HP OpenVMS Systems

ask the wizard
Content starts here

DECnet Firewall? (SecurityGate)

» close window

The Question is:

DEC had a network product call SECURITY GATE that we use to allow DFS serving
 of disks to a offsite location and blocking of all other access from the
 offsite location to our system.  SECURITY GATE was last supported on a VAX
 running VMS V6.2.  Is there a
ny product HP or third party that will do the same job.  We would like to get
 rid of the last of our VAX's and go with Alpha's or Itanium computers but
 unless we can find a replacement for the VAX running the Security Gate
 Software we will have to keep it

The Answer is :

  DIGITAL SecurityGate product provides a simple DECnet firewall, with
  no IP capabilities and no particular packet filtering capabilities.
  The OpenVMS Wizard would tend to expect that DIGITAL SecurityGate would
  continue to operate on more recent OpenVMS VAX versions (running DECnet
  Phase IV), but this has likely not been tested and would very likely not
  be considered supported.
  For information on firewalls with DECnet filtering capabilities, please
  contact a router or firewall vendor.  Alternatively, the OpenVMS Wizard
  would encourage DFS operations over DECnet-Plus over IP, and the use of
  an IP firewall.  Or the use of a deliberately mis-configured DECnet
  Phase IV network, with a level one router deliberately located between
  two DECnet Phase IV area routers in violation of DECnet requirements,
  with all DECnet traffic requiring the so-called Poor Man's Routing (PMR)
  through the intermediate level one router system and that system's local
  security.  (PMR requires a sequence path of node names be specified, and
  this application requires that the intermediate level one DECnet router
  be hardened against access.)

answer written or last revised on ( 24-NOV-2003 )

» close window