********************************************************************** * ANR5530S ... Tivoli Storage Manager * ********************************************************************** * Licensed Materials - Property of IBM * * 5608-ISM * * (C) Copyright IBM Corp. 1990, 2006 * * All rights reserved. * * * * US Government Users Restricted Rights - Use, duplication * * or disclosure restricted by GSA ADP Schedule Contract * * with IBM Corp. * *--------------------------------------------------------------------* *--------------------------------------------------------------------* * ANR5530S contains information for accessing NEW secured FTP site * *--------------------------------------------------------------------* Synopsis: * PTF or Fixpack is no longer available from service2.boulder.ibm.com * New secured FTP server: testcase-yellow.boulder.ibm.com * tsm4mvs userid and password is usable with new secured FTP site. * Server access requires secure connection (e.g., https). * Directory structure slightly different. ------------------- IMPORTANT NOTE: Only SSL FTP or https browser access allowed with new FTP site. IBM supports a secured FTP server where you can find information on maintenance for TSM on z/OS and other related materials. The secured FTP site is: testcase-yellow.boulder.ibm.com Use the userid tsm4mvs and the password bit8byte Note: IBM security standards require FTP pw changes every 90 days. The following table outlines the likely password changes for each 90 period. If the password must change unexpectedly, like it has in the past after being exposed on a public forum, every effort will be made to use the password for the next pw change period. Oct 2006 - Dec 2006 bit8byte Jan 2007 - Mar 2007 tap3reel April 2007 - June 2007 col0kate July 2007 - Sept 2007 ate6pick Oct 2007 - Dec 2007 dbl7word Jan 2008 - Mar 2008 hyi9dens April 2008 - June 2008 for1tape July 2008 - Sept 2008 drv5five Oct 2008 - Dec 2008 bus4data Jan 2009 - Mar 2009 tag2cont April 2009 - June 2009 top8bits July 2009 - Sept 2009 one3file Oct 2009 - Dec 2009 ioh6resp Jan 2010 - Mar 2010 hot7swap The following syntax using a web browser will prompt for userid & pw. https://testcase-yellow.boulder.ibm.com fill the Name: with... tsm4mvs specify password: .... bit8byte Patch information for the Tivoli Storage Manager for z/OS server can be found in the following directory: fromibm/patches/v5r3/5.3.4.1 Be sure to use binary transfer with secured FTP. Useful Tip: While using https from a browser to access to testcase-yellow.boulder.ibm.com: first locate the patch or fixpack. It will have .bin file extension. Left click on the file options icon then right click on Download as: application/octet-stream This step is necessary to ensure the fixpack or ptf transfers in binary form. Subsequent FTP movement of PTF or Fixpack must occur as binary transfer. Readme material can be downloaded with ascii file transfer using secured FTP or select Download as: plain/text from the file options when using https. *--------------------------------------------------------------------* Detailed information on secure access. The FTP server is configured to support FTP over SSL/TLS using either Active or Passive FTP modes. However, since Active mode FTP may be disabled by network routers or firewalls by default, customers may have better success using Passive FTP mode. The server uses ports 65024 through 65535 for Passive FTP data connections. The server also supports use of the EPSV ALL FTP command as defined in IETF RFC 2428 FTP Extensions for IPv6 and NATs (http://www.ietf.org/rfc/rfc2428.txt). If supported by the FTP client, this may provide some benefit to customers using Network Address Translation (NAT) devices that also have support for it. The FTP server supports use of SSL version 2, SSL version 3 and TLS version 1. The server accepts both the AUTH SSL (depricated) and AUTH TL commands from the FTP client. The server's SSL certificate is signed by the Equifax Secure Certificate Authority (CA). If this CA is not in the list of trusted CAs for your secure FTP client, the root certificate may be obtained directly from http://www.geotrust.com/resources/root_certificates/index.htm. Note also that the server name specified in the certificate is testcase.boulder.ibm.com (and not testcase-yellow.boulder.ibm.com). Some client software will validate that the hostname of the server being accessed is the same as the name in the server certificate. Secure HTTP over SSL/TLS (HTTPS) HTTP over SSL/TLS (HTTPS) is the secure version of the HTTP protocol use on the World Wide Web. HTTPS uses the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocols to encrypt the session data. Th Secure File Transfer server supports file upload and download from a web browser using HTTPS. Note: Use of the HTTPS protocol requires explicit login to the Secure File Transfer service. It is not possible to directly link to Secure Fil Transfer files from another web page. It is important to note that some customers may experience difficulties using the FTPS protocol through their network infrastructures. Customers connect to IBM through a variety of firewalls, routers and ISPs that may perform Network Address Translation (NAT) and stateful inspection of FTP traffic flows. Customers may experience problems connecting to or using the server due to the way some network equipment handles FTPS flows. These issues are described in a draft IETF RFC entitled FTP/TLS Friendly Firewalls (http://www.ietf.org/internet-drafts/draft-fordh-ftp-ssl-firewall-07.txt . If necessary, customers should contact their local network support and network providers to determine how to best support FTPS within their environments. *--------------------------------------------------------------------* IBM recommends that you read the following README files before obtaining and implementing server maintenance: v53xy.ftp.readme.txt v53xy.readme.txt Patch information for the IBM Tivoli Storage Manager for z/OS server can be found in the following directory: fromibm/patches/v5r3 IBM recommends that you read the following README files before obtaining and implementing the server patch code: Note: With ITSM 5.3 product release, patches will be delivered in the form of ++APAR's. v53xy.ftp.readme.txt v53xy.readme.txt "x" and "y" are values that identify the level of the patch code.