: Connect to and log in to firewall, and then use SITE
real.host.name, followed by the regular USER and PASS.
- type 4: Connect to and log in to firewall, and then use OPEN
real.host.name, followed by the regular USER and PASS.
- type 5: Connect to firewall host, but send USER user
[email protected] and PASS pass fwpass to
log in.
- type 6: Connect to firewall host, but send USER fwuser
real host name and PASS fwpass followed
by a regular USER user and 3PASS
pass to log in.
- type 7: Connect to firewall host, but send USER user
real host name fwuser and PASS pass followed
by ACCT fwpass to log in.
- type 8 : Connect to firewall host, but send USER user
real host name:port.
- type 9: Connect to firewall host, but send USER user
real host name port.
Connectivity using FTP is also required for downloading DS8000
codes packages from an internal IBM remote code repository on the
Internet. Although the FTP protocol by itself does not encrypt data,
a digital signature guarantees authenticity and integrity of DS8000
code packages.
Data transfer using the ftp command involves only the FTP client
on the HMC, connecting to a remote FTP server. There is no support
for inbound FTP sessions. On the HMC, all FTP servers are removed.
Regardless of the type of connectivity (VPN or FTP), no customer
data is ever transmitted to IBM.