Hitachi

JP1 Version 12 JP1/Automatic Job Management System 3 Overview

7.3 Settings for restricting connection to JP1/AJS3

Restricting the hosts that are able to connect to JP1/AJS3 is called a connection source restriction. You can restrict connection to JP1/AJS3 - Manager or JP1/AJS3 - Agent to protect against operations or job execution from unauthorized hosts.

To use the connection source restriction function, in the connection permission configuration file, specify the IP address of a host whose connection you want to permit. There are two types of connection permission configuration file: the manager connection permission configuration file and the agent connection permission configuration file.

The following are examples of restricting connection to JP1/AJS3 - Manager and restricting connection to JP1/AJS3 - Agent.

Example of restricting connection to JP1/AJS3 - Manager

To permit connection in JP1/AJS3 - Manager for a login request from JP1/AJS3 - View, or to permit a request to execute a remote jobnet from another JP1/AJS3 - Manager, in the manager connection permission configuration file, specify both the IP address of the host whose connection to JP1/AJS3 - Manager you want to permit and the IP address of the local host. These operations allow you to restrict connection from any host that does not have the specified IP address. Make sure that you specify the IP address of the local host. If you do not do this, the JP1/AJS3 service will not be able to start.

The following figure shows an example of restricting connection to JP1/AJS3 - Manager.

Figure 7‒5: Example of restricting connection to JP1/AJS3 - Manager

[Figure]

In the above figure, the IP address (192.168.31.1) of the host for which connection is permitted and the IP address (192.168.31.4) of the local host are specified in the manager connection permission configuration file. In this case, login or remote jobnet execution cannot be performed from a host whose IP address is not 192.168.31.1.

To restrict connection for a request to execute a job in JP1/AJS3 - Manager, in the agent connection permission configuration file, specify the IP address of the host whose connection you want to permit and the IP address of the local host. Make sure that you specify the IP address of the local host. If you do not do this, it will not be possible to execute a passing information setting job.

The following figure shows an example of restricting connection for a job execution request in JP1/AJS3 - Manager.

Figure 7‒6: Example of restricting connection for a job execution request in JP1/AJS3 - Manager

[Figure]

In the above figure, the IP address (192.168.31.1) of the host for which connection is permitted and the IP address (192.168.31.2) of the local host are specified in the agent connection permission configuration file. In this case, a job cannot be executed from any host that is not the local host or the host whose IP address is 192.168.31.1.

Example of restricting connection to JP1/AJS3 - Agent

When you permit connection in JP1/AJS3 - Agent for a job execution request from JP1/AJS3 - Manager, in the agent connection permission configuration file, specify the IP address of the host whose connection to JP1/AJS3 - Agent you want to permit. This operation allows you to restrict connection from any host that does not have the specified IP address. In contrast to JP1/AJS3 - Manager, you do not need to specify the IP address of the local host in JP1/AJS3 - Agent.

The following figure shows an example of restricting connection to JP1/AJS3 - Agent.

Figure 7‒7: Example of restricting connection to JP1/AJS3 - Agent

[Figure]

In the above figure, the IP address (192.168.31.1) of the host for which connection is permitted is specified in the agent connection permission configuration file. In this case, a job cannot be executed from any host whose IP address is not 192.168.31.1.

For details about the connection source restriction function, see 2.3.9 Restricting hosts that can access JP1/AJS3 in the JP1/Automatic Job Management System 3 System Design (Configuration) Guide.

For details about how to set the connection source restriction function, see 21.2 Restricting connections to JP1/AJS3 in the JP1/Automatic Job Management System 3 Configuration Guide.

To Page Top

Copyright (C) 2019, 2022, Hitachi, Ltd.

Copyright (C) 2019, 2022, Hitachi Solutions, Ltd.